Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Winsock/LocalAppdata - Infected


  • This topic is locked This topic is locked
11 replies to this topic

#1 wuffle-waffle

wuffle-waffle

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 25 July 2014 - 08:50 AM

I am having some weird issues with my computer lately involving speed and my browser. I ran combofix and this came up.
 
*---------------// Combofix Report //---------------*
ComboFix 14-07-25.01 - XXXX 07/25/2014   5:47.22.3 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8191.5452 [GMT -7:00]
Running from: c:\users\XXXX\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\XXXX\AppData\Local\Temp\_MEI31562\_ctypes.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\_elementtree.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\_hashlib.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\_multiprocessing.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\_socket.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\_ssl.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\hashobjs_ext.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\pyexpat.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\pysqlite2._sqlite.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\python27.dll
c:\users\XXXX\AppData\Local\Temp\_MEI31562\pythoncom27.dll
c:\users\XXXX\AppData\Local\Temp\_MEI31562\PyWinTypes27.dll
c:\users\XXXX\AppData\Local\Temp\_MEI31562\select.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\unicodedata.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32api.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32com.shell.shell.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32crypt.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32event.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32file.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32gui.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32inet.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32pdh.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32pipe.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32process.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32profile.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32security.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\win32ts.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\windows._lib_cacheinvalidation.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wx._animate.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wx._controls_.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wx._core_.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wx._gdi_.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wx._html2.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wx._misc_.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wx._windows_.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wx._wizard.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wxbase294u_net_vc90.dll
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wxbase294u_vc90.dll
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wxmsw294u_adv_vc90.dll
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wxmsw294u_core_vc90.dll
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wxmsw294u_html_vc90.dll
c:\users\XXXX\AppData\Local\Temp\_MEI31562\wxmsw294u_webview_vc90.dll
.
---- Previous Run -------
.
c:\users\XXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\{0ED797F2-4AF7-4779-BCD4-F9FCDC51E95F}.xps
c:\users\XXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\{6FDECA39-EF78-4D55-9CC5-E5D86FA5DE13}.xps
c:\users\XXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\{8A5C85A6-6580-4D55-9EA6-A111252D9221}.xps
c:\users\XXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\{98761FD1-9740-4FF2-872E-82A96D81C14A}.xps
c:\users\XXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\{E203644A-A334-4DE4-9F6B-BE24336AFEF9}.xps
c:\users\XXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FA5A56F9-C468-4A83-A6AA-99E2BFB7345C}.xps
c:\users\XXXX\AppData\Local\Temp\_MEI49322\_ctypes.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\_elementtree.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\_hashlib.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\_multiprocessing.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\_socket.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\_ssl.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\hashobjs_ext.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\pyexpat.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\pysqlite2._sqlite.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\python27.dll
c:\users\XXXX\AppData\Local\Temp\_MEI49322\pythoncom27.dll
c:\users\XXXX\AppData\Local\Temp\_MEI49322\PyWinTypes27.dll
c:\users\XXXX\AppData\Local\Temp\_MEI49322\select.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\unicodedata.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32api.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32com.shell.shell.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32crypt.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32event.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32file.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32gui.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32inet.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32pdh.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32pipe.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32process.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32profile.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32security.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\win32ts.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\windows._lib_cacheinvalidation.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wx._animate.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wx._controls_.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wx._core_.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wx._gdi_.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wx._html2.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wx._misc_.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wx._windows_.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wx._wizard.pyd
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wxbase294u_net_vc90.dll
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wxbase294u_vc90.dll
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wxmsw294u_adv_vc90.dll
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wxmsw294u_core_vc90.dll
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wxmsw294u_html_vc90.dll
c:\users\XXXX\AppData\Local\Temp\_MEI49322\wxmsw294u_webview_vc90.dll
.
.
(((((((((((((((((((((((((   Files Created from 2014-06-25 to 2014-07-25  )))))))))))))))))))))))))))))))
.
.
2014-07-25 13:06 . 2014-07-25 13:06 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-07-25 13:06 . 2014-07-25 13:06 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-07-25 13:06 . 2014-07-25 13:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-23 13:11 . 2014-07-23 13:11 -------- d-----w- c:\users\XXXX\.linkchecker
2014-07-22 01:45 . 2014-07-22 01:45 -------- d-----w- c:\programdata\Riot Games
2014-07-03 09:14 . 2014-07-03 09:15 -------- d-----w- c:\programdata\RogueKiller
2014-07-03 05:38 . 2014-07-25 13:09 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-03 05:36 . 2014-05-12 14:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-03 05:36 . 2014-05-12 14:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-03 05:36 . 2014-07-03 05:36 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-26 14:51 . 2014-06-26 14:51 -------- d-----w- c:\program files\Common Files\Propellerhead Software
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-12 00:06 . 2013-12-14 07:06 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-12 00:06 . 2012-01-30 06:23 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-29 23:07 . 2014-06-11 05:54 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-05-29 23:07 . 2013-11-19 22:26 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-05-29 23:07 . 2014-06-11 05:54 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-05-29 23:07 . 2013-11-19 22:26 1279480 ----a-w- c:\windows\system32\nvspcap64.dll
2014-05-20 02:44 . 2014-06-11 06:42 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-05-20 02:44 . 2014-06-11 06:42 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-05-20 02:44 . 2014-06-11 06:42 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-05-20 02:44 . 2014-06-11 06:42 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-05-20 02:44 . 2014-06-11 06:42 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2014-05-20 02:44 . 2014-06-11 06:42 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2014-05-20 02:44 . 2014-06-11 06:42 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-05-20 02:44 . 2014-06-11 06:42 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-05-20 02:44 . 2014-06-11 06:42 492376 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-05-20 02:44 . 2014-06-11 06:42 416712 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-05-20 02:44 . 2014-06-11 06:42 382240 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-05-20 02:44 . 2014-06-11 06:42 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-05-20 02:44 . 2014-06-11 06:42 335704 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-05-20 02:44 . 2014-06-11 06:42 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2014-05-20 02:44 . 2014-06-11 06:42 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2014-05-20 02:44 . 2014-06-11 06:42 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-05-20 02:44 . 2014-06-11 06:42 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-05-20 02:44 . 2014-06-11 06:42 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-05-20 02:44 . 2014-06-11 06:42 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2014-05-20 02:44 . 2014-06-11 06:42 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-05-20 02:44 . 2014-06-11 06:42 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-05-20 02:44 . 2014-06-11 06:42 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll
2014-05-20 02:44 . 2014-06-11 06:42 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-05-20 02:44 . 2014-06-11 06:42 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-05-20 02:44 . 2014-06-11 06:42 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-05-20 02:44 . 2014-06-11 06:42 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll
2014-05-20 02:44 . 2014-06-11 06:42 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-05-20 02:44 . 2014-06-11 06:42 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-05-20 02:44 . 2014-06-11 06:42 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2014-05-20 02:44 . 2014-06-11 06:42 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2014-05-20 02:44 . 2014-02-20 11:45 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2014-02-20 11:45 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2014-02-20 11:45 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2014-02-20 11:45 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2013-02-09 02:29 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-05-20 02:44 . 2013-02-09 02:29 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-05-20 02:44 . 2013-02-09 02:28 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 01:25 . 2013-02-09 02:29 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2013-02-09 02:29 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2013-02-09 02:29 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2013-02-09 02:29 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2013-02-09 02:29 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-19 23:10 . 2014-06-11 06:44 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-05-14 23:49 . 2013-02-09 02:29 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-05-12 14:25 . 2012-02-24 03:13 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\XXXX\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-07-12 1178168]
"FreeAC"="c:\program files (x86)\FreeAlarmClock\FreeAlarmClock.exe" [2012-12-12 1330008]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-06-27 24477056]
"Spotify"="c:\users\XXXX\AppData\Roaming\Spotify\spotify.exe" [2014-07-12 6162488]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
"vmware-tray.exe"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2013-10-18 111696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ    autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\XXXX\AppData\Local\Temp\ALSysIO64.sys;c:\users\XXXX\AppData\Local\Temp\ALSysIO64.sys [x]
R3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\DRIVERS\AE2500w764.sys;c:\windows\SYSNATIVE\DRIVERS\AE2500w764.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys;c:\windows\SYSNATIVE\DRIVERS\tapoas.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S2 atashost;WebEx Service Host for Support Center;c:\windows\SysWOW64\atashost.exe;c:\windows\SysWOW64\atashost.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi20-shared.sys;SysWOW64\drivers\vstor2-mntapi20-shared.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Contents of the 'Scheduled Tasks' folder
.
2014-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 00:06]
.
2014-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-02 03:52]
.
2014-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-02 03:52]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-692771199-628522970-2486110779-1000Core.job
- c:\users\XXXX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-08 20:22]
.
2014-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-692771199-628522970-2486110779-1000UA.job
- c:\users\XXXX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-08 20:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-06-27 21:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-06-27 21:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-06-27 21:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-06-27 21:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-06-27 21:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-14 13374568]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyOverride = <local>
LSP: %windir%\system32\vsocklib.dll
Trusted Zone: crownelegacy.com\cpanel
TCP: DhcpNameServer = 192.168.1.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\kfycgmkc.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\01\01\1e\07\09\1f?"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
.
**************************************************************************
.
Completion time: 2014-07-25  06:25:20 - machine was rebooted
ComboFix-quarantined-files.txt  2014-07-25 13:25
ComboFix2.txt  2014-04-30 16:36
ComboFix3.txt  2014-04-16 04:41
ComboFix4.txt  2014-02-28 11:29
ComboFix5.txt  2014-07-03 08:31
.
Pre-Run: 237,444,079,616 bytes free
Post-Run: 237,042,278,400 bytes free
.
- - End Of File - - 4F1622E9535AAA820C7D27555CA04058
A36C5E4F47E84449FF07ED3517B43A31
 

Edited by wuffle-waffle, 25 July 2014 - 08:56 AM.


BC AdBot (Login to Remove)

 


#2 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:25 AM

Posted 28 July 2014 - 04:21 PM

Hi wuffle-waffle and Welcome to BleepingComputer !

I am currently looking though your logs and will advice you on what to do in my next reply.


“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#3 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:25 AM

Posted 29 July 2014 - 01:12 PM

Hello wuffle-waffle

I'm Seedy21 and I will be helping you with your issues.

Please note the following information about the malware forum:

 

  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by me
     
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
     
  • Please reply within 48 hours, if you are going to be away for longer please let us know or the topic will be closed for been inactive
     
  • If you are using Cracked or Illegal software your thread will be closed
     
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close.

Combofix is a powerful tool intended by its creator to be used under the direction of an expert. It is NOT for private use. You should NOT use Combofix unless a Malware Removal Expert has told you to. Improper use of this tool can seriously damage your operating system and may even prevent it from starting again. Please read Combofix's Disclaimer.
Plus, if it is run without be asked for by a 'helper', the creator will offer no help if anything goes wrong.

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Double-click the downloaded icon to run the tool.

    frsticon_zpsdc3cbdc3.png
  • When the tool opens click Yes to disclaimer.

    frstdis_zps7f598f12.png
  • Press Scan button.

    newfrst_zpsa63ffa3d.png
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#4 wuffle-waffle

wuffle-waffle
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 29 July 2014 - 01:36 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Chad at 2014-07-29 11:33:43
Running from C:\Users\Chad\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Ableton Live 9 Suite (HKLM\...\{48EC4E57-1D04-4831-90A7-151DA2269495}) (Version: 9.0.0.0 - Ableton)
ActiveState Komodo Edit 8.5.3 (HKLM-x32\...\{E65B87D8-30C4-4FB0-8C24-AFD64950A881}) (Version: 8.5.3 - ActiveState Software Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2664F434-0AFE-1084-136E-FCC87BDF43AD}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Attribute Changer 7.11 (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 7.11 - Romain Petges)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
AutoIt v3.3.8.1 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward - Sledgehammer Games)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Cisco AnyConnect VPN Client (HKLM-x32\...\{F4C6DD02-8ACA-4354-BA36-9FFC3B767E73}) (Version: 2.5.2014 - Cisco Systems, Inc.)
Core Temp 1.0 RC3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dxtory version 2.0.120 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.120 - Dxtory Software)
FileZilla Client 3.9.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Alarm Clock 2.7.1 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 2.7 - Comfort Software Group)
Google Apps Migration For Microsoft Outlook® 2.3.14.36 (HKLM-x32\...\{C46F4ED2-0337-4267-97A1-89735C781E0D}) (Version: 2.3.14.36 - Google, Inc.)
Google Apps Migration For Microsoft® Exchange 3.0.1365.453 (HKLM-x32\...\{1B0B8A78-F402-4D84-B3C0-5D6B8891BEDD}) (Version: 3.0.1365.453 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.5.370.990 (HKLM-x32\...\{2E92FFC5-4082-40BF-9CA7-0E5D16C811CE}) (Version: 3.5.370.990 - Google, Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{51DA4CCF-4629-11E1-AF83-B8AC6F97B88E}) (Version: 6.2.0.5905 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
InfraRecorder (HKLM-x32\...\InfraRecorder) (Version:  - Christian Kindahl)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ SE Development Kit 7 Update 2 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170020}) (Version: 1.7.0.20 - Oracle)
JavaFX 2.0.2 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
JavaFX 2.0.2 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.8.4 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 15.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 15.0.1 (x86 en-US)) (Version: 15.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mumble 1.2.5 (HKLM-x32\...\{C7BC557D-8C8B-4F5F-83AB-D20C58CF4575}) (Version: 1.2.5 - Thorvald Natvig)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version:  - Cryptic Studios)
NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Ruby 2.0.0-p481-x64 (HKCU\...\{B5BD4615-7C8A-4E50-9179-71B593CA6B67}_is1) (Version: 2.0.0-p481 - RubyInstaller Team)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
tools-freebsd (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
TortoiseHg 2.9.1 (x64) (HKLM\...\{EFAF924F-E432-4692-AE97-04F3B72D41FF}) (Version: 2.9.1 - Steve Borho and others)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Videora Xbox 360 Converter 6 (HKLM-x32\...\Videora Xbox 360 Converter) (Version: 6 - Red Kawa)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VirtualDJ LE (MixTrack) (HKLM-x32\...\{0823E4A6-FB02-4E9A-830F-C5F4B2C27A14}) (Version: 7.0.3 - Atomix Productions)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.1 - VMware, Inc)
VMware Workstation (Version: 10.0.1 - VMware, Inc.) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Password Unlocker Enterprise 5.0.0.0 (HKLM-x32\...\{F43120F7-7DBF-4E10-BC9B-19379750AAF4}_is1) (Version:  - Windows Password Unlocker, Inc.)
WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version:  - Team17)
XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs)
XviD4PSP 5.10.330.0 (HKLM-x32\...\XviD4PSP5_is1) (Version:  - Winnydows & fcp team)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Chad\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Chad\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Chad\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-692771199-628522970-2486110779-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Chad\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
25-07-2014 14:41:59 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-04-08 16:32 - 2014-07-25 06:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1BF952E0-1D77-4C31-9797-2A9279996A2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-01] (Google Inc.)
Task: {1FD239F1-B1F3-4AF4-8BDE-0C7C22E87793} - System32\Tasks\AdobeAAMUpdater-1.0-Chad-PC-Chad => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {5480171B-8C38-4711-9165-24D208DE47F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11] (Adobe Systems Incorporated)
Task: {A331B78A-4624-48E4-A8DD-9880E265C126} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-692771199-628522970-2486110779-1000UA => C:\Users\Chad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-08] (Google Inc.)
Task: {A4F5FA66-BCBC-4AA3-B8E7-A7E40E930609} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {B0920D02-E808-4F90-8737-00EEAF93E4B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-01] (Google Inc.)
Task: {FD5CC64F-B11A-4AF1-B8EB-6CAB8020D5C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-692771199-628522970-2486110779-1000Core => C:\Users\Chad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-08] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-692771199-628522970-2486110779-1000Core.job => C:\Users\Chad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-692771199-628522970-2486110779-1000UA.job => C:\Users\Chad\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-02-08 19:29 - 2014-05-19 18:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-02-01 23:33 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2013-09-30 06:08 - 2014-07-12 15:57 - 00601144 _____ () C:\Users\Chad\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-10-18 12:46 - 2013-10-18 12:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2012-05-10 09:58 - 2014-07-12 15:57 - 36966968 _____ () C:\Users\Chad\AppData\Roaming\Spotify\Data\libcef.dll
2014-01-03 04:03 - 2014-01-03 04:03 - 07816192 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2014-01-03 04:03 - 2014-01-03 04:03 - 00188416 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
2014-01-03 04:03 - 2014-01-03 04:03 - 01425920 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2014-01-03 04:03 - 2014-01-03 04:03 - 00336896 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2014-01-03 04:03 - 2014-01-03 04:03 - 00096256 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2014-07-28 15:12 - 2014-07-28 15:12 - 00098816 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32api.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00110080 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\pywintypes27.dll
2014-07-28 15:12 - 2014-07-28 15:12 - 00364544 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\pythoncom27.dll
2014-07-28 15:12 - 2014-07-28 15:12 - 00045568 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_socket.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 01160704 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_ssl.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00320512 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32com.shell.shell.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00713216 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_hashlib.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 01175040 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._core_.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00805888 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._gdi_.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00811008 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._windows_.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 01062400 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._controls_.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00735232 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._misc_.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00128512 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_elementtree.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00127488 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\pyexpat.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00557056 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\pysqlite2._sqlite.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00007168 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\hashobjs_ext.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00087552 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_ctypes.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00119808 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32file.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00108544 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32security.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00018432 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32event.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00038912 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32inet.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00070656 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._html2.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00167936 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32gui.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00011264 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32crypt.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00027136 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_multiprocessing.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00122368 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._wizard.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00010240 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\select.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00024064 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32pipe.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00686080 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\unicodedata.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00025600 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32pdh.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00525640 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\windows._lib_cacheinvalidation.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00035840 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32process.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00017408 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32profile.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00022528 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32ts.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00078336 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._animate.pyd
2014-07-12 15:57 - 2014-07-12 15:57 - 00867896 _____ () C:\Users\Chad\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-07-21 14:22 - 2014-07-15 02:24 - 00718664 _____ () C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-21 14:22 - 2014-07-15 02:24 - 00126280 _____ () C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-21 14:22 - 2014-07-15 02:24 - 08537928 _____ () C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-21 14:22 - 2014-07-15 02:24 - 00353096 _____ () C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-21 14:22 - 2014-07-15 02:24 - 01732936 _____ () C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2013-09-30 06:08 - 2014-07-12 15:57 - 00886840 _____ () C:\Users\Chad\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-30 06:08 - 2014-07-12 15:57 - 00108600 _____ () C:\Users\Chad\AppData\Roaming\Spotify\Data\libegl.dll
2014-07-21 14:22 - 2014-07-15 02:24 - 00310088 _____ () C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\libexif.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-01-10 01:05 - 2010-01-10 01:05 - 01040736 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2010-01-10 18:37 - 2010-01-10 18:37 - 00058208 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\UmOutlookStrings.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: ALMServer => 2
MSCONFIG\Services: AWRScheduler => 2
MSCONFIG\Services: AWRServer => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Web Connector.lnk => C:\Windows\pss\QuickBooks Web Connector.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\Windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Chad\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FixMyRegistry => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as
MSCONFIG\startupreg: Google Update => "C:\Users\Chad\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TortoiseHgOverlayIconServer => C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
 
==================== Faulty Device Manager Devices =============
 
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/28/2014 03:11:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (07/28/2014 03:11:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
 
Error: (07/27/2014 07:43:24 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (07/27/2014 07:43:24 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
 
Error: (07/25/2014 01:19:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (07/25/2014 01:19:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
 
Error: (07/25/2014 08:33:44 AM) (Source: MsiInstaller) (EventID: 11935) (User: Chad-PC)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.6161",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {74C57B6B-FF6E-3825-BED2-78E14E3E0E3C}
 
Error: (07/25/2014 06:27:23 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (07/25/2014 06:27:23 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
 
Error: (07/25/2014 06:09:34 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
 
System errors:
=============
Error: (07/25/2014 01:24:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2962872).
 
Error: (07/25/2014 08:38:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).
 
Error: (07/25/2014 06:07:24 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (07/25/2014 05:57:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (07/25/2014 05:57:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (07/25/2014 05:54:02 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (07/21/2014 03:01:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Volume Shadow Copy service failed to start due to the following error: 
%%1053
 
Error: (07/21/2014 03:01:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
 
Error: (07/21/2014 03:01:28 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 
Error: (07/13/2014 03:12:17 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:10:55 AM on ‎7/‎13/‎2014 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (07/28/2014 03:11:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (07/28/2014 03:11:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
 
Error: (07/27/2014 07:43:24 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (07/27/2014 07:43:24 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
 
Error: (07/25/2014 01:19:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (07/25/2014 01:19:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
 
Error: (07/25/2014 08:33:44 AM) (Source: MsiInstaller) (EventID: 11935) (User: Chad-PC)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.6161",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {74C57B6B-FF6E-3825-BED2-78E14E3E0E3C}(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/25/2014 06:27:23 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (07/25/2014 06:27:23 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
 
Error: (07/25/2014 06:09:34 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-07-25 05:57:54.850
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-25 05:57:54.813
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-25 05:57:54.774
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-25 05:57:54.738
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-03 01:42:56.777
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-03 01:42:56.738
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-03 01:42:56.697
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-03 01:42:56.658
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-30 09:01:59.872
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-30 09:01:59.831
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 43%
Total physical RAM: 8191.3 MB
Available physical RAM: 4605.01 MB
Total Pagefile: 16380.79 MB
Available Pagefile: 11858.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:229.15 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 780C780C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#5 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:25 AM

Posted 29 July 2014 - 02:24 PM

Hi wuffle-waffle
 
FRST will also have made another text file I will need to see called FRST.txt   

 

Please post the contents of this file in your next reply.


“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#6 wuffle-waffle

wuffle-waffle
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 29 July 2014 - 03:14 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Chad (administrator) on CHAD-PC on 29-07-2014 11:32:53
Running from C:\Users\Chad\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\Chad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Chad\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\Chad\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chad\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chad\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Users\Chad\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chad\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\nacl64.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\nacl64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-10-18] (VMware, Inc.)
HKU\S-1-5-21-692771199-628522970-2486110779-1000\...\Run: [Spotify Web Helper] => C:\Users\Chad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-12] (Spotify Ltd)
HKU\S-1-5-21-692771199-628522970-2486110779-1000\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1330008 2012-12-11] (Comfort Software Group)
HKU\S-1-5-21-692771199-628522970-2486110779-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-692771199-628522970-2486110779-1000\...\Run: [Spotify] => C:\Users\Chad\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-12] (Spotify Ltd)
HKU\S-1-5-21-692771199-628522970-2486110779-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3CC700AE90A8CF01
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.1.10.1
 
FireFox:
========
FF ProfilePath: C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\kfycgmkc.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Chad\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Chad\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: FoxySpider - C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\kfycgmkc.default\Extensions\{75df891f-e299-4725-b14f-7d52f086dea2}.xpi [2014-07-25]
FF Extension: Adblock Plus - C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\kfycgmkc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-09]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-10]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Chad\AppData\Local\Google\Chrome\Application\36.0.1985.125\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-08]
CHR Extension: (Google Cast) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-01]
CHR Extension: (Google Search) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-08]
CHR Extension: (Google Calendar) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-05-27]
CHR Extension: (Koding) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgbjpbdfegnodokpoejnbhnblcojccal [2014-03-01]
CHR Extension: (Simple REST Client) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjcajmcbmldlhcimfajhfbgofnpcjmb [2014-07-26]
CHR Extension: (AdBlock) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-14]
CHR Extension: (Google Wallet) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (SpeakIt!) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2014-06-09]
CHR Extension: (Gmail) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-08]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Chad\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-08-25]
CHR StartMenuInternet: Google Chrome - C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14405200 2013-10-18] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-29] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project) [File not signed]
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-10-18] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 ALSysIO; \??\C:\Users\Chad\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-07-29 11:32 - 2014-07-29 11:33 - 00024613 _____ () C:\Users\Chad\Downloads\FRST.txt
2014-07-29 11:32 - 2014-07-29 11:32 - 02093568 _____ (Farbar) C:\Users\Chad\Downloads\FRST64.exe
2014-07-29 11:32 - 2014-07-29 11:32 - 00000000 ____D () C:\FRST
2014-07-29 11:31 - 2014-07-29 11:31 - 00065536 ___HT () C:\Users\Chad\Documents\~bruce@rbrucejohnston.com.pst.tmp
2014-07-28 15:56 - 2014-07-28 15:56 - 00000749 _____ () C:\Users\Chad\Downloads\sitemap.xml
2014-07-27 19:43 - 2014-07-29 11:19 - 00000168 _____ () C:\Windows\setupact.log
2014-07-27 19:43 - 2014-07-27 19:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-26 03:49 - 2014-07-26 03:49 - 00710129 _____ () C:\Users\Chad\Downloads\wpscanteam-wpscan-2.4.1-136-g6fbf264.zip
2014-07-26 03:49 - 2014-07-26 03:49 - 00000000 ____D () C:\Users\Chad\Downloads\wpscanteam-wpscan-2.4.1-136-g6fbf264
2014-07-26 01:55 - 2014-07-26 01:55 - 00000000 ____D () C:\New folder
2014-07-26 00:13 - 2014-07-26 00:13 - 00001630 _____ () C:\Users\Chad\Downloads\outreach.pot
2014-07-25 23:54 - 2014-07-25 23:54 - 00000000 ____D () C:\Users\Chad\Documents\ts
2014-07-25 22:45 - 2014-07-25 22:45 - 00000606 _____ () C:\Users\Chad\Downloads\functions.php
2014-07-25 22:15 - 2014-07-25 22:15 - 00000000 __SHD () C:\Users\Chad\AppData\Local\EmieUserList
2014-07-25 22:15 - 2014-07-25 22:15 - 00000000 __SHD () C:\Users\Chad\AppData\Local\EmieSiteList
2014-07-25 18:01 - 2014-07-25 18:01 - 00015012 _____ () C:\Users\Chad\Downloads\accesslog-grizzinnovations.chanlotech.com-07-26-2014-01-01-41-0000.gz
2014-07-25 18:01 - 2014-07-25 18:01 - 00000000 ____D () C:\Users\Chad\Downloads\accesslog-grizzinnovations.chanlotech.com-07-26-2014-01-01-41-0000
2014-07-25 17:46 - 2014-07-25 17:46 - 00019425 _____ () C:\Users\Chad\Downloads\sitemap.html
2014-07-25 17:46 - 2014-07-25 17:46 - 00001794 _____ () C:\Users\Chad\Downloads\urllist.txt
2014-07-25 15:33 - 2014-07-25 15:33 - 01166053 _____ () C:\Users\Chad\Downloads\backup-fri-jul-25-16_34_13-2014.zip
2014-07-25 15:28 - 2014-07-25 15:28 - 00003697 _____ () C:\Users\Chad\Downloads\wp-config.php
2014-07-25 08:48 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-07-25 08:45 - 2014-07-25 08:45 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 08:45 - 2014-07-25 08:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 08:45 - 2014-07-25 08:45 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 08:45 - 2014-07-25 08:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 08:45 - 2014-07-25 08:45 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-07-25 08:45 - 2014-07-25 08:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-07-25 08:45 - 2014-07-25 08:45 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-25 08:45 - 2014-07-25 08:45 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-07-25 08:45 - 2014-07-25 08:45 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-07-25 08:45 - 2014-07-25 08:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-07-25 08:45 - 2014-07-25 08:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-07-25 08:42 - 2014-07-25 08:42 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-07-25 08:42 - 2014-07-25 08:42 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-07-25 08:41 - 2014-07-25 08:41 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-07-25 08:41 - 2014-07-25 08:41 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-07-25 07:56 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-07-25 07:56 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-07-25 07:56 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-07-25 07:56 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-07-25 07:56 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-07-25 07:56 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-07-25 07:56 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-07-25 07:56 - 2012-06-02 07:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-07-25 07:45 - 2013-01-13 14:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 14:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 14:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-25 07:45 - 2013-01-13 14:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-25 07:45 - 2013-01-13 14:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 13:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 13:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 13:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 13:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-25 07:45 - 2013-01-13 13:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-07-25 07:45 - 2013-01-13 13:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-25 07:45 - 2013-01-13 13:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 13:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 13:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 13:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-25 07:45 - 2013-01-13 13:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-07-25 07:45 - 2013-01-13 13:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-07-25 07:45 - 2013-01-13 13:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-07-25 07:45 - 2013-01-13 13:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-07-25 07:45 - 2013-01-13 12:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-25 07:45 - 2013-01-13 12:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-07-25 07:45 - 2013-01-13 12:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-07-25 07:45 - 2013-01-13 12:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-07-25 07:45 - 2013-01-13 12:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-07-25 07:45 - 2013-01-13 12:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-07-25 07:45 - 2013-01-13 12:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-07-25 07:45 - 2013-01-13 12:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-07-25 07:45 - 2013-01-13 12:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-07-25 07:45 - 2013-01-13 12:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-07-25 07:45 - 2013-01-13 12:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-07-25 07:45 - 2013-01-13 12:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-07-25 07:45 - 2013-01-13 12:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-07-25 07:45 - 2013-01-13 12:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-07-25 07:45 - 2013-01-13 12:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-07-25 07:45 - 2013-01-13 12:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-07-25 07:45 - 2013-01-13 12:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-07-25 07:45 - 2013-01-13 12:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-07-25 07:45 - 2013-01-13 12:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-07-25 07:45 - 2013-01-13 12:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-07-25 07:45 - 2013-01-13 12:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-07-25 07:45 - 2013-01-13 11:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-07-25 07:45 - 2013-01-13 11:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-07-25 07:45 - 2013-01-13 11:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-07-25 07:45 - 2013-01-13 10:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-07-25 07:45 - 2013-01-13 10:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-07-25 07:45 - 2013-01-03 23:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-07-25 07:45 - 2013-01-03 23:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-07-25 07:41 - 2013-02-26 23:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-07-25 07:41 - 2013-02-26 22:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-07-25 07:41 - 2013-02-26 22:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-07-25 07:41 - 2013-02-26 21:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-07-25 07:40 - 2014-03-04 02:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-25 07:40 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-25 07:40 - 2014-03-04 02:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-25 07:40 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-25 07:40 - 2014-03-04 02:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-25 07:40 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-25 07:40 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-25 07:40 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-25 07:40 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-25 07:40 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-25 07:40 - 2014-03-04 02:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-07-25 07:40 - 2014-03-04 02:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-07-25 07:40 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-07-25 07:40 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-07-25 07:40 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-07-25 07:40 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-07-25 07:40 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-07-25 07:40 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-07-25 07:40 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-07-25 07:40 - 2014-03-04 02:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-07-25 07:40 - 2013-08-01 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-07-25 07:40 - 2013-08-01 19:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-07-25 07:40 - 2013-08-01 18:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-07-25 07:40 - 2013-08-01 17:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-07-25 07:39 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-25 07:39 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-25 07:39 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-25 07:39 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-25 07:39 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-07-25 07:39 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-07-25 07:39 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-07-25 07:39 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-07-25 07:39 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-07-25 07:39 - 2012-11-28 15:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-07-25 07:39 - 2012-11-28 15:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-07-25 07:39 - 2012-11-28 15:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-07-25 07:38 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-25 07:38 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-25 07:38 - 2014-06-17 18:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-25 07:38 - 2014-05-08 02:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-07-25 07:38 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-25 07:38 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-25 07:38 - 2014-03-24 19:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-25 07:38 - 2014-03-24 19:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-07-25 07:38 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-07-25 07:38 - 2013-10-18 19:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-07-25 07:38 - 2013-10-18 18:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-07-25 07:38 - 2013-10-05 13:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-07-25 07:38 - 2013-10-05 12:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-07-25 07:38 - 2013-07-08 22:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-07-25 07:38 - 2013-07-08 22:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-07-25 07:38 - 2013-07-08 22:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-07-25 07:38 - 2013-07-08 21:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-07-25 07:38 - 2013-07-08 21:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-07-25 07:38 - 2013-07-08 21:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-07-25 07:38 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-07-25 07:38 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-07-25 07:37 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-25 07:37 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-25 07:37 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-07-25 07:37 - 2013-11-26 18:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-07-25 07:37 - 2013-11-26 18:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-07-25 07:37 - 2013-11-26 18:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-07-25 07:37 - 2013-11-26 18:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-07-25 07:37 - 2013-11-26 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-07-25 07:37 - 2013-11-26 18:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-07-25 07:37 - 2013-11-26 18:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-07-25 07:37 - 2013-11-11 19:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-07-25 07:37 - 2013-11-11 19:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-07-25 07:37 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-07-25 07:37 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-07-25 07:37 - 2013-07-25 02:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-07-25 07:37 - 2013-07-25 01:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-07-25 07:37 - 2013-07-08 22:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-07-25 07:37 - 2013-07-08 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-07-25 07:37 - 2013-06-05 22:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-07-25 07:37 - 2013-06-05 22:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-07-25 07:37 - 2013-06-05 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-07-25 07:37 - 2013-06-05 22:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-07-25 07:37 - 2013-06-05 21:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-07-25 07:37 - 2013-06-05 21:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-07-25 07:37 - 2013-06-05 21:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-07-25 07:37 - 2013-06-05 20:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-07-25 07:37 - 2013-06-05 20:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-07-25 07:37 - 2013-06-05 20:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-07-25 07:36 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-25 07:36 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-25 07:36 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-07-25 07:36 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-07-25 07:36 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-07-25 07:36 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-07-25 07:36 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-07-25 07:36 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-07-25 07:36 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-07-25 07:36 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-07-25 07:36 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-07-25 07:36 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-07-25 07:36 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-07-25 07:36 - 2014-01-28 19:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-07-25 07:36 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-07-25 07:36 - 2013-10-03 19:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-07-25 07:36 - 2013-10-03 18:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-07-25 07:36 - 2013-08-01 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 18:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-07-25 07:36 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-07-25 07:36 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-07-25 07:36 - 2013-07-12 03:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-07-25 07:36 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-07-25 07:36 - 2013-07-12 03:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-07-25 07:36 - 2013-07-04 05:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-07-25 07:36 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-07-25 07:36 - 2013-06-14 21:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-07-25 07:31 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-25 07:31 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-25 07:31 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-25 07:31 - 2014-04-11 19:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-25 07:31 - 2014-04-11 19:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-25 07:31 - 2014-04-11 19:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-25 07:31 - 2014-04-11 19:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-25 07:31 - 2014-04-11 19:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-25 07:31 - 2014-04-11 19:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-25 07:31 - 2014-03-04 02:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-25 07:31 - 2014-03-04 02:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-25 07:31 - 2014-03-04 02:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-25 07:31 - 2014-03-04 02:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-25 07:31 - 2014-03-04 02:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-25 07:31 - 2014-03-04 02:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-25 07:31 - 2014-03-04 02:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-25 07:31 - 2014-03-04 02:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-25 07:31 - 2014-03-04 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-25 07:31 - 2014-03-04 02:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-25 07:31 - 2014-03-04 02:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-25 07:31 - 2014-03-04 02:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-25 07:31 - 2013-09-24 19:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-25 07:31 - 2013-09-24 18:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-25 07:31 - 2013-07-04 05:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-25 07:27 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-07-25 07:27 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-07-25 07:27 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-07-25 07:27 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-07-25 07:27 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-07-25 07:27 - 2013-05-12 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-07-25 07:27 - 2013-05-12 20:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-07-25 07:27 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-07-25 07:27 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-07-25 07:26 - 2013-10-11 19:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-07-25 07:26 - 2013-10-11 19:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-07-25 07:26 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-07-25 07:26 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-07-25 07:26 - 2013-10-11 18:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-07-25 07:26 - 2013-10-11 18:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-07-25 07:26 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-07-25 07:26 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-07-25 07:26 - 2013-10-02 19:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-25 07:26 - 2013-10-02 19:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-07-25 07:26 - 2013-08-01 05:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-07-25 07:26 - 2013-07-20 03:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-25 07:26 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-25 07:26 - 2013-04-25 22:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-07-25 07:26 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-07-25 07:26 - 2013-04-09 23:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-07-25 07:26 - 2012-11-22 20:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-07-25 07:26 - 2011-02-03 04:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-07-25 06:25 - 2014-07-25 06:25 - 00032322 _____ () C:\ComboFix.txt
2014-07-25 05:42 - 2014-07-25 05:42 - 00201030 _____ () C:\Users\Chad\Desktop\lspfix.zip
2014-07-23 12:09 - 2013-01-22 20:42 - 1506014295 _____ () C:\Users\Chad\Documents\Limitless.2011.1080p.BrRip.x264.YIFY.mp4
2014-07-23 12:08 - 2014-07-23 12:09 - 00000000 ____D () C:\Users\Chad\AppData\Local\{984E07D3-5F2A-4255-999B-EC9B3343E900}
2014-07-23 06:11 - 2014-07-23 06:11 - 00000000 ____D () C:\Users\Chad\.linkchecker
2014-07-21 18:45 - 2014-07-21 18:45 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-03 02:14 - 2014-07-03 02:15 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-02 22:38 - 2014-07-29 10:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 22:36 - 2014-07-02 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-02 22:36 - 2014-07-02 22:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-02 22:36 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 22:36 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-07-29 11:33 - 2014-07-29 11:32 - 00024613 _____ () C:\Users\Chad\Downloads\FRST.txt
2014-07-29 11:33 - 2014-06-04 16:10 - 920593408 _____ () C:\Users\Chad\Documents\bruce@rbrucejohnston.com.pst
2014-07-29 11:33 - 2012-04-08 13:22 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-692771199-628522970-2486110779-1000UA.job
2014-07-29 11:32 - 2014-07-29 11:32 - 02093568 _____ (Farbar) C:\Users\Chad\Downloads\FRST64.exe
2014-07-29 11:32 - 2014-07-29 11:32 - 00000000 ____D () C:\FRST
2014-07-29 11:31 - 2014-07-29 11:31 - 00065536 ___HT () C:\Users\Chad\Documents\~bruce@rbrucejohnston.com.pst.tmp
2014-07-29 11:31 - 2012-07-05 14:27 - 00000000 ____D () C:\Users\Chad\Documents\Outlook Files
2014-07-29 11:27 - 2012-05-10 09:57 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Spotify
2014-07-29 11:23 - 2012-01-29 23:13 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E9C4FFAA-38FB-41C2-8CC9-85AFB0C7ED5B}
2014-07-29 11:19 - 2014-07-27 19:43 - 00000168 _____ () C:\Windows\setupact.log
2014-07-29 11:12 - 2012-02-08 14:29 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Skype
2014-07-29 11:08 - 2012-02-01 20:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-29 11:06 - 2012-04-11 14:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-29 10:03 - 2014-07-02 22:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-29 07:28 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing
2014-07-29 07:08 - 2012-02-01 20:52 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-29 02:00 - 2012-02-01 19:59 - 00000000 ____D () C:\Users\Chad\AppData\Local\Adobe
2014-07-28 19:48 - 2014-02-28 14:19 - 01965520 _____ () C:\Windows\WindowsUpdate.log
2014-07-28 18:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-07-28 15:56 - 2014-07-28 15:56 - 00000749 _____ () C:\Users\Chad\Downloads\sitemap.xml
2014-07-28 15:16 - 2009-07-13 21:45 - 00023088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-28 15:16 - 2009-07-13 21:45 - 00023088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-28 15:12 - 2013-08-25 14:07 - 00000000 ___RD () C:\Users\Chad\Google Drive
2014-07-28 15:11 - 2014-03-14 05:08 - 00000000 ____D () C:\ProgramData\VMware
2014-07-28 15:11 - 2013-04-05 12:56 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-28 15:11 - 2012-01-30 01:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-28 15:11 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-27 19:43 - 2014-07-27 19:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-27 19:43 - 2012-06-12 16:22 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-26 17:05 - 2014-02-01 16:37 - 00000000 ____D () C:\Users\Chad\AppData\Local\Battle.net
2014-07-26 17:03 - 2014-03-14 05:18 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\VMware
2014-07-26 17:03 - 2014-03-14 05:18 - 00000000 ____D () C:\Users\Chad\AppData\Local\VMware
2014-07-26 16:59 - 2012-02-01 20:58 - 01225216 ___SH () C:\Users\Chad\Documents\Thumbs.db
2014-07-26 15:56 - 2013-01-23 12:22 - 00070656 ___SH () C:\Users\Chad\Thumbs.db
2014-07-26 13:35 - 2012-01-29 23:15 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-07-26 13:33 - 2012-04-08 13:22 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-692771199-628522970-2486110779-1000Core.job
2014-07-26 13:14 - 2014-02-01 16:38 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-07-26 13:13 - 2014-02-01 16:37 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-26 11:51 - 2012-08-27 14:03 - 00001456 _____ () C:\Users\Chad\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-07-26 05:40 - 2012-09-06 16:50 - 00000000 ___RD () C:\Users\Chad\Desktop\Web Design and SEO
2014-07-26 03:49 - 2014-07-26 03:49 - 00710129 _____ () C:\Users\Chad\Downloads\wpscanteam-wpscan-2.4.1-136-g6fbf264.zip
2014-07-26 03:49 - 2014-07-26 03:49 - 00000000 ____D () C:\Users\Chad\Downloads\wpscanteam-wpscan-2.4.1-136-g6fbf264
2014-07-26 01:55 - 2014-07-26 01:55 - 00000000 ____D () C:\New folder
2014-07-26 00:13 - 2014-07-26 00:13 - 00001630 _____ () C:\Users\Chad\Downloads\outreach.pot
2014-07-25 23:54 - 2014-07-25 23:54 - 00000000 ____D () C:\Users\Chad\Documents\ts
2014-07-25 23:04 - 2012-01-29 22:51 - 00000000 ____D () C:\Windows\Panther
2014-07-25 22:45 - 2014-07-25 22:45 - 00000606 _____ () C:\Users\Chad\Downloads\functions.php
2014-07-25 22:15 - 2014-07-25 22:15 - 00000000 __SHD () C:\Users\Chad\AppData\Local\EmieUserList
2014-07-25 22:15 - 2014-07-25 22:15 - 00000000 __SHD () C:\Users\Chad\AppData\Local\EmieSiteList
2014-07-25 18:01 - 2014-07-25 18:01 - 00015012 _____ () C:\Users\Chad\Downloads\accesslog-grizzinnovations.chanlotech.com-07-26-2014-01-01-41-0000.gz
2014-07-25 18:01 - 2014-07-25 18:01 - 00000000 ____D () C:\Users\Chad\Downloads\accesslog-grizzinnovations.chanlotech.com-07-26-2014-01-01-41-0000
2014-07-25 18:00 - 2012-06-12 16:22 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\FileZilla
2014-07-25 17:46 - 2014-07-25 17:46 - 00019425 _____ () C:\Users\Chad\Downloads\sitemap.html
2014-07-25 17:46 - 2014-07-25 17:46 - 00001794 _____ () C:\Users\Chad\Downloads\urllist.txt
2014-07-25 15:33 - 2014-07-25 15:33 - 01166053 _____ () C:\Users\Chad\Downloads\backup-fri-jul-25-16_34_13-2014.zip
2014-07-25 15:28 - 2014-07-25 15:28 - 00003697 _____ () C:\Users\Chad\Downloads\wp-config.php
2014-07-25 13:25 - 2009-07-13 22:13 - 00787630 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-25 13:22 - 2013-02-19 13:08 - 00000884 __RSH () C:\Users\Chad\ntuser.pol
2014-07-25 13:22 - 2012-01-29 23:04 - 00001413 _____ () C:\Users\Chad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-25 13:22 - 2012-01-29 23:03 - 00000000 ____D () C:\Users\Chad
2014-07-25 13:19 - 2009-07-13 21:45 - 05052800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-25 13:12 - 2009-07-14 00:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-25 13:12 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-25 13:12 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-25 13:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-07-25 13:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-07-25 13:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-07-25 13:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-07-25 13:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-25 08:57 - 2012-07-05 14:26 - 00781354 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-25 08:45 - 2014-07-25 08:45 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 08:45 - 2014-07-25 08:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 08:45 - 2014-07-25 08:45 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 08:45 - 2014-07-25 08:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 08:45 - 2014-07-25 08:45 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-07-25 08:45 - 2014-07-25 08:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-07-25 08:45 - 2014-07-25 08:45 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-25 08:45 - 2014-07-25 08:45 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-07-25 08:45 - 2014-07-25 08:45 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-07-25 08:45 - 2014-07-25 08:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-07-25 08:45 - 2014-07-25 08:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-07-25 08:45 - 2014-07-25 08:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-25 08:45 - 2014-07-25 08:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-07-25 08:43 - 2014-07-25 08:43 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-07-25 08:42 - 2014-07-25 08:42 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-07-25 08:42 - 2014-07-25 08:42 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-07-25 08:41 - 2014-07-25 08:41 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-07-25 08:41 - 2014-07-25 08:41 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-07-25 08:21 - 2014-02-07 18:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-25 07:23 - 2012-06-12 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-25 06:32 - 2012-04-24 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-07-25 06:32 - 2012-02-28 22:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-25 06:26 - 2012-02-23 20:03 - 00000000 ____D () C:\Qoobox
2014-07-25 06:25 - 2014-07-25 06:25 - 00032322 _____ () C:\ComboFix.txt
2014-07-25 06:10 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-25 05:42 - 2014-07-25 05:42 - 00201030 _____ () C:\Users\Chad\Desktop\lspfix.zip
2014-07-25 02:04 - 2012-08-26 14:51 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Winamp
2014-07-25 02:04 - 2012-04-28 12:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-25 02:04 - 2012-01-30 00:09 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Azureus
2014-07-24 14:08 - 2013-07-22 21:07 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 14:08 - 2013-07-22 21:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-23 15:49 - 2012-06-04 14:08 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\vlc
2014-07-23 15:03 - 2013-07-22 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 12:09 - 2014-07-23 12:08 - 00000000 ____D () C:\Users\Chad\AppData\Local\{984E07D3-5F2A-4255-999B-EC9B3343E900}
2014-07-23 12:09 - 2012-04-10 21:27 - 00000000 ____D () C:\Users\Chad\AppData\Local\Windows Live
2014-07-23 06:11 - 2014-07-23 06:11 - 00000000 ____D () C:\Users\Chad\.linkchecker
2014-07-23 06:11 - 2012-01-29 23:03 - 00000000 ____D () C:\Users\Chad\AppData\Local\VirtualStore
2014-07-21 18:45 - 2014-07-21 18:45 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-21 17:38 - 2012-01-29 23:17 - 00116984 _____ () C:\Users\Chad\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-21 11:59 - 2012-01-30 01:10 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-07-21 11:58 - 2012-01-30 01:10 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-07-21 11:58 - 2012-01-30 01:10 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-21 11:58 - 2012-01-29 23:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-21 11:52 - 2012-05-10 09:58 - 00000000 ____D () C:\Users\Chad\AppData\Local\Spotify
2014-07-12 16:16 - 2012-06-12 20:46 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Audacity
2014-07-11 17:06 - 2013-12-14 00:06 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-11 17:06 - 2012-04-11 14:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-11 17:06 - 2012-01-29 23:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-11 16:10 - 2013-08-25 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-11 16:02 - 2013-12-09 20:03 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-11 16:02 - 2013-12-09 20:03 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-03 14:12 - 2014-05-16 16:13 - 00000000 ____D () C:\ProgramData\HP
2014-07-03 02:15 - 2014-07-03 02:14 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-03 01:09 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-03 00:43 - 2013-05-05 15:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-02 22:36 - 2014-07-02 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-02 22:36 - 2014-07-02 22:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-02 22:36 - 2012-02-23 20:13 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-02 22:36 - 2012-02-23 20:13 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Malwarebytes
2014-07-02 22:36 - 2012-02-23 20:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 22:36 - 2012-02-23 20:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-01 14:46 - 2014-05-16 09:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-28 18:17
 
==================== End Of Log ============================


#7 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:25 AM

Posted 29 July 2014 - 04:03 PM

Hi Wuffle-waffle

Before we start, can you confirm if this machine is a business machine? If it is do you have an IT Dept? Do you have permission to fix the machine?

Also I would like to see what Combofix has removed. Please paste the contents of C:\Qoobox\ComboFix-quarantined-files.txt in your next reply


“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#8 wuffle-waffle

wuffle-waffle
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 29 July 2014 - 06:26 PM

2014-07-24 21:12:14 . 2014-07-24 21:12:14          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wxmsw294u_html_vc90.dll.vir
2014-07-24 21:12:14 . 2014-07-24 21:12:14           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wxmsw294u_webview_vc90.dll.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wxbase294u_net_vc90.dll.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wxmsw294u_adv_vc90.dll.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wxmsw294u_core_vc90.dll.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wxbase294u_vc90.dll.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13        2,449,920 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\python27.dll.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13            7,168 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\hashobjs_ext.pyd.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13           27,136 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\_multiprocessing.pyd.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wx._gdi_.pyd.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\PyWinTypes27.dll.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13        1,160,704 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\_ssl.pyd.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13          713,216 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\_hashlib.pyd.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wx._windows_.pyd.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wx._html2.pyd.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32pdh.pyd.vir
2014-07-24 21:12:13 . 2014-07-24 21:12:13           24,064 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32pipe.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wx._controls_.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\unicodedata.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\select.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32event.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32inet.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\pyexpat.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32profile.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32security.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32file.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12          525,640 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\windows._lib_cacheinvalidation.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12          167,936 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32gui.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12           87,552 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\_ctypes.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\_elementtree.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32api.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12           45,568 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\_socket.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\pysqlite2._sqlite.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32com.shell.shell.pyd.vir
2014-07-24 21:12:12 . 2014-07-24 21:12:12           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32ts.pyd.vir
2014-07-24 21:12:11 . 2014-07-24 21:12:11        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wx._core_.pyd.vir
2014-07-24 21:12:11 . 2014-07-24 21:12:11          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\pythoncom27.dll.vir
2014-07-24 21:12:11 . 2014-07-24 21:12:11           78,336 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wx._animate.pyd.vir
2014-07-24 21:12:11 . 2014-07-24 21:12:11          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wx._misc_.pyd.vir
2014-07-24 21:12:11 . 2014-07-24 21:12:11           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32crypt.pyd.vir
2014-07-24 21:12:11 . 2014-07-24 21:12:11          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\wx._wizard.pyd.vir
2014-07-24 21:12:11 . 2014-07-24 21:12:11           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI31562\win32process.pyd.vir
2014-07-03 08:13:50 . 2014-07-03 08:13:50          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wxmsw294u_html_vc90.dll.vir
2014-07-03 08:13:50 . 2014-07-03 08:13:50           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wxmsw294u_webview_vc90.dll.vir
2014-07-03 08:13:50 . 2014-07-03 08:13:50          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wxbase294u_net_vc90.dll.vir
2014-07-03 08:13:50 . 2014-07-03 08:13:50        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wxmsw294u_adv_vc90.dll.vir
2014-07-03 08:13:50 . 2014-07-03 08:13:50        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wxmsw294u_core_vc90.dll.vir
2014-07-03 08:13:50 . 2014-07-03 08:13:50        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wxbase294u_vc90.dll.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:50        2,449,920 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\python27.dll.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:49            7,168 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\hashobjs_ext.pyd.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:49           27,136 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\_multiprocessing.pyd.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:49          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wx._gdi_.pyd.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:49          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\PyWinTypes27.dll.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:49        1,160,704 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\_ssl.pyd.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:49          713,216 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\_hashlib.pyd.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:49          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wx._windows_.pyd.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:49           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wx._html2.pyd.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:49           24,064 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32pipe.pyd.vir
2014-07-03 08:13:49 . 2014-07-03 08:13:49           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32pdh.pyd.vir
2014-07-03 08:13:48 . 2014-07-03 08:13:48        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wx._controls_.pyd.vir
2014-07-03 08:13:48 . 2014-07-03 08:13:48          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\unicodedata.pyd.vir
2014-07-03 08:13:48 . 2014-07-03 08:13:48           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\select.pyd.vir
2014-07-03 08:13:48 . 2014-07-03 08:13:48           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32event.pyd.vir
2014-07-03 08:13:48 . 2014-07-03 08:13:48           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32inet.pyd.vir
2014-07-03 08:13:48 . 2014-07-03 08:13:48          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\pyexpat.pyd.vir
2014-07-03 08:13:48 . 2014-07-03 08:13:48           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32profile.pyd.vir
2014-07-03 08:13:48 . 2014-07-03 08:13:48          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32security.pyd.vir
2014-07-03 08:13:48 . 2014-07-03 08:13:48          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32file.pyd.vir
2014-07-03 08:13:48 . 2014-07-03 08:13:48          525,640 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\windows._lib_cacheinvalidation.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47          167,936 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32gui.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47           87,552 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\_ctypes.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\_elementtree.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47           45,568 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\_socket.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32api.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\pysqlite2._sqlite.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32com.shell.shell.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32ts.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wx._core_.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\pythoncom27.dll.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47           78,336 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wx._animate.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wx._misc_.pyd.vir
2014-07-03 08:13:47 . 2014-07-03 08:13:47           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32crypt.pyd.vir
2014-07-03 08:13:46 . 2014-07-03 08:13:46          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\wx._wizard.pyd.vir
2014-07-03 08:13:46 . 2014-07-03 08:13:46           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI49322\win32process.pyd.vir
2014-05-20 16:00:16 . 2014-05-20 16:00:16        2,957,292 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Microsoft\Windows\Temporary Internet Files\{6FDECA39-EF78-4D55-9CC5-E5D86FA5DE13}.xps.vir
2014-05-20 15:59:27 . 2014-05-20 15:59:27        2,957,292 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Microsoft\Windows\Temporary Internet Files\{98761FD1-9740-4FF2-872E-82A96D81C14A}.xps.vir
2014-05-20 15:58:20 . 2014-05-20 15:58:20        2,957,292 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Microsoft\Windows\Temporary Internet Files\{E203644A-A334-4DE4-9F6B-BE24336AFEF9}.xps.vir
2014-05-20 15:53:29 . 2014-05-20 15:53:29        2,957,292 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Microsoft\Windows\Temporary Internet Files\{0ED797F2-4AF7-4779-BCD4-F9FCDC51E95F}.xps.vir
2014-05-20 15:52:19 . 2014-05-20 15:52:19        2,957,292 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Microsoft\Windows\Temporary Internet Files\{8A5C85A6-6580-4D55-9EA6-A111252D9221}.xps.vir
2014-05-20 15:50:46 . 2014-05-20 15:50:46        2,957,292 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FA5A56F9-C468-4A83-A6AA-99E2BFB7345C}.xps.vir
2014-04-30 15:59:41 . 2014-04-30 15:59:41            2,116 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_vpnagent.reg.dat
2014-04-30 15:18:26 . 2014-04-30 15:18:26          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wxmsw294u_html_vc90.dll.vir
2014-04-30 15:18:26 . 2014-04-30 15:18:26           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wxmsw294u_webview_vc90.dll.vir
2014-04-30 15:18:26 . 2014-04-30 15:18:26          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wxbase294u_net_vc90.dll.vir
2014-04-30 15:18:26 . 2014-04-30 15:18:26        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wxmsw294u_adv_vc90.dll.vir
2014-04-30 15:18:25 . 2014-04-30 15:18:25        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wxmsw294u_core_vc90.dll.vir
2014-04-30 15:18:25 . 2014-04-30 15:18:25        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wxbase294u_vc90.dll.vir
2014-04-30 15:18:25 . 2014-04-30 15:18:25        2,449,920 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\python27.dll.vir
2014-04-30 15:18:25 . 2014-04-30 15:18:25           27,136 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\_multiprocessing.pyd.vir
2014-04-30 15:18:25 . 2014-04-30 15:18:25          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wx._gdi_.pyd.vir
2014-04-30 15:18:25 . 2014-04-30 15:18:25          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\PyWinTypes27.dll.vir
2014-04-30 15:18:25 . 2014-04-30 15:18:25        1,159,680 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\_ssl.pyd.vir
2014-04-30 15:18:25 . 2014-04-30 15:18:25          713,216 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\_hashlib.pyd.vir
2014-04-30 15:18:25 . 2014-04-30 15:18:25          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wx._windows_.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wx._html2.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24           24,064 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32pipe.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32pdh.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32process.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32inet.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wx._controls_.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\unicodedata.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\select.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32event.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\pyexpat.pyd.vir
2014-04-30 15:18:24 . 2014-04-30 15:18:24           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32profile.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:24          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32security.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32file.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23          525,640 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\windows._lib_cacheinvalidation.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23          167,936 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32gui.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23           87,552 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\_ctypes.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\_elementtree.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23           45,568 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\_socket.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\pysqlite2._sqlite.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32api.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32com.shell.shell.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32ts.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wx._core_.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\pythoncom27.dll.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23           78,336 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wx._animate.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wx._misc_.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\win32crypt.pyd.vir
2014-04-30 15:18:23 . 2014-04-30 15:18:23          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI30962\wx._wizard.pyd.vir
2014-04-16 04:35:40 . 2014-04-16 04:35:40              173 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Toolbar-Locked.reg.dat
2014-04-16 04:32:58 . 2014-07-25 13:21:53              104 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-Toolbar-Locked.reg.dat
2014-04-16 03:42:11 . 2014-04-16 03:42:11          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wxmsw294u_html_vc90.dll.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wxmsw294u_webview_vc90.dll.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wxbase294u_net_vc90.dll.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wxmsw294u_adv_vc90.dll.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wxmsw294u_core_vc90.dll.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wxbase294u_vc90.dll.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11        2,436,608 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\python27.dll.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11           26,624 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\_multiprocessing.pyd.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\PyWinTypes27.dll.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wx._gdi_.pyd.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11        1,157,120 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\_ssl.pyd.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wx._windows_.pyd.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11          712,192 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\_hashlib.pyd.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wx._html2.pyd.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11           24,064 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32pipe.pyd.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32process.pyd.vir
2014-04-16 03:42:11 . 2014-04-16 03:42:11           87,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\_ctypes.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32inet.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32pdh.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wx._controls_.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\select.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\unicodedata.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32event.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\pyexpat.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32profile.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32file.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32security.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          525,640 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\windows._lib_cacheinvalidation.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\_elementtree.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\pysqlite2._sqlite.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32api.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32com.shell.shell.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10           44,032 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\_socket.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32ts.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wx._core_.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\pythoncom27.dll.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wx._misc_.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\win32crypt.pyd.vir
2014-04-16 03:42:10 . 2014-04-16 03:42:10          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI36202\wx._wizard.pyd.vir
2014-03-23 11:48:52 . 2014-03-23 11:48:52                0 ----a-w-  C:\Qoobox\Quarantine\C\Windows\SysWOW64\DEBUG.log.vir
2014-02-28 11:59:02 . 2014-02-28 11:59:06               85 ----a-w-  C:\Qoobox\Quarantine\C\Windows\wininit.ini.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wxmsw294u_html_vc90.dll.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wxmsw294u_webview_vc90.dll.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wxbase294u_net_vc90.dll.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wxmsw294u_adv_vc90.dll.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wxmsw294u_core_vc90.dll.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wxbase294u_vc90.dll.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59        2,436,608 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\python27.dll.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           26,624 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\_multiprocessing.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wx._gdi_.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\PyWinTypes27.dll.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59        1,157,120 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\_ssl.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wx._windows_.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          712,192 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\_hashlib.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           24,064 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32pipe.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32process.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wx._html2.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           87,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\_ctypes.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32inet.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32pdh.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\unicodedata.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wx._controls_.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\select.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32event.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\pyexpat.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32profile.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32security.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32file.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          525,640 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\windows._lib_cacheinvalidation.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\_elementtree.pyd.vir
2014-02-28 11:09:59 . 2014-02-28 11:09:59           44,032 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\_socket.pyd.vir
2014-02-28 11:09:58 . 2014-02-28 11:09:58           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32api.pyd.vir
2014-02-28 11:09:58 . 2014-02-28 11:09:58          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\pysqlite2._sqlite.pyd.vir
2014-02-28 11:09:58 . 2014-02-28 11:09:58          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32com.shell.shell.pyd.vir
2014-02-28 11:09:58 . 2014-02-28 11:09:58           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32ts.pyd.vir
2014-02-28 11:09:58 . 2014-02-28 11:09:58        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wx._core_.pyd.vir
2014-02-28 11:09:58 . 2014-02-28 11:09:58          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\pythoncom27.dll.vir
2014-02-28 11:09:58 . 2014-02-28 11:09:58           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\win32crypt.pyd.vir
2014-02-28 11:09:58 . 2014-02-28 11:09:58          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wx._misc_.pyd.vir
2014-02-28 11:09:58 . 2014-02-28 11:09:58          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38282\wx._wizard.pyd.vir
2014-02-25 18:09:47 . 2014-02-25 18:09:47            2,288 ----a-w-  C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wxmsw294u_html_vc90.dll.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wxmsw294u_webview_vc90.dll.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wxbase294u_net_vc90.dll.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wxmsw294u_adv_vc90.dll.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wxmsw294u_core_vc90.dll.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wxbase294u_vc90.dll.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58        2,436,608 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\python27.dll.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\PyWinTypes27.dll.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wx._gdi_.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           26,624 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\_multiprocessing.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58        1,157,120 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\_ssl.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wx._windows_.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          712,192 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\_hashlib.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32inet.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32pdh.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           24,064 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32pipe.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32process.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wx._controls_.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wx._html2.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           87,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\_ctypes.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\select.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\unicodedata.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32event.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\pyexpat.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32file.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32profile.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32security.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          525,640 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\windows._lib_cacheinvalidation.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\_elementtree.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\pysqlite2._sqlite.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32api.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32com.shell.shell.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32ts.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wx._core_.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           44,032 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\_socket.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\pythoncom27.dll.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\win32crypt.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wx._misc_.pyd.vir
2014-02-25 17:48:58 . 2014-02-25 17:48:58          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI39602\wx._wizard.pyd.vir
2013-12-16 08:13:22 . 2013-12-16 08:13:22              176 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKCU-Run-FixMyRegistry.reg.dat
2013-12-15 04:06:20 . 2013-12-15 04:06:20          421,200 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\msvcp100.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          773,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\msvcr100.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wxmsw294u_webview_vc90.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wxbase294u_net_vc90.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wxmsw294u_html_vc90.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wxmsw294u_adv_vc90.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wxmsw294u_core_vc90.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wxbase294u_vc90.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20        2,436,608 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\python27.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\_elementtree.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           44,032 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\_socket.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32api.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32ts.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\pysqlite2._sqlite.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           26,624 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\_multiprocessing.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32com.shell.shell.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wx._html2.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32crypt.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wx._gdi_.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          504,832 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\windows._cacheinvalidation.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32profile.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           87,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\_ctypes.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\pythoncom27.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wx._misc_.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\PyWinTypes27.dll.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32security.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wx._core_.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20        1,153,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\_ssl.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32pdh.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32process.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          711,680 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\_hashlib.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wx._windows_.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wx._wizard.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32file.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32inet.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\wx._controls_.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\win32event.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\pyexpat.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\unicodedata.pyd.vir
2013-12-15 04:06:20 . 2013-12-15 04:06:20           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16042\select.pyd.vir
2013-11-30 00:45:48 . 2013-11-30 00:45:48          421,200 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\msvcp100.dll.vir
2013-11-30 00:45:48 . 2013-11-30 00:45:48          773,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\msvcr100.dll.vir
2013-11-30 00:45:48 . 2013-11-30 00:45:48           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wxmsw294u_webview_vc90.dll.vir
2013-11-30 00:45:48 . 2013-11-30 00:45:48          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wxbase294u_net_vc90.dll.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wxmsw294u_html_vc90.dll.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wxmsw294u_adv_vc90.dll.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wxmsw294u_core_vc90.dll.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wxbase294u_vc90.dll.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47        2,436,608 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\python27.dll.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\_elementtree.pyd.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47           44,032 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\_socket.pyd.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32api.pyd.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32ts.pyd.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\pysqlite2._sqlite.pyd.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47           26,624 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\_multiprocessing.pyd.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32com.shell.shell.pyd.vir
2013-11-30 00:45:47 . 2013-11-30 00:45:47           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wx._html2.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32crypt.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wx._gdi_.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46          504,832 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\windows._cacheinvalidation.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32profile.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46           87,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\_ctypes.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\pythoncom27.dll.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wx._misc_.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\PyWinTypes27.dll.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32security.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wx._core_.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46        1,153,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\_ssl.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32pdh.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32process.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46          711,680 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\_hashlib.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wx._windows_.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wx._wizard.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32file.pyd.vir
2013-11-30 00:45:46 . 2013-11-30 00:45:46           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32inet.pyd.vir
2013-11-30 00:45:45 . 2013-11-30 00:45:45        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\wx._controls_.pyd.vir
2013-11-30 00:45:45 . 2013-11-30 00:45:45           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\win32event.pyd.vir
2013-11-30 00:45:45 . 2013-11-30 00:45:45          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\pyexpat.pyd.vir
2013-11-30 00:45:45 . 2013-11-30 00:45:45          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\unicodedata.pyd.vir
2013-11-30 00:45:45 . 2013-11-30 00:45:45           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI37562\select.pyd.vir
2013-11-22 02:58:26 . 2013-11-22 02:58:26            1,028 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\AddRemove-8461-7759-5462-8226.reg.dat
2013-11-21 10:29:27 . 2013-11-21 10:29:27          421,200 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\msvcp100.dll.vir
2013-11-21 10:29:27 . 2013-11-21 10:29:27          773,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\msvcr100.dll.vir
2013-11-21 10:29:27 . 2013-11-21 10:29:27           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wxmsw294u_webview_vc90.dll.vir
2013-11-21 10:29:27 . 2013-11-21 10:29:27          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wxbase294u_net_vc90.dll.vir
2013-11-21 10:29:27 . 2013-11-21 10:29:27          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wxmsw294u_html_vc90.dll.vir
2013-11-21 10:29:27 . 2013-11-21 10:29:27        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wxmsw294u_adv_vc90.dll.vir
2013-11-21 10:29:27 . 2013-11-21 10:29:27        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wxmsw294u_core_vc90.dll.vir
2013-11-21 10:29:27 . 2013-11-21 10:29:27        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wxbase294u_vc90.dll.vir
2013-11-21 10:29:27 . 2013-11-21 10:29:27        2,436,608 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\python27.dll.vir
2013-11-21 10:29:27 . 2013-11-21 10:29:27          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\_elementtree.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26           44,032 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\_socket.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32api.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32ts.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\pysqlite2._sqlite.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26           26,624 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\_multiprocessing.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32com.shell.shell.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wx._html2.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32crypt.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wx._gdi_.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26          504,832 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\windows._cacheinvalidation.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32profile.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26           87,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\_ctypes.pyd.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\pythoncom27.dll.vir
2013-11-21 10:29:26 . 2013-11-21 10:29:26          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wx._misc_.pyd.vir
2013-11-21 10:29:25 . 2013-11-21 10:29:25          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\PyWinTypes27.dll.vir
2013-11-21 10:29:25 . 2013-11-21 10:29:25          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32security.pyd.vir
2013-11-21 10:29:25 . 2013-11-21 10:29:25        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wx._core_.pyd.vir
2013-11-21 10:29:25 . 2013-11-21 10:29:25        1,153,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\_ssl.pyd.vir
2013-11-21 10:29:25 . 2013-11-21 10:29:25           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32pdh.pyd.vir
2013-11-21 10:29:25 . 2013-11-21 10:29:25           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32process.pyd.vir
2013-11-21 10:29:25 . 2013-11-21 10:29:25          711,680 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\_hashlib.pyd.vir
2013-11-21 10:29:25 . 2013-11-21 10:29:25          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wx._windows_.pyd.vir
2013-11-21 10:29:25 . 2013-11-21 10:29:25          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wx._wizard.pyd.vir
2013-11-21 10:29:25 . 2013-11-21 10:29:25          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32file.pyd.vir
2013-11-21 10:29:24 . 2013-11-21 10:29:24           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32inet.pyd.vir
2013-11-21 10:29:24 . 2013-11-21 10:29:24        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\wx._controls_.pyd.vir
2013-11-21 10:29:24 . 2013-11-21 10:29:24           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\win32event.pyd.vir
2013-11-21 10:29:24 . 2013-11-21 10:29:24          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\pyexpat.pyd.vir
2013-11-21 10:29:24 . 2013-11-21 10:29:24          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\unicodedata.pyd.vir
2013-11-21 10:29:24 . 2013-11-21 10:29:24           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI16842\select.pyd.vir
2013-11-06 10:21:08 . 2013-11-06 10:21:08          421,200 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\msvcp100.dll.vir
2013-11-06 10:21:08 . 2013-11-06 10:21:08          773,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\msvcr100.dll.vir
2013-11-06 10:21:08 . 2013-11-06 10:21:08          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wxbase294u_net_vc90.dll.vir
2013-11-06 10:21:08 . 2013-11-06 10:21:08           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wxmsw294u_webview_vc90.dll.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wxmsw294u_html_vc90.dll.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wxmsw294u_adv_vc90.dll.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wxmsw294u_core_vc90.dll.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07        2,436,608 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\python27.dll.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wxbase294u_vc90.dll.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\_elementtree.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32api.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32ts.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07           44,032 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\_socket.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\pysqlite2._sqlite.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07           26,624 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\_multiprocessing.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32com.shell.shell.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wx._html2.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32crypt.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wx._gdi_.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07          504,832 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\windows._cacheinvalidation.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32profile.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\pythoncom27.dll.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07           87,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\_ctypes.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wx._misc_.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\PyWinTypes27.dll.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32security.pyd.vir
2013-11-06 10:21:07 . 2013-11-06 10:21:07        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wx._core_.pyd.vir
2013-11-06 10:21:06 . 2013-11-06 10:21:06        1,153,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\_ssl.pyd.vir
2013-11-06 10:21:06 . 2013-11-06 10:21:06           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32pdh.pyd.vir
2013-11-06 10:21:06 . 2013-11-06 10:21:06           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32process.pyd.vir
2013-11-06 10:21:06 . 2013-11-06 10:21:06          711,680 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\_hashlib.pyd.vir
2013-11-06 10:21:06 . 2013-11-06 10:21:06          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wx._windows_.pyd.vir
2013-11-06 10:21:06 . 2013-11-06 10:21:06          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wx._wizard.pyd.vir
2013-11-06 10:21:06 . 2013-11-06 10:21:06          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32file.pyd.vir
2013-11-06 10:21:04 . 2013-11-06 10:21:04           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32inet.pyd.vir
2013-11-06 10:21:04 . 2013-11-06 10:21:04        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\wx._controls_.pyd.vir
2013-11-06 10:21:04 . 2013-11-06 10:21:04           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\win32event.pyd.vir
2013-11-06 10:21:04 . 2013-11-06 10:21:04          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\pyexpat.pyd.vir
2013-11-06 10:21:04 . 2013-11-06 10:21:04          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\unicodedata.pyd.vir
2013-11-06 10:21:03 . 2013-11-06 10:21:03           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI14042\select.pyd.vir
2013-10-24 13:35:17 . 2013-10-24 13:35:17              110 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Roaming\Microsoft\Windows\Recent\Readme.url.vir
2013-10-18 11:15:59 . 2013-10-18 11:15:59              512 ----a-w-  C:\Qoobox\Quarantine\MBR_HardDisk0.mbr
2013-10-18 10:57:41 . 2013-11-19 22:31:50        1,056,768 ----a-w-  C:\Qoobox\Quarantine\C\Windows\security\database\tmp.edb.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          421,200 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\msvcp100.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          773,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\msvcr100.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31           91,648 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wxmsw294u_webview_vc90.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          154,112 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wxbase294u_net_vc90.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          595,968 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wxmsw294u_html_vc90.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31        1,234,944 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wxmsw294u_adv_vc90.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31        4,598,272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wxmsw294u_core_vc90.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31        1,985,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wxbase294u_vc90.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31        2,436,608 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\python27.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          128,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\_elementtree.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31           44,032 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\_socket.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31           98,816 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32api.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31           22,528 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32ts.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          557,056 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\pysqlite2._sqlite.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31           26,624 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\_multiprocessing.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          320,512 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32com.shell.shell.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31           70,656 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wx._html2.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31           11,264 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32crypt.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          805,888 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wx._gdi_.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          504,832 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\windows._cacheinvalidation.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31           17,408 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32profile.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31           87,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\_ctypes.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          364,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\pythoncom27.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          735,232 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wx._misc_.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          110,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\PyWinTypes27.dll.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31          108,544 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32security.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31        1,175,040 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wx._core_.pyd.vir
2013-10-18 10:48:31 . 2013-10-18 10:48:31        1,153,024 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\_ssl.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30           25,600 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32pdh.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30           35,840 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32process.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30          711,680 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\_hashlib.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30          811,008 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wx._windows_.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30          122,368 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wx._wizard.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30          119,808 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32file.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30           38,912 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32inet.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30        1,062,400 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\wx._controls_.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30          127,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\pyexpat.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30           10,240 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\select.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30          686,080 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\unicodedata.pyd.vir
2013-10-18 10:48:30 . 2013-10-18 10:48:30           18,432 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Local\Temp\_MEI38563\win32event.pyd.vir
2013-06-11 22:36:58 . 2013-06-11 22:36:58              221 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\AppData\Roaming\Microsoft\Windows\Recent\Call of Duty Modern Warfare 3 - Multiplayer.url.vir
2013-02-09 02:28:28 . 2012-12-29 10:34:47       12,641,120 ----a-w-  C:\Qoobox\Quarantine\C\Windows\SysWOW64\SETD1D4.tmp.vir
2013-02-09 02:28:28 . 2012-12-29 10:34:47       15,129,064 ----a-w-  C:\Qoobox\Quarantine\C\Windows\SysWOW64\SETC713.tmp.vir
2013-02-09 02:28:28 . 2012-12-29 10:34:47        2,504,248 ----a-w-  C:\Qoobox\Quarantine\C\Windows\SysWOW64\SETBEE3.tmp.vir
2012-12-14 13:33:18 . 2012-12-14 13:33:18           68,096 ----a-w-  C:\Qoobox\Quarantine\C\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe.vir
2012-10-10 21:32:48 . 2012-10-10 21:32:49           13,339 ----a-w-  C:\Qoobox\Quarantine\C\Users\Chad\Documents\~WRL0003.tmp.vir
2012-10-08 19:58:43 . 2012-10-08 19:58:43               97 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKCU-Run-AdobeBridge.reg.dat
2012-06-25 00:22:47 . 2012-06-25 00:22:47              178 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-Freecorder FLV Service.reg.dat
2012-06-25 00:22:44 . 2012-06-25 00:22:44              118 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-URLSearchHooks-{1392b8d2-5c05-419f-a8f6-b9f15a596612}.reg.dat
2012-04-11 21:02:25 . 2013-10-09 05:06:39          692,616 ----a-w-  C:\Qoobox\Quarantine\C\Windows\SysWOW64\FlashPlayerApp.exe.vir
2012-02-24 03:11:38 . 2012-02-24 03:11:38              112 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-Driver Genius.reg.dat
2012-02-24 03:07:16 . 2014-07-25 12:55:05           14,929 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2012-02-24 03:03:42 . 2014-07-25 12:44:55            1,173 ----a-w-  C:\Qoobox\Quarantine\catchme.log
2011-07-31 06:51:08 . 2011-07-31 06:51:08           65,536 ----a-w-  C:\Qoobox\Quarantine\C\Windows\SysWOW64\frapsvid.dll.vir


#9 wuffle-waffle

wuffle-waffle
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 30 July 2014 - 01:42 PM

I have permission to fix the machine and it's my personal machine.



#10 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:25 AM

Posted 31 July 2014 - 09:45 AM

Hello wuffle-waffle


You are missing one important program on that computer: An antivirus.
This is somewhat suicidal in today's digital world.
You need to install an antivirus program as soon as you can and run a complete scan of the computer:

Install one of these, update the definitions and then run a full scan. Let it quarantine/delete anything it finds. Let me know if there is anything that it reports but can not remove.

Note*:
Upon installation MS Security Essentials will check that your OS is a legal copy.

Step 1

We need to disable VirtualCloneDrive as it has been known to affect the tools we are going to use.

Please download Defogger and save it to your Desktop.

  • Double click Defogger.exe to run the program.
    Note Windows Vista /7 should right click and Run As Administrator
  • Click on Disable and then Yes. The Scan may take a while to complete
  • When this has completed you will get a new window open with the Finished box, click Continue and Close Defogger Down

Step 2


Open notepad. Please copy the contents of the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it on the Desktop as fixlist.txt



SearchScopes: HKLM-x32 - DefaultScope value is missing.
S3 ALSysIO; \??\C:\Users\Chad\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2014-07-28 15:12 - 2014-07-28 15:12 - 00098816 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32api.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00110080 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\pywintypes27.dll
2014-07-28 15:12 - 2014-07-28 15:12 - 00364544 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\pythoncom27.dll
2014-07-28 15:12 - 2014-07-28 15:12 - 00045568 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_socket.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 01160704 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_ssl.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00320512 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32com.shell.shell.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00713216 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_hashlib.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 01175040 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._core_.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00805888 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._gdi_.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00811008 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._windows_.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 01062400 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._controls_.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00735232 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._misc_.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00128512 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_elementtree.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00127488 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\pyexpat.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00557056 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\pysqlite2._sqlite.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00007168 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\hashobjs_ext.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00087552 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_ctypes.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00119808 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32file.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00108544 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32security.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00018432 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32event.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00038912 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32inet.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00070656 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._html2.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00167936 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32gui.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00011264 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32crypt.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00027136 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\_multiprocessing.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00122368 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._wizard.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00010240 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\select.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00024064 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32pipe.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00686080 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\unicodedata.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00025600 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32pdh.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00525640 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\windows._lib_cacheinvalidation.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00035840 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32process.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00017408 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32profile.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00022528 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\win32ts.pyd
2014-07-28 15:12 - 2014-07-28 15:12 - 00078336 _____ () C:\Users\Chad\AppData\Local\Temp\_MEI43322\wx._animate.pyd
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the desktop (Fixlog.txt) please post it to your reply.

Step 3

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:

  • Download the latest version of Java Runtime Environment (JRE) 8 Update 11 and save it to your desktop.
  • Scroll down to where it says "Java SE 8 Update 11".
  • Click the "Download JRE" button.
  • Accept the license agreement.
  • select 'Windows x86'offline or 'Windows x64.exe' (depending on whether you are running a 32 or 64 bit system) from the list.
  • Save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
    Java 7 Update 51
    Java 7 Update 55
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on downloaded icon to install the newest version.

Step 4

Please download the Kaspersky Virus Removal Tool from Hereand save it to your Desktop

  • Double-click the Removal Tool.
  • Click the cog in the upper right corner:
    AVPfront.gif
  • Select down to and including your main drive.
  • Once done please select the Automatic Scan tab and press Start Scan.
  • Allow AVP to delete all infections found.
  • Once it has finished select the Report tab.
  • Select the Detected threats report from the left and press the Save button.
  • Save it to your Desktop and post the contents in your next reply.

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#11 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:25 AM

Posted 02 August 2014 - 06:30 PM

wuffle-waffle  are you still with us ? 


“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:25 AM

Posted 04 August 2014 - 08:34 PM

Due to the lack of feedback/inactivity, this Topic is closed. Should you need it reopened, please contact a Forum Moderator or member of the Malware Response Team. Include the address of this thread in your request. If you have a new issue, please start a New Topic. This applies only to the original poster. Everyone else please begin a New Topic.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users