Jump to content
Sign in to follow this  
CdnGhost

SAS Pro Found 717 Threats

Recommended Posts

On April 24th I received the following error, "BIOS ROM checksum error" which, to me, indicated that my mother board had just failed. The following day I carefully disassembled my computer and removed the fried mother board. Fortunately I had a slightly different new mother board from the same manufacturer and thus reassembled my computer using the new board (for those who are curious, I had had an MSI 6390 [now dead] which I replaced with an MSI 6390-L). As my forte is software not hardware, the task took me the entire day. Also, prior to reassembling the computer, I used Western Digital's Hard Drive Diagnostic Tool on each of the hard drives to ensure that the drives themselves were not at fault. After carefully bringing back online all three IDE hard drives, as well as my HP DVD Writer, I noticed that there appeared to be a few small errors. After running full scans of both MBAM and Avast! (both of which came up clean) I attempted to run a full scan using SAS only to discover that it wouldn't run in that mode. It would, however, conduct a Quick Scan.

Below are the results of that Quick Scan.

I was directed here by another Help Forum where I posted a Hijack This log and was advised that the problems did not appear to be malware-related. The administrator, however, then asked me to post my SAS log which had reported 717 threats. She immediately directed me to this forum.

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 04/26/2010 at 07:46 PM

Application Version : 4.35.1002

Core Rules Database Version : 4854

Trace Rules Database Version: 2663

Scan type : Quick Scan

Total Scan Time : 00:10:22

Memory items scanned : 219

Memory threats detected : 25

Registry items scanned : 490

Registry threats detected : 415

File items scanned : 8490

File threats detected : 277

Malware.Notifier

C:\PROGRAM FILES\SUPERANTISPYWARE\DEUPX.DLL

C:\PROGRAM FILES\SUPERANTISPYWARE\DEUPX.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUPERANTISPYWARE.COM\SUPERANTISPYWARE\SDDLLS\UIREPAIR.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUPERANTISPYWARE.COM\SUPERANTISPYWARE\SDDLLS\UIREPAIR.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUPERANTISPYWARE.COM\SUPERANTISPYWARE\SDDLLS\SD10005.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUPERANTISPYWARE.COM\SUPERANTISPYWARE\SDDLLS\SD10005.DLL

C:\PROGRAM FILES\SUPERANTISPYWARE\SASSEH.DLL

C:\PROGRAM FILES\SUPERANTISPYWARE\SASSEH.DLL

C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMEXT.DLL

C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMEXT.DLL

C:\PROGRAM FILES\SUPERANTISPYWARE\SASCTXMN.DLL

C:\PROGRAM FILES\SUPERANTISPYWARE\SASCTXMN.DLL

C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSHELL.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSHELL.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASHDISP.EXE

C:\PROGRA~1\ALWILS~1\AVAST4\ASHDISP.EXE

C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNOS.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNOS.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASHBASE.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASHBASE.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNB.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNB.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNS.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASWCMNS.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASHTASK.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASHTASK.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\AAVM4H.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\AAVM4H.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\AAVMRPCH.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\AAVMRPCH.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ENGLISH\BASE.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ENGLISH\BASE.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIMAI.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIMAI.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASHUINT.DLL

C:\PROGRA~1\ALWILS~1\AVAST4\ASHUINT.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIMES.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIMES.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUINS.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUINS.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIOUT.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIOUT.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIP2P.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIP2P.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUISTD.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUISTD.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIWS.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\AHRUIWS.DLL

[updateManager] C:\PROGRAM FILES\COMMON FILES\SONIC\UPDATE MANAGER\SGTRAY.EXE

C:\PROGRAM FILES\COMMON FILES\SONIC\UPDATE MANAGER\SGTRAY.EXE

[DVDTray] C:\PROGRAM FILES\HP DVD\UMBRELLA\DVDTRAY.EXE

C:\PROGRAM FILES\HP DVD\UMBRELLA\DVDTRAY.EXE

[DVDBitSet] C:\PROGRAM FILES\HP DVD\UMBRELLA\DVDBITSET.EXE

C:\PROGRAM FILES\HP DVD\UMBRELLA\DVDBITSET.EXE

[avast!] C:\PROGRA~1\ALWILS~1\AVAST4\ASHDISP.EXE

[Adobe Reader Speed Launcher] C:\PROGRAM FILES\ADOBE\READER 9.0\READER\READER_SL.EXE

C:\PROGRAM FILES\ADOBE\READER 9.0\READER\READER_SL.EXE

[QuickTime Task] C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE

C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE

[sunJavaUpdateSched] C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE

C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}#AppID

HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InprocServer32

HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InprocServer32#ThreadingModel

HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ProgID

HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\Programmable

HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\TypeLib

HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\VersionIndependentProgID

HKCR\AcroIEHelperShim.AcroIEHelperShimObj.1

HKCR\AcroIEHelperShim.AcroIEHelperShimObj.1\CLSID

HKCR\AcroIEHelperShim.AcroIEHelperShimObj

HKCR\AcroIEHelperShim.AcroIEHelperShimObj\CLSID

HKCR\AcroIEHelperShim.AcroIEHelperShimObj\CurVer

HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}

HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0

HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0\0

HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0\0\win32

HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0\FLAGS

HKCR\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0\HELPDIR

C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}

HKCR\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}

HKCR\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}

HKCR\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}\InprocServer32

HKCR\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}\InprocServer32#ThreadingModel

C:\PROGRAM FILES\JAVA\JRE6\BIN\JP2SSV.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}

HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}

HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}

HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}#AppID

HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\InprocServer32

HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\InprocServer32#ThreadingModel

HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ProgID

HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\Programmable

HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\TypeLib

HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\VersionIndependentProgID

HKCR\ieplugin.JQSIEStartDetectorImpl.1

HKCR\ieplugin.JQSIEStartDetectorImpl.1\CLSID

HKCR\ieplugin.JQSIEStartDetectorImpl

HKCR\ieplugin.JQSIEStartDetectorImpl\CLSID

HKCR\ieplugin.JQSIEStartDetectorImpl\CurVer

HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}

HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}\1.0

HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}\1.0\0

HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}\1.0\0\win32

HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}\1.0\FLAGS

HKCR\TypeLib\{D85100D8-894D-4F80-9697-C220AF4202EB}\1.0\HELPDIR

C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\IE\JQS_PLUGIN.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}

HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}

HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}

HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}#AppID

HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\InprocServer32

HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\InprocServer32#ThreadingModel

HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\ProgID

HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\Programmable

HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\TypeLib

HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\VersionIndependentProgID

HKCR\ShellExecuteHook.SABShellExecuteHook.1

HKCR\ShellExecuteHook.SABShellExecuteHook.1\CLSID

HKCR\ShellExecuteHook.SABShellExecuteHook

HKCR\ShellExecuteHook.SABShellExecuteHook\CLSID

HKCR\ShellExecuteHook.SABShellExecuteHook\CurVer

HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}

HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}\1.0

HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}\1.0\0

HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}\1.0\0\win32

HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}\1.0\FLAGS

HKCR\TypeLib\{D01E70E5-2E5A-4EDC-B8A7-84FA45346E34}\1.0\HELPDIR

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{166B1BCA-3F9C-11CF-8075-444553540000}

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Control

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\EnableFullPage

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\EnableFullPage\.dcr

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\EnableFullPage\.dir

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\EnableFullPage\.dxr

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Implemented Categories

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\InprocServer32

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\InprocServer32#ThreadingModel

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\MiscStatus

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\MiscStatus\1

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ProgID

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Programmable

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ToolboxBitmap32

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\TypeLib

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\Version

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\VersionIndependantProgId

HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\VersionIndependentProgID

HKCR\SwCtl.SwCtl.11

HKCR\SwCtl.SwCtl.11\CLSID

HKCR\SWCtl.SWCtl

HKCR\SWCtl.SWCtl\CLSID

HKCR\SWCtl.SWCtl\CurVer

HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}

HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}\1.0

HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}\1.0\0

HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}\1.0\0\win32

HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}\1.0\FLAGS

HKCR\TypeLib\{AC4C21AD-9194-416E-9D34-D6C1350F28F6}\1.0\HELPDIR

C:\WINDOWS\SYSTEM32\ADOBE\DIRECTOR\SWDIR.DLL

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{233C1507-6A77-46A4-9443-F871F945D258}

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Control

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\EnableFullPage

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\EnableFullPage\.dcr

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\EnableFullPage\.dir

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\EnableFullPage\.dxr

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Implemented Categories

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32#ThreadingModel

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\MiscStatus

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\MiscStatus\1

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ProgID

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Programmable

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ToolboxBitmap32

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\TypeLib

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\Version

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\VersionIndependentProgID

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377B5106-3B4E-4A2D-8520-8767590CAC86}

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\Control

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\EnableFullPage

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\EnableFullPage\.svg

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\EnableFullPage\.svgz

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\InprocServer32

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\InprocServer32#ThreadingModel

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\Insertable

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\MiscStatus

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\MiscStatus\1

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\ProgID

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\Programmable

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\ToolboxBitmap32

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\TypeLib

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\Version

HKCR\CLSID\{377B5106-3B4E-4A2D-8520-8767590CAC86}\VersionIndependentProgID

HKCR\Adobe.SVGCtl.3

HKCR\Adobe.SVGCtl.3\CLSID

HKCR\Adobe.SVGCtl.3\Insertable

HKCR\Adobe.SVGCtl

HKCR\Adobe.SVGCtl\CLSID

HKCR\Adobe.SVGCtl\CurVer

HKCR\Adobe.SVGCtl\DefaultIcon

HKCR\Adobe.SVGCtl\shell

HKCR\Adobe.SVGCtl\shell\open

HKCR\Adobe.SVGCtl\shell\open\command

HKCR\Adobe.SVGCtl\shell\open\ddeexec

HKCR\Adobe.SVGCtl\shell\open\ddeexec\Application

HKCR\Adobe.SVGCtl\shell\open\ddeexec\Topic

HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}

HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}\3.0

HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}\3.0\0

HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}\3.0\0\win32

HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}\3.0\FLAGS

HKCR\TypeLib\{8415B62C-3C1B-416E-B5D7-40D983A9FA50}\3.0\HELPDIR

C:\PROGRA~1\COMMON~1\ADOBE\SVGVIE~1.0\NPSVG3.DLL

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\Control

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\InprocServer32

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\InprocServer32#ThreadingModel

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\MiscStatus

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\MiscStatus\1

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ProgID

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ToolboxBitmap32

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\TypeLib

HKCR\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\Version

HKCR\MANAGER.DLMCtrl.1

HKCR\MANAGER.DLMCtrl.1\CLSID

HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}

HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}\1.0

HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}\1.0\0

HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}\1.0\0\win32

HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}\1.0\FLAGS

HKCR\TypeLib\{88F19F56-F9DA-4527-9EBB-8E3096509A0E}\1.0\HELPDIR

C:\WINDOWS\DOWNLO~1\DOWNLO~1.OCX

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\Control

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\Implemented Categories

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\InprocServer32

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\InprocServer32#ThreadingModel

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\MiscStatus

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\MiscStatus\1

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ProgID

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ToolboxBitmap32

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\TypeLib

HKCR\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\Version

HKCR\SMARTLOAD.smartLoadCtrl.1

HKCR\SMARTLOAD.smartLoadCtrl.1\CLSID

HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}

HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}\1.0

HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}\1.0\0

HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}\1.0\0\win32

HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}\1.0\FLAGS

HKCR\TypeLib\{8BF3BD23-3E30-4235-B52B-19CAA74AFBB3}\1.0\HELPDIR

C:\WINDOWS\DOWNLO~1\NVIDIA~1.OCX

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8AD9C840-044E-11D1-B3E9-00805F499D93}

HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}

HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}

HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32

HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32#ThreadingModel

HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\MiscStatus

HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\MiscStatus\1

C:\PROGRAM FILES\JAVA\JRE6\BIN\NPJPI160_20.DLL

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}#AppID

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\Control

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\InprocServer32

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\InprocServer32#ThreadingModel

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\MiscStatus

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\MiscStatus\1

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\ProgID

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\Programmable

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\ToolboxBitmap32

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\TypeLib

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\Version

HKCR\CLSID\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}\VersionIndependentProgID

HKCR\ScanProcesses.SABScanProcesses.1

HKCR\ScanProcesses.SABScanProcesses.1\CLSID

HKCR\ScanProcesses.SABScanProcesses

HKCR\ScanProcesses.SABScanProcesses\CLSID

HKCR\ScanProcesses.SABScanProcesses\CurVer

HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}

HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}\1.0

HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}\1.0\0

HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}\1.0\0\win32

HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}\1.0\FLAGS

HKCR\TypeLib\{FF23DB8A-B3A2-4A64-A942-8B621609DE62}\1.0\HELPDIR

C:\WINDOWS\DOWNLOADED PROGRAM FILES\SABSPX.DLL

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}

HKCR\CLSID\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}

HKCR\CLSID\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}

HKCR\CLSID\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\InprocServer32

HKCR\CLSID\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\InprocServer32#ThreadingModel

C:\WINDOWS\SYSTEM32\DEPLOYJAVA1.DLL

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}

HKU\S-1-5-21-1123561945-1220945662-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B1E2B96C-12FE-45E2-BEF1-44A219113CDD}

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

HKCR\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

HKCR\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

HKCR\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32

HKCR\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32#ThreadingModel

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\InprocServer32

HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\InprocServer32#ThreadingModel

HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\MiscStatus

HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\MiscStatus\1

HKCR\Folder\shellex\columnhandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}

HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}

HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}

HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}\InprocServer32

HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}\InprocServer32#ThreadingModel

HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}\VersionIndependentProgID

HKCR\PDFShell.PDFShell

C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\PDFSHELL.DLL

HKLM\System\ControlSet001\Services\aswFsBlk

C:\WINDOWS\SYSTEM32\DRIVERS\ASWFSBLK.SYS

HKLM\System\ControlSet001\Enum\Root\LEGACY_aswFsBlk

HKLM\System\ControlSet001\Services\aswUpdSv

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE

HKLM\System\ControlSet001\Enum\Root\LEGACY_aswUpdSv

HKLM\System\ControlSet001\Services\avast! Antivirus

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE

HKLM\System\ControlSet001\Enum\Root\LEGACY_avast! Antivirus

HKLM\System\ControlSet001\Services\avast! Mail Scanner

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE

HKLM\System\ControlSet001\Enum\Root\LEGACY_avast! Mail Scanner

HKLM\System\ControlSet001\Services\avast! Web Scanner

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE

HKLM\System\ControlSet001\Enum\Root\LEGACY_avast! Web Scanner

HKLM\System\ControlSet001\Services\JavaQuickStarterService

C:\PROGRAM FILES\JAVA\JRE6\BIN\JQS.EXE

HKLM\System\ControlSet001\Enum\Root\LEGACY_JavaQuickStarterService

HKLM\System\ControlSet001\Services\PxHelp20

C:\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS

HKLM\System\ControlSet001\Enum\Root\LEGACY_PxHelp20

HKLM\System\ControlSet001\Services\SASDIFSV

C:\PROGRAM FILES\SUPERANTISPYWARE\SASDIFSV.SYS

HKLM\System\ControlSet001\Enum\Root\LEGACY_SASDIFSV

HKLM\System\ControlSet001\Services\SASENUM

C:\PROGRAM FILES\SUPERANTISPYWARE\SASENUM.SYS

HKLM\System\ControlSet001\Enum\Root\LEGACY_SASENUM

HKLM\System\ControlSet001\Services\SASKUTIL

C:\PROGRAM FILES\SUPERANTISPYWARE\SASKUTIL.SYS

HKLM\System\ControlSet001\Enum\Root\LEGACY_SASKUTIL

HKLM\System\ControlSet002\Services\aswFsBlk

HKLM\System\ControlSet002\Enum\Root\LEGACY_aswFsBlk

HKLM\System\ControlSet002\Services\aswUpdSv

HKLM\System\ControlSet002\Enum\Root\LEGACY_aswUpdSv

HKLM\System\ControlSet002\Services\avast! Antivirus

HKLM\System\ControlSet002\Enum\Root\LEGACY_avast! Antivirus

HKLM\System\ControlSet002\Services\avast! Mail Scanner

HKLM\System\ControlSet002\Enum\Root\LEGACY_avast! Mail Scanner

HKLM\System\ControlSet002\Services\avast! Web Scanner

HKLM\System\ControlSet002\Enum\Root\LEGACY_avast! Web Scanner

HKLM\System\ControlSet002\Services\JavaQuickStarterService

HKLM\System\ControlSet002\Enum\Root\LEGACY_JavaQuickStarterService

HKLM\System\ControlSet002\Services\PxHelp20

HKLM\System\ControlSet002\Enum\Root\LEGACY_PxHelp20

HKLM\System\ControlSet002\Services\SASDIFSV

HKLM\System\ControlSet002\Enum\Root\LEGACY_SASDIFSV

HKLM\System\ControlSet002\Services\SASENUM

HKLM\System\ControlSet002\Enum\Root\LEGACY_SASENUM

HKLM\System\ControlSet002\Services\SASKUTIL

HKLM\System\ControlSet002\Enum\Root\LEGACY_SASKUTIL

HKLM\System\CurrentControlSet\Services\aswFsBlk

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_aswFsBlk

HKLM\System\CurrentControlSet\Services\aswUpdSv

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_aswUpdSv

HKLM\System\CurrentControlSet\Services\avast! Antivirus

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_avast! Antivirus

HKLM\System\CurrentControlSet\Services\avast! Mail Scanner

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_avast! Mail Scanner

HKLM\System\CurrentControlSet\Services\avast! Web Scanner

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_avast! Web Scanner

HKLM\System\CurrentControlSet\Services\JavaQuickStarterService

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_JavaQuickStarterService

HKLM\System\CurrentControlSet\Services\PxHelp20

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_PxHelp20

HKLM\System\CurrentControlSet\Services\SASDIFSV

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_SASDIFSV

HKLM\System\CurrentControlSet\Services\SASENUM

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_SASENUM

HKLM\System\CurrentControlSet\Services\SASKUTIL

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_SASKUTIL

C:\PROGRAM FILES\ADOBE\READER 9.0\READER\ACRORD32.EXE

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\AcroRd32.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\AcroRd32.exe#Path

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHAVAST.EXE

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\ashAvast.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\ashAvast.exe#Path

C:\DOCUMENTS AND SETTINGS\KIT\MY DOCUMENTS\SOFTWARE\HIJACKTHIS.EXE

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe#Path

C:\PROGRAM FILES\JAVA\JRE6\BIN\JAVAWS.EXE

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\javaws.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\javaws.exe#Path

C:\PROGRAM FILES\ILLIMINABLE\OGGCODECS\OOOGGDUMP.EXE

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\OOOggDump.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SGTRAY.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NOS\ADOBE_DOWNLOADS\ARH.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SKYPE\PLUGINS\PLUGINS\70A769DCB31D4D59AE936EAC08D29EE4\PANDOSKYPEPLUGIN.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\DESKTOP\AVAST! ANTIVIRUS.LNK

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\GAMES\PINBALL.LNK

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\ACCESSORIES\COMMUNICATIONS\HYPERTERMINAL.LNK

C:\PROGRAM FILES\ADOBE\ACROBAT.COM\ACROBAT.COM.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\ACROBAT.COM.LNK

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\ADOBE READER 9.LNK

C:\PROGRAM FILES\ALIBRE DESIGN\PROGRAM\ALIBRE DESIGN.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\ALIBRE DESIGN\ALIBRE DESIGN.LNK

C:\PROGRAM FILES\ALIBRE DESIGN\PROGRAM\REPOMIGRATIONTOOL.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\ALIBRE DESIGN\DATA MIGRATION TOOL.LNK

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\AVAST! ANTIVIRUS\AVAST! ANTIVIRUS.LNK

C:\PROGRAM FILES\POWERDVD\POWERDVD.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\CYBERLINK POWERDVD\POWERDVD.LNK

C:\PROGRAM FILES\POWERDVD\CLDMA.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\CYBERLINK POWERDVD\SYSTEM DIAGNOSTIC.LNK

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\HP\HP DVD\HP DISC COMPATIBILITY SETTING.LNK

C:\PROGRAM FILES\HP DVD\UMBRELLA\HP DVD.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\HP\HP DVD\HP DVD.LNK

C:\PROGRAM FILES\HP DVD\SUPPORT\UNINSTALL.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\HP\HP DVD\UNINSTALL.LNK

C:\PROGRAM FILES\JEWEL QUEST\JEWELQUEST.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\JEWEL QUEST\ JEWEL QUEST.LNK

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\JEWEL QUEST\OTHER GAMES.LNK

C:\PROGRAM FILES\JPEG IMAGER\UNINS000.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\JPEG IMAGER\UNINSTALL JPEG IMAGER.LNK

C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\MISC.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MICROSOFT OFFICE TOOLS\MICROSOFT ACCESS SNAPSHOT VIEWER.LNK

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MICROSOFT OFFICE TOOLS\MICROSOFT OFFICE LANGUAGE SETTINGS.LNK

C:\PROGRAM FILES\PAMELA\UNINST.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\PAMELA\UNINSTALL PAMELA.LNK

C:\PROGRAM FILES\SUPERANTISPYWARE\BOOTSAFE.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\SUPERANTISPYWARE\BOOTSAFE.LNK

C:\PROGRAM FILES\SUPERANTISPYWARE\RUNSAS.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\SUPERANTISPYWARE\SUPERANTISPYWARE ALTERNATE START.LNK

C:\PROGRAM FILES\TREASURE FALL\TF.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\TREASURE FALL\TREASURE FALL.LNK

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\WWW.MACROMEDIA.COM\BIN\AIRAPPINSTALLER\AIRAPPINSTALLER.EXE

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MICROSOFT\INSTALLER\{23970E31-948B-466E-8376-1224D32FDF0C}\NEWSHORTCUT11_23970E31948B466E83761224D32FDF0C.EXE

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MICROSOFT\INSTALLER\{23970E31-948B-466E-8376-1224D32FDF0C}\NEWSHORTCUT1_23970E31948B466E83761224D32FDF0C.EXE

C:\PROGRAM FILES\IRFANVIEW\I_VIEW32.EXE

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\IRFANVIEW.LNK

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\TREASURE FALL.LNK

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GHHZNBSX.DEFAULT\EXTENSIONS\{108F9956-3027-48D0-8C3E-227282CCF623}\COMPONENTS\ENGINE.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GHHZNBSX.DEFAULT\EXTENSIONS\{1890D1B4-82D4-45C1-8EED-29B455ED389D}\COMPONENTS\ENGINE.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\15\4E09EACF-6751221A-N\DECORA-D3D.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\15\58FB3E0F-642C930F-N\DECORA-D3D.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\15\58FB3E0F-642C930F-N\DECORA-SSE.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\15\58FB3E0F-642C930F-N\JMC.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\17\6D0AD391-25995299-N\DECORA-D3D.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\17\6D0AD391-25995299-N\DECORA-SSE.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\33\258CEA61-2C557BAB-N\JMC.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\37\2C4A0065-7987D4AE-N\DECORA-D3D.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\37\3976F065-3F22C760-N\DECORA-SSE.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\38\39BA6E6-71F18009-N\JMC.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\45\4F710EED-4290861F-N\GLUEGEN-RT.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\46\759E98EE-604FB116-N\DECORA-D3D.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\46\759E98EE-604FB116-N\DECORA-SSE.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\46\759E98EE-604FB116-N\JMC.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\50\5B902232-355AC1DD-N\DECORA-SSE.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\54\1A209876-3419F0E2-N\JMC.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\62\6BAEA4FE-3F26B41E-N\JOGL.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\62\6BAEA4FE-3F26B41E-N\JOGL_AWT.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\62\6BAEA4FE-3F26B41E-N\JOGL_CG.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\SYSTEMCACHE\6.0\17\6D0AD391-54F0E8AF-N\DECORA-D3D.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\SYSTEMCACHE\6.0\17\6D0AD391-54F0E8AF-N\DECORA-SSE.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\SYSTEMCACHE\6.0\54\1A209876-1D1AC52F-N\JMC.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\JRE1.6.0_17\LZMA.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\JRE1.6.0_15\LZMA.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\JRE1.6.0_11\LZMA.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\JRE1.6.0_13\LZMA.DLL

C:\DOCUMENTS AND SETTINGS\KIT\APPLICATION DATA\SUN\JAVA\JRE1.6.0_14\LZMA.DLL

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\ALIBRE DESIGN\ALIBRE DESIGN.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\ALIBRE DESIGN\DATA MIGRATION TOOL.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\COMPUTER SHORTCUTS\ADOBE READER 9 INSTALLER\SETUP.EXE

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\COMPUTER SHORTCUTS\ADOBE READER 9.0.0.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\COMPUTER SHORTCUTS\ADOBE READER 9.3.0.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\COMPUTER SHORTCUTS\ADOBE READER 9.3.1.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\COMPUTER SHORTCUTS\ADOBE READER 9.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\GAMES SHORTCUTS\JEWEL QUEST.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\GAMES SHORTCUTS\TREASURE FALL.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\ADOBE READER 9.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\ADOBE READER 9 INSTALLER\AIR\NOSSO_AIR.EXE

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\ADOBE READER 9 INSTALLER\AIRSHAREINSTALLER.EXE

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\ADOBE READER 9 INSTALLER\READER9\SETUP.EXE

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\ADOBE READER 9 INSTALLER\SETUP.EXE

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\ADOBE READER 9.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\COMPUTER SHORTCUTS\AVAST! ANTIVIRUS.LNK

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\GAP PGMS\ATF-CLEANER.EXE

C:\DOCUMENTS AND SETTINGS\KIT\DESKTOP\SELDOM USED SHORTCUTS\GAP PGMS\JAVA\6.15\JRE-6U15-WINDOWS-I586-IFTW-K.EXE

C:\DOCUMENTS AND SETTINGS\KIT\LOCAL SETTINGS\TEMP\SSUPDATE.EXE

C:\PROGRAM FILES\ATOMIC CLOCK SYNC\UNWISE.EXE

C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\ATOMIC CLOCK SYNC\UNINSTALL ATOMIC CLOCK SYNC.LNK

C:\PROGRAM FILES\ILLIMINABLE\OGGCODECS\UNINST.EXE

C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\ILLIMINABLE\OGGCODECS\UNINSTALL.LNK

C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\IRFANVIEW\IRFANVIEW - THUMBNAILS.LNK

C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\IRFANVIEW\IRFANVIEW 4.20.LNK

C:\PROGRAM FILES\IRFANVIEW\IV_UNINSTALL.EXE

C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\IRFANVIEW\UNINSTALL IRFANVIEW.LNK

C:\PROGRAM FILES\NOOK AND CRANNY\UNINSTALL.EXE

C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\NOOK AND CRANNY\UNINSTALL GAME.LNK

C:\DOCUMENTS AND SETTINGS\KIT\START MENU\PROGRAMS\NOOK AND CRANNY\UNINSTALL.LNK

C:\WINDOWS\ALCUPD.EXE

C:\WINDOWS\ASSEMBLY\GAC_MSIL\PRESENTATIONCFFRASTERIZER\3.0.0.0__31BF3856AD364E35\PRESENTATIONCFFRASTERIZER.DLL

C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\PRESENTATIONCFFRAST#\2AB0F8728D72DB601F1B806C5BA9FD8C\PRESENTATIONCFFRASTERIZER.NI.DLL

C:\WINDOWS\DOWNLOADED PROGRAM FILES\DOWNLOADMANAGERV2.OCX

C:\WINDOWS\DOWNLOADED PROGRAM FILES\NVIDIASMARTSCAN.OCX

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACRORD32INFO.EXE

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\A3DUTILITY.EXE

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACROBROKER.EXE

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACROIEHELPER.DLL

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACROIEHELPERSHIM.DLL

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACRORD32.EXE

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACRORDIF.DLL

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\ACROTEXTEXTRACTOR.EXE

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\EULA.EXE

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\NPPDF32.DLL

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\NPPDF32.DLL_APOLLO

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFPREVHNDLR.DLL

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFPREVHNDLRSHIM.EXE

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFSHELL.DLL

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\READER_SL.EXE

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B7449A0300000010\9.3.0\VIEWERPS.DLL

C:\WINDOWS\INSTALLER\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\PLACES.EXE

C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\ACCICONS.EXE

C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\BINDICO.EXE

C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\FPICON.EXE

C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\OUTICON.EXE

C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\PEICONS.EXE

C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\PPTICO.EXE

C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\WORDICON.EXE

C:\WINDOWS\INSTALLER\{00000409-78E1-11D2-B60F-006097C998E7}\XLICONS.EXE

C:\WINDOWS\INSTALLER\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\APPLESOFTWAREUPDATEICO.EXE

C:\WINDOWS\INSTALLER\{9541FED0-327F-4DF0-8B96-EF57EF622F19}\RECORDNOW.EXE

C:\WINDOWS\INSTALLER\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\ICONCDDCBBF13.EXE

C:\WINDOWS\INSTALLER\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\ICONCDDCBBF15.EXE

C:\WINDOWS\INSTALLER\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\ICONCDDCBBF16.EXE

C:\WINDOWS\INSTALLER\{D103C4BA-F905-437A-8049-DB24763BBE36}\SKYPEICON.EXE

C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WPF\PRESENTATIONCFFRASTERIZER.DLL

C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\MICROSOFT .NET FRAMEWORK 3.5 SP1\WAPRES.1049.DLL

C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\MICROSOFT .NET FRAMEWORK 3.5 SP1\WAPRES.1043.DLL

C:\WINDOWS\SYSTEM32\ACTSKIN4.OCX

C:\WINDOWS\SYSTEM32\ADOBE\DIRECTOR\NP32DSW.DLL

C:\WINDOWS\SYSTEM32\ADOBE\DIRECTOR\SWDNLD.EXE

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\DYNAPLAYER.DLL

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\GTAPI.DLL

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\PLUGIN.DLL

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\PROJ.DLL

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\SWHELPER_1100465.EXE

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\SWHELPER_1151601.EXE

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\SWINIT.EXE

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\SWMENU.DLL

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\SYMCCHECKER.DLL

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\UNINSTALLER.EXE

C:\WINDOWS\SYSTEM32\ADOBE\SHOCKWAVE 11\UNWISE.EXE

C:\WINDOWS\SYSTEM32\AVASTSS.SCR

C:\WINDOWS\SYSTEM32\CHCFG.EXE

C:\WINDOWS\SYSTEM32\DRIVERS\AAVMKER4.SYS

C:\WINDOWS\SYSTEM32\DRIVERS\ASWMON.SYS

C:\WINDOWS\SYSTEM32\DRIVERS\ASWMON2.SYS

C:\WINDOWS\SYSTEM32\DRIVERS\ASWRDR.SYS

C:\WINDOWS\SYSTEM32\DRIVERS\ASWSP.SYS

C:\WINDOWS\SYSTEM32\DRIVERS\ASWTDI.SYS

C:\WINDOWS\SYSTEM32\DRIVERS\BANTEXT.SYS

C:\WINDOWS\SYSTEM32\DRIVERS\MBAM.SYS

C:\WINDOWS\SYSTEM32\DRIVERS\MBAMSWISSARMY.SYS

C:\WINDOWS\SYSTEM32\IAC25_32.AX

C:\WINDOWS\SYSTEM32\JAVA.EXE

C:\WINDOWS\SYSTEM32\JAVACPL.CPL

C:\WINDOWS\SYSTEM32\JAVAW.EXE

C:\WINDOWS\SYSTEM32\JAVAWS.EXE

C:\WINDOWS\SYSTEM32\LFBMP13N.DLL

C:\WINDOWS\SYSTEM32\LFCMP13N.DLL

C:\WINDOWS\SYSTEM32\LFGIF13N.DLL

C:\WINDOWS\SYSTEM32\LFPNG13N.DLL

C:\WINDOWS\SYSTEM32\LTDIS13N.DLL

C:\WINDOWS\SYSTEM32\LTEFX13N.DLL

C:\WINDOWS\SYSTEM32\LTFIL13N.DLL

C:\WINDOWS\SYSTEM32\LTIMG13N.DLL

C:\WINDOWS\SYSTEM32\LTKRN13N.DLL

C:\WINDOWS\SYSTEM32\MACROMED\COMMON\SWSUPPORT.DLL

C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASHUTIL10E.EXE

C:\WINDOWS\SYSTEM32\MACROMED\FLASH\NPSWF32_FLASHUTIL.EXE

C:\WINDOWS\SYSTEM32\MACROMED\FLASH\UNINSTALL_ACTIVEX.EXE

C:\WINDOWS\SYSTEM32\MACROMED\FLASH\UNINSTALL_PLUGIN.EXE

C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\DYNAPLAYER.DLL

C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\PLUGIN.DLL

C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\PLUGINPING.DLL

C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\PROJ.DLL

C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\SWINIT.EXE

C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\SWMENUX.DLL

C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\SWONCE.DLL

C:\WINDOWS\SYSTEM32\MSIMRT16.DLL

C:\WINDOWS\SYSTEM32\MSRTEDIT.DLL

C:\WINDOWS\SYSTEM32\PCDLIB32.DLL

C:\WINDOWS\SYSTEM32\PDFCMNNT.DLL

C:\WINDOWS\SYSTEM32\PX.DLL

C:\WINDOWS\SYSTEM32\PXDRV.DLL

C:\WINDOWS\SYSTEM32\PXMAS.DLL

C:\WINDOWS\SYSTEM32\PXWAVE.DLL

C:\WINDOWS\SYSTEM32\PXWMA.DLL

C:\WINDOWS\SYSTEM32\QUICKTIME.QTS

C:\WINDOWS\SYSTEM32\QUICKTIMEVR.QTX

C:\WINDOWS\SYSTEM32\REMOTECONTROL.DLL

C:\WINDOWS\SYSTEM32\SABPROCENUM.SYS

C:\WINDOWS\SYSTEM32\SRKEY.EXE

C:\WINDOWS\SYSTEM32\SSCE5332.DLL

C:\WINDOWS\SYSTEM32\UMLOADER.DLL

C:\WINDOWS\SYSTEM32\VSFLEX3.OCX

C:\WINDOWS\SYSTEM32\VXBLOCK.DLL

HKCR\Interface\{099C3740-E2EA-48E8-A8B4-C8AEAD7B7884}

HKCR\Interface\{099C3740-E2EA-48E8-A8B4-C8AEAD7B7884}\ProxyStubClsid

HKCR\Interface\{099C3740-E2EA-48E8-A8B4-C8AEAD7B7884}\ProxyStubClsid32

HKCR\Interface\{099C3740-E2EA-48E8-A8B4-C8AEAD7B7884}\TypeLib

HKCR\Interface\{099C3740-E2EA-48E8-A8B4-C8AEAD7B7884}\TypeLib#Version

HKCR\Interface\{166B1BC8-3F9C-11CF-8075-444553540000}

HKCR\Interface\{166B1BC8-3F9C-11CF-8075-444553540000}\ProxyStubClsid

HKCR\Interface\{166B1BC8-3F9C-11CF-8075-444553540000}\ProxyStubClsid32

HKCR\Interface\{166B1BC8-3F9C-11CF-8075-444553540000}\TypeLib

HKCR\Interface\{166B1BC8-3F9C-11CF-8075-444553540000}\TypeLib#Version

HKCR\Interface\{166B1BC9-3F9C-11CF-8075-444553540000}

HKCR\Interface\{166B1BC9-3F9C-11CF-8075-444553540000}\ProxyStubClsid

HKCR\Interface\{166B1BC9-3F9C-11CF-8075-444553540000}\ProxyStubClsid32

HKCR\Interface\{166B1BC9-3F9C-11CF-8075-444553540000}\TypeLib

HKCR\Interface\{166B1BC9-3F9C-11CF-8075-444553540000}\TypeLib#Version

HKCR\Interface\{398E1AED-A22D-4558-869E-C6D775C02585}

HKCR\Interface\{398E1AED-A22D-4558-869E-C6D775C02585}\ProxyStubClsid

HKCR\Interface\{398E1AED-A22D-4558-869E-C6D775C02585}\ProxyStubClsid32

HKCR\Interface\{398E1AED-A22D-4558-869E-C6D775C02585}\TypeLib

HKCR\Interface\{398E1AED-A22D-4558-869E-C6D775C02585}\TypeLib#Version

HKCR\Interface\{41066AF3-53A3-4C67-83AC-14688B13B31E}

HKCR\Interface\{41066AF3-53A3-4C67-83AC-14688B13B31E}\ProxyStubClsid

HKCR\Interface\{41066AF3-53A3-4C67-83AC-14688B13B31E}\ProxyStubClsid32

HKCR\Interface\{41066AF3-53A3-4C67-83AC-14688B13B31E}\TypeLib

HKCR\Interface\{41066AF3-53A3-4C67-83AC-14688B13B31E}\TypeLib#Version

HKCR\Interface\{644F7CB5-EE49-44FC-8587-FAA5EC7A2A3E}

HKCR\Interface\{644F7CB5-EE49-44FC-8587-FAA5EC7A2A3E}\ProxyStubClsid

HKCR\Interface\{644F7CB5-EE49-44FC-8587-FAA5EC7A2A3E}\ProxyStubClsid32

HKCR\Interface\{644F7CB5-EE49-44FC-8587-FAA5EC7A2A3E}\TypeLib

HKCR\Interface\{644F7CB5-EE49-44FC-8587-FAA5EC7A2A3E}\TypeLib#Version

HKCR\Interface\{9DF0C21E-FBC2-436A-9C9D-71BC6A6AC9F4}

HKCR\Interface\{9DF0C21E-FBC2-436A-9C9D-71BC6A6AC9F4}\ProxyStubClsid

HKCR\Interface\{9DF0C21E-FBC2-436A-9C9D-71BC6A6AC9F4}\ProxyStubClsid32

HKCR\Interface\{9DF0C21E-FBC2-436A-9C9D-71BC6A6AC9F4}\TypeLib

HKCR\Interface\{9DF0C21E-FBC2-436A-9C9D-71BC6A6AC9F4}\TypeLib#Version

HKCR\Interface\{AD5FB04F-5A8D-44D4-8206-6A8734186EA2}

HKCR\Interface\{AD5FB04F-5A8D-44D4-8206-6A8734186EA2}\ProxyStubClsid

HKCR\Interface\{AD5FB04F-5A8D-44D4-8206-6A8734186EA2}\ProxyStubClsid32

HKCR\Interface\{AD5FB04F-5A8D-44D4-8206-6A8734186EA2}\TypeLib

HKCR\Interface\{AD5FB04F-5A8D-44D4-8206-6A8734186EA2}\TypeLib#Version

HKCR\Interface\{B9A851C7-F076-4FB6-B704-FE8AF9114EA2}

HKCR\Interface\{B9A851C7-F076-4FB6-B704-FE8AF9114EA2}\ProxyStubClsid

HKCR\Interface\{B9A851C7-F076-4FB6-B704-FE8AF9114EA2}\ProxyStubClsid32

HKCR\Interface\{B9A851C7-F076-4FB6-B704-FE8AF9114EA2}\TypeLib

HKCR\Interface\{B9A851C7-F076-4FB6-B704-FE8AF9114EA2}\TypeLib#Version

HKCR\Interface\{BC0FF429-C759-4010-8A22-FA3D3237DEFC}

HKCR\Interface\{BC0FF429-C759-4010-8A22-FA3D3237DEFC}\ProxyStubClsid

HKCR\Interface\{BC0FF429-C759-4010-8A22-FA3D3237DEFC}\ProxyStubClsid32

HKCR\Interface\{BC0FF429-C759-4010-8A22-FA3D3237DEFC}\TypeLib

HKCR\Interface\{BC0FF429-C759-4010-8A22-FA3D3237DEFC}\TypeLib#Version

HKCR\Interface\{BD719F6D-BC21-4435-9BA1-AFD2F73E22B2}

HKCR\Interface\{BD719F6D-BC21-4435-9BA1-AFD2F73E22B2}\ProxyStubClsid

HKCR\Interface\{BD719F6D-BC21-4435-9BA1-AFD2F73E22B2}\ProxyStubClsid32

HKCR\Interface\{BD719F6D-BC21-4435-9BA1-AFD2F73E22B2}\TypeLib

HKCR\Interface\{BD719F6D-BC21-4435-9BA1-AFD2F73E22B2}\TypeLib#Version

HKCR\Interface\{DDD44405-261C-4446-BE38-6B3D9AD6CE5D}

HKCR\Interface\{DDD44405-261C-4446-BE38-6B3D9AD6CE5D}\ProxyStubClsid

HKCR\Interface\{DDD44405-261C-4446-BE38-6B3D9AD6CE5D}\ProxyStubClsid32

HKCR\Interface\{DDD44405-261C-4446-BE38-6B3D9AD6CE5D}\TypeLib

HKCR\Interface\{DDD44405-261C-4446-BE38-6B3D9AD6CE5D}\TypeLib#Version

HKCR\Interface\{FCFE719E-E773-4B80-9FBD-1B6CDF6BF650}

HKCR\Interface\{FCFE719E-E773-4B80-9FBD-1B6CDF6BF650}\ProxyStubClsid

HKCR\Interface\{FCFE719E-E773-4B80-9FBD-1B6CDF6BF650}\ProxyStubClsid32

HKCR\Interface\{FCFE719E-E773-4B80-9FBD-1B6CDF6BF650}\TypeLib

HKCR\Interface\{FCFE719E-E773-4B80-9FBD-1B6CDF6BF650}\TypeLib#Version

HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}

HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}\NumMethods

HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}\ProxyStubClsid

HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}\ProxyStubClsid32

HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}\TypeLib

HKCR\Interface\{FDA6EEC2-325B-4E8A-A8C7-1C75DFBE72D5}\TypeLib#Version

C:\WINDOWS\Prefetch\ASHAVAST.EXE-2A5C4076.pf

C:\WINDOWS\Prefetch\ASHDISP.EXE-350F01F0.pf

C:\WINDOWS\Prefetch\DVDBITSET.EXE-22456526.pf

C:\WINDOWS\Prefetch\DVDTRAY.EXE-24F66939.pf

C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-04E068DC.pf

C:\WINDOWS\Prefetch\JUSCHED.EXE-01E8D395.pf

C:\WINDOWS\Prefetch\QTTASK.EXE-0337C4B9.pf

C:\WINDOWS\Prefetch\READER_SL.EXE-02994A2F.pf

C:\WINDOWS\Prefetch\SGTRAY.EXE-1100F01D.pf

Share this post


Link to post
Share on other sites

I recommend that you fully uninstall SAS V4.35.1002, reboot, and then re-install SAS. Something may have become scrambled during the MB failure. Be sure to obtain the latest SAS core/trace definitions. Then try another Complete Scan and see if it will scan okay.

It does look like you may have a worm on your system. Please refer to the link below concerning program NOSSO_Air.exe

http://www.prevx.com/filenames/2194265379028849028-X1/NOSSO5FAIR.EXE.html

Share this post


Link to post
Share on other sites

As all of those items are still in quarantine in the existing SAS, would it help, at all, if they were released from quarantine and then fully uninstall SAS V4.35.1002?

At the moment, Windows will only allow me in for about 8 minutes before it crashes and I am forced to retreat to my Master OS. Releasing those items from quarantine and uninstalling SAS can be done in under 8 minutes ... assuming Windows will allow me to get into my Control Panel.

Share this post


Link to post
Share on other sites

As all of those items are still in quarantine in the existing SAS, would it help, at all, if they were released from quarantine and then fully uninstall SAS V4.35.1002?

At the moment, Windows will only allow me in for about 8 minutes before it crashes and I am forced to retreat to my Master OS. Releasing those items from quarantine and uninstalling SAS can be done in under 8 minutes ... assuming Windows will allow me to get into my Control Panel.

Yes, restore them first.

Share this post


Link to post
Share on other sites

Unfortunately, SAS Pro refused me access to the logs. In all likelihood, all I have now of those quarantined items is the logfile. At that point I was promptly booted out of Windows.

Being the stubborn Canadian I am, however, I attempted to re-enter Windows and was successful. At the end of the uninstall there was a query box about (I think) whether or not I wished to save the logfiles. As time was running out fast and my nerves were already shot, I instinctively clicked "Yes". If the query was whether or not I didn't, I've dumped them. You wouldn't happen to know what that box actually said, would you?

Though the download was successful, running it wasn't. I was informed that the download was corrupt.

At this point neither SAS.exe nor SASPro.exe exist on any of my hard drives.

Share this post


Link to post
Share on other sites

Nevermind. I've just looked through Windows Program Files and, while SAS's file is still there, nothing else is.

Hindsight is indeed 20/20. Via Xandros (my Master OS) I could have looked through my SAS Pro Program File at any time and likely rescued that quarantined file and stored it on Xandros. C'est la vie. My only option now would seem to be re-entering Windows, deleting the SAS file in Program Files and re-attempting to download and install SAS.

Agreed?

Share this post


Link to post
Share on other sites

Nevermind. I've just looked through Windows Program Files and, while SAS's file is still there, nothing else is.

Hindsight is indeed 20/20. Via Xandros (my Master OS) I could have looked through my SAS Pro Program File at any time and likely rescued that quarantined file and stored it on Xandros. C'est la vie. My only option now would seem to be re-entering Windows, deleting the SAS file in Program Files and re-attempting to download and install SAS.

Agreed?

If I understand you correctly, you were unable to unquarantine the original 717 detected threats....and the quarantined files have been lost. If that is so and from scanning through the files and registry keys that have been lost on your system, it is my opinion that your Windows OS and other programs have been significantly damaged and probably will not run properly because they are missing critical files.

Are you able to perform a System Restore from a restore point prior to running SAS quick scan?

Share this post


Link to post
Share on other sites

If I understand you correctly, you were unable to unquarantine the original 717 detected threats....and the quarantined files have been lost. If that is so and from scanning through the files and registry keys that have been lost on your system, it is my opinion that your Windows OS and other programs have been significantly damaged and probably will not run properly because they are missing critical files.

Are you able to perform a System Restore from a restore point prior to running SAS quick scan?

Regretably, even if I had restored everything that was quarantined, it wouldn't have made a particle of difference.

Upon running my hard drive diagnostic tool, I discovered a small, but very effective, rootkit inside System Volume Information. The purpose of the rootkit (aptly named "gotcha.exe") was to erase the contents of the eight logs which constitute System Volume Information. Which, of course, it had already done.

Without Windows' foundation, there isn't anything to restore ... no matter how far back you might choose to go.

Oh well, prior to erasing the contents of that 30GB NTFS partition, I'll transfer: my Desktop, my Software File and those few Purchased Games I've had for years to a removable 4GB hard drive. Not that I'll be able to re-install any of them, but that by doing so it will save me the bother of writing everything down.

What I find particularly annoying, though, is that I had had a perfectly good OEM System Disk for Windows XP Professional c/w SP3 which had an unlimited number of installs available and was not copyright-protected. The annoying part of it is that while I have a Builder of Computers License, issued to me by Microsoft in November 2007, I didn't make a back-up copy of the disk. Two weeks ago, the disk was stolen. Whomever has the disk now won't be able to use it as it has no key. And, so far as I know, there are only four holders of a B.o.C. in all of Ontario.

Rats! Now it's going to cost me another $159 USD to purchase another copy.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...