Jump to content

CdnGhost

Members
  • Content Count

    10
  • Joined

  • Last visited

About CdnGhost

  • Rank
    Member

Profile Information

  • Gender
    Male
  1. CdnGhost

    SAS can get infected, too

    I've just spent the last four hours scanning selective files on D drive and believe I've found the problem. You were quite correct in your assessment; the problem wasn't an infection of SAS. I've also purchased a Lifetime version of SAS Pro. Now all I have to do is figure out how to configure SAS to ignore any file which begins with "Xandros". Xandros is my Master O/S while Windows XP Pro only thinks it's the Master because it can't "see" Xandros. Xandros (a Linux-based system), however, "sees" everything. My thanks to you and your patience with me.
  2. CdnGhost

    SAS can get infected, too

    Yes, however the following may or may not be germane. On May 7, 2009 I purchased SUPERAnti-Spyware Professional as I had had the wherewithall at that time to do so. What I hadn't known (then) was that only the automatic updating process had to be renewed each year. Is this correct? If it is, then by simply entering my registration code I should regain SAS Pro but without the automatic update feature. Would that account for the phantom SAS in my system tray?
  3. CdnGhost

    SAS can get infected, too

    My apologies, sir, but I don't know what information you require. What I do know is that when I instructed SAS to scan my "D" drive, a panel appeared instructing me that SAS had encountered a problem and needed to file a report. As a means of notifying me of the results of the contents of the report I was asked to supply my email address (which I did) and click "Submit Report". That panel then vanished only to be replaced with a second, smaller, panel asking me if I wished to contiue or terminate the scan. Having encountered these two panels before I know that it makes no difference whether you click "Yes" or "No", SAS terminates the scan and its icon vanishes from the system tray. Would it be helpful to you were I to make edited screenshots of these two panels? I have since then run complete CHKDSK's of both of my data drives and both drives have come up clean, i.e., no *.CHK files were created nor is any data missing. Further, defragmentation of either drive is neither required nor recommended by Windows. My objective is to burn to DVD the contents of both drives. Thus far, however, though I have conducted all of the recommended tasks, I am still unable to do so.
  4. CdnGhost

    SAS can get infected, too

    Because for each of the copies, an earlier date appeared when I moused over each of the system tray icons. Further, neither Malwarebytes Anti-Malware (Full Scan of all drives) nor Avast! 5.0 (Full Scan of all drives) had found anything amiss. Today, I re-installed SAS and attempted to run a full scan of all drives. The only drive to be cleared of infection was my Windows O/S drive. My two Data Drives, which contain only data, stopped SAS in its tracks. What would you suggest?
  5. CdnGhost

    SAS can get infected, too

    Adware tracking cookies anyone can live with but when SAS itself becomes infected, it kind of trips your safeties. For weeks SAS has been updating itself with the fingerprints of Trojans and Rootkits, twice a day, every day, and it simply never occurred to me that SAS could become infected by those items it didn't know about ... yet. Last night, however, SAS became infected with a Trojan and merrily began reproducing itself. After 4 versions showed up down in my system tray, I had just enough presence of mind left to completely remove SAS from my system. Currently, I'm running Malwarebyte's Anti-Malware as a replacement for the major infections and ATF Cleaner for TIF's, Temps and Cookies. In a few days, assuming no one else has this problem, I'll reinstall SAS. If nothing else, it's faster. My last installation of Windows XP Professional OEM SP3 ran perfectly for over three years but, because I was rushed and didn't do a complete scan of my system, it was removed from existance on April 30, 2010. The installation I'm running now isn't quite as good as the first was, largely because I was STUPID enough to not make a copy of the 2nd Edition of Microsoft Windows XP Professional OEM SP4 (in 64-bit), and am now tweaking a 1st Edition of Microsoft Windows XP Professional OEM SP4 (in 64-bit). As the late Robert Anson Heinlein so adroitly put the matter, "Live and learn, or you don't live long." The thought applies equally well to life in general as it does to computers.
  6. CdnGhost

    SAS Pro Found 717 Threats

    Regretably, even if I had restored everything that was quarantined, it wouldn't have made a particle of difference. Upon running my hard drive diagnostic tool, I discovered a small, but very effective, rootkit inside System Volume Information. The purpose of the rootkit (aptly named "gotcha.exe") was to erase the contents of the eight logs which constitute System Volume Information. Which, of course, it had already done. Without Windows' foundation, there isn't anything to restore ... no matter how far back you might choose to go. Oh well, prior to erasing the contents of that 30GB NTFS partition, I'll transfer: my Desktop, my Software File and those few Purchased Games I've had for years to a removable 4GB hard drive. Not that I'll be able to re-install any of them, but that by doing so it will save me the bother of writing everything down. What I find particularly annoying, though, is that I had had a perfectly good OEM System Disk for Windows XP Professional c/w SP3 which had an unlimited number of installs available and was not copyright-protected. The annoying part of it is that while I have a Builder of Computers License, issued to me by Microsoft in November 2007, I didn't make a back-up copy of the disk. Two weeks ago, the disk was stolen. Whomever has the disk now won't be able to use it as it has no key. And, so far as I know, there are only four holders of a B.o.C. in all of Ontario. Rats! Now it's going to cost me another $159 USD to purchase another copy.
  7. CdnGhost

    SAS Pro Found 717 Threats

    Nevermind. I've just looked through Windows Program Files and, while SAS's file is still there, nothing else is. Hindsight is indeed 20/20. Via Xandros (my Master OS) I could have looked through my SAS Pro Program File at any time and likely rescued that quarantined file and stored it on Xandros. C'est la vie. My only option now would seem to be re-entering Windows, deleting the SAS file in Program Files and re-attempting to download and install SAS. Agreed?
  8. CdnGhost

    SAS Pro Found 717 Threats

    Unfortunately, SAS Pro refused me access to the logs. In all likelihood, all I have now of those quarantined items is the logfile. At that point I was promptly booted out of Windows. Being the stubborn Canadian I am, however, I attempted to re-enter Windows and was successful. At the end of the uninstall there was a query box about (I think) whether or not I wished to save the logfiles. As time was running out fast and my nerves were already shot, I instinctively clicked "Yes". If the query was whether or not I didn't, I've dumped them. You wouldn't happen to know what that box actually said, would you? Though the download was successful, running it wasn't. I was informed that the download was corrupt. At this point neither SAS.exe nor SASPro.exe exist on any of my hard drives.
  9. CdnGhost

    SAS Pro Found 717 Threats

    As all of those items are still in quarantine in the existing SAS, would it help, at all, if they were released from quarantine and then fully uninstall SAS V4.35.1002? At the moment, Windows will only allow me in for about 8 minutes before it crashes and I am forced to retreat to my Master OS. Releasing those items from quarantine and uninstalling SAS can be done in under 8 minutes ... assuming Windows will allow me to get into my Control Panel.
  10. CdnGhost

    SAS Pro Found 717 Threats

    On April 24th I received the following error, "BIOS ROM checksum error" which, to me, indicated that my mother board had just failed. The following day I carefully disassembled my computer and removed the fried mother board. Fortunately I had a slightly different new mother board from the same manufacturer and thus reassembled my computer using the new board (for those who are curious, I had had an MSI 6390 [now dead] which I replaced with an MSI 6390-L). As my forte is software not hardware, the task took me the entire day. Also, prior to reassembling the computer, I used Western Digital's Hard Drive Diagnostic Tool on each of the hard drives to ensure that the drives themselves were not at fault. After carefully bringing back online all three IDE hard drives, as well as my HP DVD Writer, I noticed that there appeared to be a few small errors. After running full scans of both MBAM and Avast! (both of which came up clean) I attempted to run a full scan using SAS only to discover that it wouldn't run in that mode. It would, however, conduct a Quick Scan. Below are the results of that Quick Scan. I was directed here by another Help Forum where I posted a Hijack This log and was advised that the problems did not appear to be malware-related. The administrator, however, then asked me to post my SAS log which had reported 717 threats. She immediately directed me to this forum. SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 04/26/2010 at 07:46 PM Application Version : 4.35.1002 Core Rules Database Version : 4854 Trace Rules Database Version: 2663 Scan type : Quick Scan Total Scan Time : 00:10:22 Memory items scanned : 219 Memory threats detected : 25 Registry items scanned : 490 Registry threats detected : 415 File items scanned : 8490 File threats detected : 277 Malware.Notifier C:\PROGRAM FILES\SUPERANTISPYWARE\DEUPX.DLL C:\PROGRAM FILES\SUPERANTISPYWARE\DEUPX.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUPERANTISPYWARE.COM\SUPERANTISPYWARE\SDDLLS\UIREPAIR.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUPERANTISPYWARE.COM\SUPERANTISPYWARE\SDDLLS\UIREPAIR.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUPERANTISPYWARE.COM\SUPERANTISPYWARE\SDDLLS\SD10005.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUPERANTISPYWARE.COM\SUPERANTISPYWARE\SDDLLS\SD10005.DLL C:\PROGRAM FILES\SUPERANTISPYWARE\SASSEH.DLL C:\PROGRAM FILES\SUPERANTISPYWARE\SASSEH.DLL C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMEXT.DLL C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMEXT.DLL C:\PROGRAM FILES\SUPERANTISPYWARE\SASCTXMN.DLL C:\PROGRAM FILES\SUPERANTISPYWARE\SASCTXMN.DLL C:\PROGRA~1\WINZIP\WZSHLSTB.DLL C:\PROGRA~1\WINZIP\WZSHLSTB.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSHELL.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSHELL.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASHDISP.EXE C:\PROGRA~1\ALWILS~1\AVAST4\ASHDISP.EXE C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNOS.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNOS.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASHBASE.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASHBASE.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNB.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNB.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNS.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNS.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASHTASK.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASHTASK.DLL C:\PROGRA~1\ALWILS~1\AVAST4\AAVM4H.DLL C:\PROGRA~1\ALWILS~1\AVAST4\AAVM4H.DLL C:\PROGRA~1\ALWILS~1\AVAST4\AAVMRPCH.DLL C:\PROGRA~1\ALWILS~1\AVAST4\AAVMRPCH.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ENGLISH\BASE.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ENGLISH\BASE.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIMAI.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIMAI.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASHUINT.DLL C:\PROGRA~1\ALWILS~1\AVAST4\ASHUINT.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIMES.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIMES.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUINS.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUINS.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIOUT.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIOUT.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIP2P.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIP2P.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUISTD.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUISTD.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIWS.DLL C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIWS.DLL [updateManager] C:\PROGRAM FILES\COMMON FILES\SONIC\UPDATE MANAGER\SGTRAY.EXE C:\PROGRAM FILES\COMMON FILES\SONIC\UPDATE MANAGER\SGTRAY.EXE [DVDTray] C:\PROGRAM FILES\HP DVD\UMBRELLA\DVDTRAY.EXE C:\PROGRAM FILES\HP DVD\UMBRELLA\DVDTRAY.EXE [DVDBitSet] C:\PROGRAM FILES\HP DVD\UMBRELLA\DVDBITSET.EXE C:\PROGRAM FILES\HP DVD\UMBRELLA\DVDBITSET.EXE [avast!] C:\PROGRA~1\ALWILS~1\AVAST4\ASHDISP.EXE [Adobe Reader Speed Launcher] C:\PROGRAM FILES\ADOBE\READER 9.0\READER\READER_SL.EXE C:\PROGRAM FILES\ADOBE\READER 9.0\READER\READER_SL.EXE [QuickTime Task] C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE [sunJavaUpdateSched] C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}#AppID HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InprocServer32 HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InprocServer32#ThreadingModel HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ProgID HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\Programmable HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\TypeLib HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\VersionIndependentProgID HKCR\AcroIEHelperShim.AcroIEHelperShimObj.1 HKCR\AcroIEHelperShim.AcroIEHelperShimObj.1\CLSID HKCR\AcroIEHelperShim.AcroIEHelperShimObj HKCR\AcroIEHelperShim.AcroIEHelperShimObj\CLSID HKCR\AcroIEHelperShim.AcroIEHelperShimObj\CurVer HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF} HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0 HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0\0 HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0\0\win32 HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0\FLAGS HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0\HELPDIR C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} HKCR\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} HKCR\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} HKCR\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}\InprocServer32 HKCR\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}\InprocServer32#ThreadingModel C:\PROGRAM FILES\JAVA\JRE6\BIN\JP2SSV.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}#AppID HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\InprocServer32 HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\InprocServer32#ThreadingModel HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ProgID HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\Programmable HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\TypeLib HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\VersionIndependentProgID HKCR\ieplugin.JQSIEStartDetectorImpl.1 HKCR\ieplugin.JQSIEStartDetectorImpl.1\CLSID HKCR\ieplugin.JQSIEStartDetectorImpl HKCR\ieplugin.JQSIEStartDetectorImpl\CLSID HKCR\ieplugin.JQSIEStartDetectorImpl\CurVer HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB} HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}\1.0 HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}\1.0\0 HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}\1.0\0\win32 HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}\1.0\FLAGS HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}\1.0\HELPDIR C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\IE\JQS_PLUGIN.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}#AppID HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\InprocServer32 HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\InprocServer32#ThreadingModel HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\ProgID HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\Programmable HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\TypeLib HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\VersionIndependentProgID HKCR\ShellExecuteHook.SABShellExecuteHook.1 HKCR\ShellExecuteHook.SABShellExecuteHook.1\CLSID HKCR\ShellExecuteHook.SABShellExecuteHook HKCR\ShellExecuteHook.SABShellExecuteHook\CLSID HKCR\ShellExecuteHook.SABShellExecuteHook\CurVer HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34} HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}\1.0 HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}\1.0\0 HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}\1.0\0\win32 HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}\1.0\FLAGS HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}\1.0\HELPDIR HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{166B1BCA-3F9C-11CF-8075-444553540000} HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000} HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000} HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Control HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\EnableFullPage HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\EnableFullPage\.dcr HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\EnableFullPage\.dir HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\EnableFullPage\.dxr HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Implemented Categories HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\InprocServer32 HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\InprocServer32#ThreadingModel HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\MiscStatus HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\MiscStatus\1 HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ProgID HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Programmable HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ToolboxBitmap32 HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\TypeLib HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Version HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\VersionIndependantProgId HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\VersionIndependentProgID HKCR\SwCtl.SwCtl.11 HKCR\SwCtl.SwCtl.11\CLSID HKCR\SWCtl.SWCtl HKCR\SWCtl.SWCtl\CLSID HKCR\SWCtl.SWCtl\CurVer HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6} HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}\1.0 HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}\1.0\0 HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}\1.0\0\win32 HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}\1.0\FLAGS HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}\1.0\HELPDIR C:\WINDOWS\SYSTEM32\ADOBE\DIRECTOR\SWDIR.DLL HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{233C1507-6A77-46A4-9443-F871F945D258} HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258} HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258} HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Control HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\EnableFullPage HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\EnableFullPage\.dcr HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\EnableFullPage\.dir HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\EnableFullPage\.dxr HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Implemented Categories HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32 HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32#ThreadingModel HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\MiscStatus HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\MiscStatus\1 HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ProgID HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Programmable HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ToolboxBitmap32 HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\TypeLib HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Version HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\VersionIndependentProgID HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377B5106-3B4E-4A2D-8520-8767590CAC86} HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86} HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86} HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\Control HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\EnableFullPage HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\EnableFullPage\.svg HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\EnableFullPage\.svgz HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\InprocServer32 HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\InprocServer32#ThreadingModel HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\Insertable HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\MiscStatus HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\MiscStatus\1 HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\ProgID HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\Programmable HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\ToolboxBitmap32 HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\TypeLib HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\Version HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\VersionIndependentProgID HKCR\Adobe.SVGCtl.3 HKCR\Adobe.SVGCtl.3\CLSID HKCR\Adobe.SVGCtl.3\Insertable HKCR\Adobe.SVGCtl HKCR\Adobe.SVGCtl\CLSID HKCR\Adobe.SVGCtl\CurVer HKCR\Adobe.SVGCtl\DefaultIcon HKCR\Adobe.SVGCtl\shell HKCR\Adobe.SVGCtl\shell\open HKCR\Adobe.SVGCtl\shell\open\command HKCR\Adobe.SVGCtl\shell\open\ddeexec HKCR\Adobe.SVGCtl\shell\open\ddeexec\Application HKCR\Adobe.SVGCtl\shell\open\ddeexec\Topic HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50} HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}\3.0 HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}\3.0\0 HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}\3.0\0\win32 HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}\3.0\FLAGS HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}\3.0\HELPDIR C:\PROGRA~1\COMMON~1\ADOBE\SVGVIE~1.0\NPSVG3.DLL HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4871A87A-BFDD-4106-8153-FFDE2BAC2967} HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967} HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967} HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\Control HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\InprocServer32 HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\InprocServer32#ThreadingModel HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\MiscStatus HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\MiscStatus\1 HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ProgID HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ToolboxBitmap32 HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\TypeLib HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\Version HKCR\MANAGER.DLMCtrl.1 HKCR\MANAGER.DLMCtrl.1\CLSID HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E} HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}\1.0 HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}\1.0\0 HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}\1.0\0\win32 HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}\1.0\FLAGS HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}\1.0\HELPDIR C:\WINDOWS\DOWNLO~1\DOWNLO~1.OCX HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74DBCB52-F298-4110-951D-AD2FF67BC8AB} HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB} HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB} HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\Control HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\Implemented Categories HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\InprocServer32 HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\InprocServer32#ThreadingModel HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\MiscStatus HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\MiscStatus\1 HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ProgID HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ToolboxBitmap32 HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\TypeLib HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\Version HKCR\SMARTLOAD.smartLoadCtrl.1 HKCR\SMARTLOAD.smartLoadCtrl.1\CLSID HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3} HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}\1.0 HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}\1.0\0 HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}\1.0\0\win32 HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}\1.0\FLAGS HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}\1.0\HELPDIR C:\WINDOWS\DOWNLO~1\NVIDIA~1.OCX HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8AD9C840-044E-11D1-B3E9-00805F499D93} HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32 HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32#ThreadingModel HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\MiscStatus HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\MiscStatus\1 C:\PROGRAM FILES\JAVA\JRE6\BIN\NPJPI160_20.DLL HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD} HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD} HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD} HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}#AppID HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\Control HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\InprocServer32 HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\InprocServer32#ThreadingModel HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\MiscStatus HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\MiscStatus\1 HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\ProgID HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\Programmable HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\ToolboxBitmap32 HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\TypeLib HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\Version HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\VersionIndependentProgID HKCR\ScanProcesses.SABScanProcesses.1 HKCR\ScanProcesses.SABScanProcesses.1\CLSID HKCR\ScanProcesses.SABScanProcesses HKCR\ScanProcesses.SABScanProcesses\CLSID HKCR\ScanProcesses.SABScanProcesses\CurVer HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62} HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}\1.0 HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}\1.0\0 HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}\1.0\0\win32 HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}\1.0\FLAGS HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}\1.0\HELPDIR C:\WINDOWS\DOWNLOADED PROGRAM FILES\SABSPX.DLL HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} HKCR\CLSID\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} HKCR\CLSID\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} HKCR\CLSID\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\InprocServer32 HKCR\CLSID\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\InprocServer32#ThreadingModel C:\WINDOWS\SYSTEM32\DEPLOYJAVA1.DLL HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000} HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4871A87A-BFDD-4106-8153-FFDE2BAC2967} HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{74DBCB52-F298-4110-951D-AD2FF67BC8AB} HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD} HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} HKCR\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} HKCR\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} HKCR\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32 HKCR\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32#ThreadingModel HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\InprocServer32 HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\InprocServer32#ThreadingModel HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\MiscStatus HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\MiscStatus\1 HKCR\Folder\shellex\columnhandlers\{F9DB5320-233E-11D1-9F84-707F02C10627} HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}\InprocServer32 HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}\InprocServer32#ThreadingModel HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}\VersionIndependentProgID HKCR\PDFShell.PDFShell C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\PDFSHELL.DLL HKLM\System\ControlSet001\Services\aswFsBlk C:\WINDOWS\SYSTEM32\DRIVERS\ASWFSBLK.SYS HKLM\System\ControlSet001\Enum\Root\LEGACY_aswFsBlk HKLM\System\ControlSet001\Services\aswUpdSv C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE HKLM\System\ControlSet001\Enum\Root\LEGACY_aswUpdSv HKLM\System\ControlSet001\Services\avast! Antivirus C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE HKLM\System\ControlSet001\Enum\Root\LEGACY_avast! Antivirus HKLM\System\ControlSet001\Services\avast! Mail Scanner C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE HKLM\System\ControlSet001\Enum\Root\LEGACY_avast! Mail Scanner HKLM\System\ControlSet001\Services\avast! Web Scanner C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE HKLM\System\ControlSet001\Enum\Root\LEGACY_avast! Web Scanner HKLM\System\ControlSet001\Services\JavaQuickStarterService C:\PROGRAM FILES\JAVA\JRE6\BIN\JQS.EXE HKLM\System\ControlSet001\Enum\Root\LEGACY_JavaQuickStarterService HKLM\System\ControlSet001\Services\PxHelp20 C:\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS HKLM\System\ControlSet001\Enum\Root\LEGACY_PxHelp20 HKLM\System\ControlSet001\Services\SASDIFSV C:\PROGRAM FILES\SUPERANTISPYWARE\SASDIFSV.SYS HKLM\System\ControlSet001\Enum\Root\LEGACY_SASDIFSV HKLM\System\ControlSet001\Services\SASENUM C:\PROGRAM FILES\SUPERANTISPYWARE\SASENUM.SYS HKLM\System\ControlSet001\Enum\Root\LEGACY_SASENUM HKLM\System\ControlSet001\Services\SASKUTIL C:\PROGRAM FILES\SUPERANTISPYWARE\SASKUTIL.SYS HKLM\System\ControlSet001\Enum\Root\LEGACY_SASKUTIL HKLM\System\ControlSet002\Services\aswFsBlk HKLM\System\ControlSet002\Enum\Root\LEGACY_aswFsBlk HKLM\System\ControlSet002\Services\aswUpdSv HKLM\System\ControlSet002\Enum\Root\LEGACY_aswUpdSv HKLM\System\ControlSet002\Services\avast! Antivirus HKLM\System\ControlSet002\Enum\Root\LEGACY_avast! Antivirus HKLM\System\ControlSet002\Services\avast! Mail Scanner HKLM\System\ControlSet002\Enum\Root\LEGACY_avast! Mail Scanner HKLM\System\ControlSet002\Services\avast! Web Scanner HKLM\System\ControlSet002\Enum\Root\LEGACY_avast! Web Scanner HKLM\System\ControlSet002\Services\JavaQuickStarterService HKLM\System\ControlSet002\Enum\Root\LEGACY_JavaQuickStarterService HKLM\System\ControlSet002\Services\PxHelp20 HKLM\System\ControlSet002\Enum\Root\LEGACY_PxHelp20 HKLM\System\ControlSet002\Services\SASDIFSV HKLM\System\ControlSet002\Enum\Root\LEGACY_SASDIFSV HKLM\System\ControlSet002\Services\SASENUM HKLM\System\ControlSet002\Enum\Root\LEGACY_SASENUM HKLM\System\ControlSet002\Services\SASKUTIL HKLM\System\ControlSet002\Enum\Root\LEGACY_SASKUTIL HKLM\System\CurrentControlSet\Services\aswFsBlk HKLM\System\CurrentControlSet\Enum\Root\LEGACY_aswFsBlk HKLM\System\CurrentControlSet\Services\aswUpdSv HKLM\System\CurrentControlSet\Enum\Root\LEGACY_aswUpdSv HKLM\System\CurrentControlSet\Services\avast! Antivirus HKLM\System\CurrentControlSet\Enum\Root\LEGACY_avast! Antivirus HKLM\System\CurrentControlSet\Services\avast! Mail Scanner HKLM\System\CurrentControlSet\Enum\Root\LEGACY_avast! Mail Scanner HKLM\System\CurrentControlSet\Services\avast! Web Scanner HKLM\System\CurrentControlSet\Enum\Root\LEGACY_avast! Web Scanner HKLM\System\CurrentControlSet\Services\JavaQuickStarterService HKLM\System\CurrentControlSet\Enum\Root\LEGACY_JavaQuickStarterService HKLM\System\CurrentControlSet\Services\PxHelp20 HKLM\System\CurrentControlSet\Enum\Root\LEGACY_PxHelp20 HKLM\System\CurrentControlSet\Services\SASDIFSV HKLM\System\CurrentControlSet\Enum\Root\LEGACY_SASDIFSV HKLM\System\CurrentControlSet\Services\SASENUM HKLM\System\CurrentControlSet\Enum\Root\LEGACY_SASENUM HKLM\System\CurrentControlSet\Services\SASKUTIL HKLM\System\CurrentControlSet\Enum\Root\LEGACY_SASKUTIL C:\PROGRAM FILES\ADOBE\READER 9.0\READER\ACRORD32.EXE HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\AcroRd32.exe HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\AcroRd32.exe#Path C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHAVAST.EXE HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\ashAvast.exe HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\ashAvast.exe#Path C:\DOCUMENTS AND SETTINGS\KIT\MY DOCUMENTS\SOFTWARE\HIJACKTHIS.EXE HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe#Path C:\PROGRAM FILES\JAVA\JRE6\BIN\JAVAWS.EXE HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\javaws.exe HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\javaws.exe#Path C:\PROGRAM FILES\ILLIMINABLE\OGGCODECS\OOOGGDUMP.EXE HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\OOOggDump.exe HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SGTRAY.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NOS\ADOBE_DOWNLOADS\ARH.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SKYPE\PLUGINS\PLUGINS\70A769DCB31D4D59AE936EAC08D29EE4\PANDOSKYPEPLUGIN.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\DESKTOP\AVAST! ANTIVIRUS.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\GAMES\PINBALL.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\ACCESSORIES\COMMUNICATIONS\HYPERTERMINAL.LNK C:\PROGRAM FILES\ADOBE\ACROBAT.COM\ACROBAT.COM.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\ACROBAT.COM.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\ADOBE READER 9.LNK C:\PROGRAM FILES\ALIBRE DESIGN\PROGRAM\ALIBRE DESIGN.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\ALIBRE DESIGN\ALIBRE DESIGN.LNK C:\PROGRAM FILES\ALIBRE DESIGN\PROGRAM\REPOMIGRATIONTOOL.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\ALIBRE DESIGN\DATA MIGRATION TOOL.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\AVAST! ANTIVIRUS\AVAST! ANTIVIRUS.LNK C:\PROGRAM FILES\POWERDVD\POWERDVD.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\CYBERLINK POWERDVD\POWERDVD.LNK C:\PROGRAM FILES\POWERDVD\CLDMA.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\CYBERLINK POWERDVD\SYSTEM DIAGNOSTIC.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\HP\HP DVD\HP DISC COMPATIBILITY SETTING.LNK C:\PROGRAM FILES\HP DVD\UMBRELLA\HP DVD.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\HP\HP DVD\HP DVD.LNK C:\PROGRAM FILES\HP DVD\SUPPORT\UNINSTALL.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\HP\HP DVD\UNINSTALL.LNK C:\PROGRAM FILES\JEWEL QUEST\JEWELQUEST.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\JEWEL QUEST\ JEWEL QUEST.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\JEWEL QUEST\OTHER GAMES.LNK C:\PROGRAM FILES\JPEG IMAGER\UNINS000.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\JPEG IMAGER\UNINSTALL JPEG IMAGER.LNK C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\MISC.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MICROSOFT OFFICE TOOLS\MICROSOFT ACCESS SNAPSHOT VIEWER.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MICROSOFT OFFICE TOOLS\MICROSOFT OFFICE LANGUAGE SETTINGS.LNK C:\PROGRAM FILES\PAMELA\UNINST.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\PAMELA\UNINSTALL PAMELA.LNK C:\PROGRAM FILES\SUPERANTISPYWARE\BOOTSAFE.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\SUPERANTISPYWARE\BOOTSAFE.LNK C:\PROGRAM FILES\SUPERANTISPYWARE\RUNSAS.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\SUPERANTISPYWARE\SUPERANTISPYWARE ALTERNATE START.LNK C:\PROGRAM FILES\TREASURE FALL\TF.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\TREASURE FALL\TREASURE FALL.LNK C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\WWW.MACROMEDIA.COM\BIN\AIRAPPINSTALLER\AIRAPPINSTALLER.EXE C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MICROSOFT\INSTALLER\{23970E31-948B-466E-8376-1224D32FDF0C}\NEWSHORTCUT11_23970E31948B466E83761224D32FDF0C.EXE C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MICROSOFT\INSTALLER\{23970E31-948B-466E-8376-1224D32FDF0C}\NEWSHORTCUT1_23970E31948B466E83761224D32FDF0C.EXE C:\PROGRAM FILES\IRFANVIEW\I_VIEW32.EXE C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\IRFANVIEW.LNK C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\TREASURE FALL.LNK C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GHHZNBSX.DEFAULT\EXTENSIONS\{108F9956-3027-48D0-8C3E-227282CCF623}\COMPONENTS\ENGINE.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GHHZNBSX.DEFAULT\EXTENSIONS\{1890D1B4-82D4-45C1-8EED-29B455ED389D}\COMPONENTS\ENGINE.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\15\4E09EACF-6751221A-N\DECORA-D3D.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\15\58FB3E0F-642C930F-N\DECORA-D3D.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\15\58FB3E0F-642C930F-N\DECORA-SSE.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\15\58FB3E0F-642C930F-N\JMC.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\17\6D0AD391-25995299-N\DECORA-D3D.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\17\6D0AD391-25995299-N\DECORA-SSE.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\33\258CEA61-2C557BAB-N\JMC.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\37\2C4A0065-7987D4AE-N\DECORA-D3D.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\37\3976F065-3F22C760-N\DECORA-SSE.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\38\39BA6E6-71F18009-N\JMC.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\45\4F710EED-4290861F-N\GLUEGEN-RT.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\46\759E98EE-604FB116-N\DECORA-D3D.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\46\759E98EE-604FB116-N\DECORA-SSE.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\46\759E98EE-604FB116-N\JMC.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\50\5B902232-355AC1DD-N\DECORA-SSE.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\54\1A209876-3419F0E2-N\JMC.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\62\6BAEA4FE-3F26B41E-N\JOGL.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\62\6BAEA4FE-3F26B41E-N\JOGL_AWT.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\62\6BAEA4FE-3F26B41E-N\JOGL_CG.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\SYSTEMCACHE\6.0\17\6D0AD391-54F0E8AF-N\DECORA-D3D.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\SYSTEMCACHE\6.0\17\6D0AD391-54F0E8AF-N\DECORA-SSE.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\SYSTEMCACHE\6.0\54\1A209876-1D1AC52F-N\JMC.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\JRE1.6.0_17\LZMA.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\JRE1.6.0_15\LZMA.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\JRE1.6.0_11\LZMA.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\JRE1.6.0_13\LZMA.DLL C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\JRE1.6.0_14\LZMA.DLL C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\ALIBRE DESIGN\ALIBRE DESIGN.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\ALIBRE DESIGN\DATA MIGRATION TOOL.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\COMPUTER SHORTCUTS\ADOBE READER 9 INSTALLER\SETUP.EXE C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\COMPUTER SHORTCUTS\ADOBE READER 9.0.0.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\COMPUTER SHORTCUTS\ADOBE READER 9.3.0.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\COMPUTER SHORTCUTS\ADOBE READER 9.3.1.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\COMPUTER SHORTCUTS\ADOBE READER 9.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\GAMES SHORTCUTS\JEWEL QUEST.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\GAMES SHORTCUTS\TREASURE FALL.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\ADOBE READER 9.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\ADOBE READER 9 INSTALLER\AIR\NOSSO_AIR.EXE C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\ADOBE READER 9 INSTALLER\AIRSHAREINSTALLER.EXE C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\ADOBE READER 9 INSTALLER\READER9\SETUP.EXE C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\ADOBE READER 9 INSTALLER\SETUP.EXE C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\ADOBE READER 9.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\AVAST! ANTIVIRUS.LNK C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\GAP PGMS\ATF-CLEANER.EXE C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\GAP PGMS\JAVA\6.15\JRE-6U15-WINDOWS-I586-IFTW-K.EXE C:\DOCUMENTS AND SETTINGS\KIT\LOCAL SETTINGS\TEMP\SSUPDATE.EXE C:\PROGRAM FILES\ATOMIC CLOCK SYNC\UNWISE.EXE C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\ATOMIC CLOCK SYNC\UNINSTALL ATOMIC CLOCK SYNC.LNK C:\PROGRAM FILES\ILLIMINABLE\OGGCODECS\UNINST.EXE C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\ILLIMINABLE\OGGCODECS\UNINSTALL.LNK C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\IRFANVIEW\IRFANVIEW - THUMBNAILS.LNK C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\IRFANVIEW\IRFANVIEW 4.20.LNK C:\PROGRAM FILES\IRFANVIEW\IV_UNINSTALL.EXE C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\IRFANVIEW\UNINSTALL IRFANVIEW.LNK C:\PROGRAM FILES\NOOK AND CRANNY\UNINSTALL.EXE C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\NOOK AND CRANNY\UNINSTALL GAME.LNK C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\NOOK AND CRANNY\UNINSTALL.LNK C:\WINDOWS\ALCUPD.EXE C:\WINDOWS\ASSEMBLY\GAC_MSIL\PRESENTATIONCFFRASTERIZER\3.0.0.0__31BF3856AD364E35\PRESENTATIONCFFRASTERIZER.DLL C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\PRESENTATIONCFFRAST#\2AB0F8728D72DB601F1B806C5BA9FD8C\PRESENTATIONCFFRASTERIZER.NI.DLL C:\WINDOWS\DOWNLOADED PROGRAM FILES\DOWNLOADMANAGERV2.OCX C:\WINDOWS\DOWNLOADED PROGRAM FILES\NVIDIASMARTSCAN.OCX C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACRORD32INFO.EXE C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\A3DUTILITY.EXE C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACROBROKER.EXE C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACROIEHELPER.DLL C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACROIEHELPERSHIM.DLL C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACRORD32.EXE C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACRORDIF.DLL C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACROTEXTEXTRACTOR.EXE C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\EULA.EXE C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\NPPDF32.DLL C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\NPPDF32.DLL_APOLLO C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFPREVHNDLR.DLL C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFPREVHNDLRSHIM.EXE C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFSHELL.DLL C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\READER_SL.EXE C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\VIEWERPS.DLL C:\WINDOWS\INSTALLER\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\PLACES.EXE C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\ACCICONS.EXE C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\BINDICO.EXE C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\FPICON.EXE C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\OUTICON.EXE C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\PEICONS.EXE C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\PPTICO.EXE C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\WORDICON.EXE C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\XLICONS.EXE C:\WINDOWS\INSTALLER\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\APPLESOFTWAREUPDATEICO.EXE C:\WINDOWS\INSTALLER\{9541FED0-327F-4DF0-8B96-EF57EF622F19}\RECORDNOW.EXE C:\WINDOWS\INSTALLER\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\ICONCDDCBBF13.EXE C:\WINDOWS\INSTALLER\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\ICONCDDCBBF15.EXE C:\WINDOWS\INSTALLER\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\ICONCDDCBBF16.EXE C:\WINDOWS\INSTALLER\{D103C4BA-F905-437A-8049-DB24763BBE36}\SKYPEICON.EXE C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WPF\PRESENTATIONCFFRASTERIZER.DLL C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\MICROSOFT .NET FRAMEWORK 3.5 SP1\WAPRES.1049.DLL C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\MICROSOFT .NET FRAMEWORK 3.5 SP1\WAPRES.1043.DLL C:\WINDOWS\SYSTEM32\ACTSKIN4.OCX C:\WINDOWS\SYSTEM32\ADOBE\DIRECTOR\NP32DSW.DLL C:\WINDOWS\SYSTEM32\ADOBE\DIRECTOR\SWDNLD.EXE C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\DYNAPLAYER.DLL C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\GTAPI.DLL C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\PLUGIN.DLL C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\PROJ.DLL C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\SWHELPER_1100465.EXE C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\SWHELPER_1151601.EXE C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\SWINIT.EXE C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\SWMENU.DLL C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\SYMCCHECKER.DLL C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\UNINSTALLER.EXE C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\UNWISE.EXE C:\WINDOWS\SYSTEM32\AVASTSS.SCR C:\WINDOWS\SYSTEM32\CHCFG.EXE C:\WINDOWS\SYSTEM32\DRIVERS\AAVMKER4.SYS C:\WINDOWS\SYSTEM32\DRIVERS\ASWMON.SYS C:\WINDOWS\SYSTEM32\DRIVERS\ASWMON2.SYS C:\WINDOWS\SYSTEM32\DRIVERS\ASWRDR.SYS C:\WINDOWS\SYSTEM32\DRIVERS\ASWSP.SYS C:\WINDOWS\SYSTEM32\DRIVERS\ASWTDI.SYS C:\WINDOWS\SYSTEM32\DRIVERS\BANTEXT.SYS C:\WINDOWS\SYSTEM32\DRIVERS\MBAM.SYS C:\WINDOWS\SYSTEM32\DRIVERS\MBAMSWISSARMY.SYS C:\WINDOWS\SYSTEM32\IAC25_32.AX C:\WINDOWS\SYSTEM32\JAVA.EXE C:\WINDOWS\SYSTEM32\JAVACPL.CPL C:\WINDOWS\SYSTEM32\JAVAW.EXE C:\WINDOWS\SYSTEM32\JAVAWS.EXE C:\WINDOWS\SYSTEM32\LFBMP13N.DLL C:\WINDOWS\SYSTEM32\LFCMP13N.DLL C:\WINDOWS\SYSTEM32\LFGIF13N.DLL C:\WINDOWS\SYSTEM32\LFPNG13N.DLL C:\WINDOWS\SYSTEM32\LTDIS13N.DLL C:\WINDOWS\SYSTEM32\LTEFX13N.DLL C:\WINDOWS\SYSTEM32\LTFIL13N.DLL C:\WINDOWS\SYSTEM32\LTIMG13N.DLL C:\WINDOWS\SYSTEM32\LTKRN13N.DLL C:\WINDOWS\SYSTEM32\MACROMED\COMMON\SWSUPPORT.DLL C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASHUTIL10E.EXE C:\WINDOWS\SYSTEM32\MACROMED\FLASH\NPSWF32_FLASHUTIL.EXE C:\WINDOWS\SYSTEM32\MACROMED\FLASH\UNINSTALL_ACTIVEX.EXE C:\WINDOWS\SYSTEM32\MACROMED\FLASH\UNINSTALL_PLUGIN.EXE C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\DYNAPLAYER.DLL C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\PLUGIN.DLL C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\PLUGINPING.DLL C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\PROJ.DLL C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\SWINIT.EXE C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\SWMENUX.DLL C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\SWONCE.DLL C:\WINDOWS\SYSTEM32\MSIMRT16.DLL C:\WINDOWS\SYSTEM32\MSRTEDIT.DLL C:\WINDOWS\SYSTEM32\PCDLIB32.DLL C:\WINDOWS\SYSTEM32\PDFCMNNT.DLL C:\WINDOWS\SYSTEM32\PX.DLL C:\WINDOWS\SYSTEM32\PXDRV.DLL C:\WINDOWS\SYSTEM32\PXMAS.DLL C:\WINDOWS\SYSTEM32\PXWAVE.DLL C:\WINDOWS\SYSTEM32\PXWMA.DLL C:\WINDOWS\SYSTEM32\QUICKTIME.QTS C:\WINDOWS\SYSTEM32\QUICKTIMEVR.QTX C:\WINDOWS\SYSTEM32\REMOTECONTROL.DLL C:\WINDOWS\SYSTEM32\SABPROCENUM.SYS C:\WINDOWS\SYSTEM32\SRKEY.EXE C:\WINDOWS\SYSTEM32\SSCE5332.DLL C:\WINDOWS\SYSTEM32\UMLOADER.DLL C:\WINDOWS\SYSTEM32\VSFLEX3.OCX C:\WINDOWS\SYSTEM32\VXBLOCK.DLL HKCR\Interface\{099C3740-E2EA-48E8-A8B4-C8AEAD7B7884} HKCR\Interface\{099C3740-E2EA-48E8-A8B4-C8AEAD7B7884}\ProxyStubClsid HKCR\Interface\{099C3740-E2EA-48E8-A8B4-C8AEAD7B7884}\ProxyStubClsid32 HKCR\Interface\{099C3740-E2EA-48E8-A8B4-C8AEAD7B7884}\TypeLib HKCR\Interface\{099C3740-E2EA-48E8-A8B4-C8AEAD7B7884}\TypeLib#Version HKCR\Interface\{166B1BC8-3F9C-11CF-8075-444553540000} HKCR\Interface\{166B1BC8-3F9C-11CF-8075-444553540000}\ProxyStubClsid HKCR\Interface\{166B1BC8-3F9C-11CF-8075-444553540000}\ProxyStubClsid32 HKCR\Interface\{166B1BC8-3F9C-11CF-8075-444553540000}\TypeLib HKCR\Interface\{166B1BC8-3F9C-11CF-8075-444553540000}\TypeLib#Version HKCR\Interface\{166B1BC9-3F9C-11CF-8075-444553540000} HKCR\Interface\{166B1BC9-3F9C-11CF-8075-444553540000}\ProxyStubClsid HKCR\Interface\{166B1BC9-3F9C-11CF-8075-444553540000}\ProxyStubClsid32 HKCR\Interface\{166B1BC9-3F9C-11CF-8075-444553540000}\TypeLib HKCR\Interface\{166B1BC9-3F9C-11CF-8075-444553540000}\TypeLib#Version HKCR\Interface\{398E1AED-A22D-4558-869E-C6D775C02585} HKCR\Interface\{398E1AED-A22D-4558-869E-C6D775C02585}\ProxyStubClsid HKCR\Interface\{398E1AED-A22D-4558-869E-C6D775C02585}\ProxyStubClsid32 HKCR\Interface\{398E1AED-A22D-4558-869E-C6D775C02585}\TypeLib HKCR\Interface\{398E1AED-A22D-4558-869E-C6D775C02585}\TypeLib#Version HKCR\Interface\{41066AF3-53A3-4C67-83AC-14688B13B31E} HKCR\Interface\{41066AF3-53A3-4C67-83AC-14688B13B31E}\ProxyStubClsid HKCR\Interface\{41066AF3-53A3-4C67-83AC-14688B13B31E}\ProxyStubClsid32 HKCR\Interface\{41066AF3-53A3-4C67-83AC-14688B13B31E}\TypeLib HKCR\Interface\{41066AF3-53A3-4C67-83AC-14688B13B31E}\TypeLib#Version HKCR\Interface\{644F7CB5-EE49-44FC-8587-FAA5EC7A2A3E} HKCR\Interface\{644F7CB5-EE49-44FC-8587-FAA5EC7A2A3E}\ProxyStubClsid HKCR\Interface\{644F7CB5-EE49-44FC-8587-FAA5EC7A2A3E}\ProxyStubClsid32 HKCR\Interface\{644F7CB5-EE49-44FC-8587-FAA5EC7A2A3E}\TypeLib HKCR\Interface\{644F7CB5-EE49-44FC-8587-FAA5EC7A2A3E}\TypeLib#Version HKCR\Interface\{9DF0C21E-FBC2-436A-9C9D-71BC6A6AC9F4} HKCR\Interface\{9DF0C21E-FBC2-436A-9C9D-71BC6A6AC9F4}\ProxyStubClsid HKCR\Interface\{9DF0C21E-FBC2-436A-9C9D-71BC6A6AC9F4}\ProxyStubClsid32 HKCR\Interface\{9DF0C21E-FBC2-436A-9C9D-71BC6A6AC9F4}\TypeLib HKCR\Interface\{9DF0C21E-FBC2-436A-9C9D-71BC6A6AC9F4}\TypeLib#Version HKCR\Interface\{AD5FB04F-5A8D-44D4-8206-6A8734186EA2} HKCR\Interface\{AD5FB04F-5A8D-44D4-8206-6A8734186EA2}\ProxyStubClsid HKCR\Interface\{AD5FB04F-5A8D-44D4-8206-6A8734186EA2}\ProxyStubClsid32 HKCR\Interface\{AD5FB04F-5A8D-44D4-8206-6A8734186EA2}\TypeLib HKCR\Interface\{AD5FB04F-5A8D-44D4-8206-6A8734186EA2}\TypeLib#Version HKCR\Interface\{B9A851C7-F076-4FB6-B704-FE8AF9114EA2} HKCR\Interface\{B9A851C7-F076-4FB6-B704-FE8AF9114EA2}\ProxyStubClsid HKCR\Interface\{B9A851C7-F076-4FB6-B704-FE8AF9114EA2}\ProxyStubClsid32 HKCR\Interface\{B9A851C7-F076-4FB6-B704-FE8AF9114EA2}\TypeLib HKCR\Interface\{B9A851C7-F076-4FB6-B704-FE8AF9114EA2}\TypeLib#Version HKCR\Interface\{BC0FF429-C759-4010-8A22-FA3D3237DEFC} HKCR\Interface\{BC0FF429-C759-4010-8A22-FA3D3237DEFC}\ProxyStubClsid HKCR\Interface\{BC0FF429-C759-4010-8A22-FA3D3237DEFC}\ProxyStubClsid32 HKCR\Interface\{BC0FF429-C759-4010-8A22-FA3D3237DEFC}\TypeLib HKCR\Interface\{BC0FF429-C759-4010-8A22-FA3D3237DEFC}\TypeLib#Version HKCR\Interface\{BD719F6D-BC21-4435-9BA1-AFD2F73E22B2} HKCR\Interface\{BD719F6D-BC21-4435-9BA1-AFD2F73E22B2}\ProxyStubClsid HKCR\Interface\{BD719F6D-BC21-4435-9BA1-AFD2F73E22B2}\ProxyStubClsid32 HKCR\Interface\{BD719F6D-BC21-4435-9BA1-AFD2F73E22B2}\TypeLib HKCR\Interface\{BD719F6D-BC21-4435-9BA1-AFD2F73E22B2}\TypeLib#Version HKCR\Interface\{DDD44405-261C-4446-BE38-6B3D9AD6CE5D} HKCR\Interface\{DDD44405-261C-4446-BE38-6B3D9AD6CE5D}\ProxyStubClsid HKCR\Interface\{DDD44405-261C-4446-BE38-6B3D9AD6CE5D}\ProxyStubClsid32 HKCR\Interface\{DDD44405-261C-4446-BE38-6B3D9AD6CE5D}\TypeLib HKCR\Interface\{DDD44405-261C-4446-BE38-6B3D9AD6CE5D}\TypeLib#Version HKCR\Interface\{FCFE719E-E773-4B80-9FBD-1B6CDF6BF650} HKCR\Interface\{FCFE719E-E773-4B80-9FBD-1B6CDF6BF650}\ProxyStubClsid HKCR\Interface\{FCFE719E-E773-4B80-9FBD-1B6CDF6BF650}\ProxyStubClsid32 HKCR\Interface\{FCFE719E-E773-4B80-9FBD-1B6CDF6BF650}\TypeLib HKCR\Interface\{FCFE719E-E773-4B80-9FBD-1B6CDF6BF650}\TypeLib#Version HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5} HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}\NumMethods HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}\ProxyStubClsid HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}\ProxyStubClsid32 HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}\TypeLib HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}\TypeLib#Version C:\WINDOWS\Prefetch\ASHAVAST.EXE-2A5C4076.pf C:\WINDOWS\Prefetch\ASHDISP.EXE-350F01F0.pf C:\WINDOWS\Prefetch\DVDBITSET.EXE-22456526.pf C:\WINDOWS\Prefetch\DVDTRAY.EXE-24F66939.pf C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-04E068DC.pf C:\WINDOWS\Prefetch\JUSCHED.EXE-01E8D395.pf C:\WINDOWS\Prefetch\QTTASK.EXE-0337C4B9.pf C:\WINDOWS\Prefetch\READER_SL.EXE-02994A2F.pf C:\WINDOWS\Prefetch\SGTRAY.EXE-1100F01D.pf
×