Symptoms of a rogue virus?

Solved
By Query323
Jul 7, 2012
Topic Status:
Not open for further replies.
  1. Hi,

    Recently my computer has been acting funny in a way I've never seen before. After say a few hours of use, the graphics of the pages I'm visiting starts to disappear and when I want to do any action after that, I get error messages that says there not enough resources to launch this or that. Could this be a virus ? I've ran Malwarebytes , Avast and ESET scanner repeatedly, ran Ccleaner and at first it did find something but later when I scanned again and again nothing was found by all listed programs that I mentioned. So any ideas?

    Thanks!
  2. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hi there!

    We'll take care of BSODs and everything with your computer in this topic.

    We'll start with ComboFix

    Please visit this webpage for a tutorial on downloading and running ComboFix:

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    See the area: Using ComboFix, and when done, post the log back here.
  3. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    Hi, I don't get any BSOD's just letting you know.

    ComboFix 12-07-07.04 - Main 07/07/2012 15:12:28.2.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1125 [GMT -4:00]
    Running from: d:\1. downloads\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\AMMYY
    c:\documents and settings\All Users\Application Data\AMMYY\contacts3.bin
    c:\documents and settings\All Users\Application Data\AMMYY\hr
    c:\documents and settings\All Users\Application Data\AMMYY\hr3
    c:\documents and settings\All Users\Application Data\AMMYY\settings3.bin
    c:\documents and settings\Main\Local Settings\Application Data\assembly\tmp
    c:\windows\system32\ctfmon(2).exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-06-07 to 2012-07-07 )))))))))))))))))))))))))))))))
    .
    .
    2012-06-22 08:36 . 2012-06-22 08:36 -------- d-----w- c:\documents and settings\Main\Local Settings\Application Data\Sun
    2012-06-20 02:30 . 2012-06-20 02:30 -------- d-----w- c:\program files\ESET
    2012-06-17 23:17 . 2012-06-17 23:17 -------- d-----w- c:\program files\Common Files\Java
    2012-06-17 23:16 . 2012-06-17 23:16 -------- d-----w- c:\program files\Oracle
    2012-06-17 23:16 . 2012-06-17 23:16 -------- d-----w- c:\documents and settings\Main\Application Data\Oracle
    2012-06-17 23:16 . 2012-05-04 23:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
    2012-06-15 02:15 . 2012-06-15 02:15 -------- d-----w- c:\program files\iPod
    2012-06-13 20:43 . 2012-05-11 14:42 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
    2012-06-09 00:09 . 2012-06-09 00:09 -------- d-----w- c:\documents and settings\Main\Local Settings\Application Data\BMExplorer
    2012-06-08 23:46 . 2011-02-26 03:02 47264 ----a-w- c:\windows\system32\btathci.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-07-05 12:56 . 2012-04-03 14:51 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-07-05 12:56 . 2011-05-14 05:18 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-28 12:52 . 2010-01-31 04:20 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2012-06-28 12:52 . 2010-01-31 04:20 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2012-06-28 12:52 . 2011-04-23 01:31 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-06-28 12:52 . 2010-01-31 04:20 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2012-06-28 12:52 . 2010-01-31 04:20 97352 ----a-w- c:\windows\system32\drivers\aswmon2.sys
    2012-06-28 12:52 . 2010-01-31 04:20 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
    2012-06-28 12:52 . 2010-01-31 04:20 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2012-06-28 12:52 . 2010-01-31 04:20 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
    2012-06-28 12:52 . 2011-04-23 01:30 41224 ----a-w- c:\windows\avastSS.scr
    2012-06-28 12:51 . 2010-01-31 04:20 227648 ----a-w- c:\windows\system32\aswBoot.exe
    2012-06-02 19:19 . 2009-08-07 00:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 19:19 . 2010-01-31 03:16 329240 ----a-w- c:\windows\system32\wucltui.dll
    2012-06-02 19:19 . 2010-01-31 03:16 210968 ----a-w- c:\windows\system32\wuweb.dll
    2012-06-02 19:19 . 2010-01-31 03:16 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 19:19 . 2009-08-07 00:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 19:19 . 2010-01-31 03:16 53784 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 19:19 . 2010-01-31 03:16 35864 ----a-w- c:\windows\system32\wups.dll
    2012-06-02 19:19 . 2009-08-07 00:24 45080 ----a-w- c:\windows\system32\wups2.dll
    2012-06-02 19:19 . 2009-08-07 00:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 19:19 . 2004-08-04 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
    2012-06-02 19:19 . 2009-08-07 00:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 19:19 . 2010-01-31 03:16 577048 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-02 19:19 . 2010-01-31 03:16 1933848 ----a-w- c:\windows\system32\wuaueng.dll
    2012-06-02 19:18 . 2011-04-23 01:23 214256 ----a-w- c:\windows\system32\muweb.dll
    2012-06-02 19:18 . 2011-04-23 01:23 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
    2012-06-02 19:18 . 2011-04-23 01:23 275696 ----a-w- c:\windows\system32\mucltui.dll
    2012-05-31 13:22 . 2004-08-04 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-16 15:08 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-05-15 13:20 . 2010-01-31 04:59 1863168 ----a-w- c:\windows\system32\win32k.sys
    2012-05-11 14:42 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2012-05-11 14:42 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2012-05-11 11:38 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
    2012-05-04 23:29 . 2012-02-23 20:57 143872 ----a-w- c:\windows\system32\javacpl.cpl
    2012-05-04 23:29 . 2011-04-24 01:43 687504 ----a-w- c:\windows\system32\deployJava1.dll
    2012-05-04 13:16 . 2010-01-31 04:59 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-04 12:32 . 2010-01-31 04:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-02 13:46 . 2010-01-31 04:59 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-06-28 12:51 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "GoodSync"="c:\program files\Siber Systems\GoodSync\GoodSync.exe" [2012-04-27 6831792]
    "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2012-06-19 109336]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [2004-03-17 61952]
    "SoundMan"="SOUNDMAN.EXE" [2004-07-01 73728]
    "AlcWzrd"="ALCWZRD.EXE" [2004-07-05 2550272]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-06-28 4273976]
    "Malwarebytes' Anti-Malware"="e:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-10 15494464]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-02-10 108352]
    "nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-02-10 1634112]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
    "QuickTime Task"="d:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
    "iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
    .
    c:\documents and settings\Main\Start Menu\Programs\Startup\
    RBTray.lnk - c:\program files\RBTray\RBTray.exe [2009-6-2 54272]
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Main^Start Menu^Programs^Startup^DesktopVideoPlayer.lnk]
    path=c:\documents and settings\Main\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk
    backup=c:\windows\pss\DesktopVideoPlayer.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
    2012-02-07 23:11 451856 ----a-w- e:\program files\Sandboxie\SbieCtrl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "AmmyyAdmin"=2 (0x2)
    "idsvc"=3 (0x3)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "e:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
    "e:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
    "e:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "e:\\Program Files\\IBP 9\\IBP.exe"=
    "e:\\Program Files\\SopCast\\SopCast.exe"=
    "e:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
    "e:\\Program Files\\ICQ7.6\\ICQ.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "e:\\Program Files\\Opera\\opera.exe"=
    "d:\\Program Files\\Steam\\Steam.exe"=
    "c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.515\\Agent.exe"=
    "c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.516\\Agent.exe"=
    "e:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
    "d:\\Program Files\\MP3 Skype Recorder\\MP3 Skype Recorder.exe"=
    "d:\\Program Files\\CounterPath\\eyeBeam 1.5\\eyeBeam.exe"=
    "c:\\Documents and Settings\\Main\\Local Settings\\Application Data\\vghd\\bin\\Virtuagirl_Downloader.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "e:\\Program Files\\AirVideoServer\\AirVideoServer.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "d:\\Program Files\\iTunes\\iTunes.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "81:TCP"= 81:TCP:Axon Virtual PBX Web Server
    "4100:UDP"= 4100:UDP:uPNP Router Control Port
    .
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4/22/2011 9:31 PM 721000]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/31/2010 12:20 AM 353688]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [4/25/2011 6:25 PM 218688]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/31/2010 12:20 AM 21256]
    R2 MBAMService;MBAMService;e:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [10/8/2011 1:39 PM 654408]
    R2 MSSQL$ADCENTERDESKTOP;SQL Server (ADCENTERDESKTOP);c:\program files\Microsoft SQL Server\MSSQL10_50.ADCENTERDESKTOP\MSSQL\Binn\sqlservr.exe [4/3/2010 2:56 PM 42884448]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [10/8/2011 1:39 PM 22344]
    S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/15/2012 1:30 PM 158856]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/3/2012 10:51 AM 250056]
    S3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys --> c:\windows\system32\Drivers\AthDfu.sys [?]
    S3 Atheros_btAudio;Bluetooth Virtual SCO Driver;c:\windows\system32\drivers\btathsco.sys --> c:\windows\system32\drivers\btathsco.sys [?]
    S3 btatha2dp;Bluetooth A2DP Audio Device Driver;c:\windows\system32\drivers\btatha2dp.sys --> c:\windows\system32\drivers\btatha2dp.sys [?]
    S3 btathPan;Bluetooth PAN Miniport Device;c:\windows\system32\DRIVERS\btathpan.sys --> c:\windows\system32\DRIVERS\btathpan.sys [?]
    S3 BTATHPROT;General Bluetooth Filter;c:\windows\system32\DRIVERS\btathprot.sys --> c:\windows\system32\DRIVERS\btathprot.sys [?]
    S3 btathrcp;Bluetooth AVRCP Target Device;c:\windows\system32\DRIVERS\btathrcp.sys --> c:\windows\system32\DRIVERS\btathrcp.sys [?]
    S3 btathspp;Bluetooth Serial Port Device;c:\windows\system32\DRIVERS\btathspp.sys --> c:\windows\system32\DRIVERS\btathspp.sys [?]
    S3 BTATHUSB;General Bluetooth Device;c:\windows\system32\DRIVERS\btathusb.sys --> c:\windows\system32\DRIVERS\btathusb.sys [?]
    S3 btfilter;General Bluetooth Filter ss;c:\windows\system32\DRIVERS\btfilter.sys --> c:\windows\system32\DRIVERS\btfilter.sys [?]
    S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [8/10/2011 2:42 AM 23456]
    S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\drivers\MijXfilt.sys [11/24/2011 4:36 PM 95304]
    S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/24/2012 11:06 PM 113120]
    S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [12/14/2011 7:41 PM 25088]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [4/3/2010 2:56 PM 44896]
    S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [4/3/2010 11:02 AM 240608]
    S4 SQLAgent$ADCENTERDESKTOP;SQL Server Agent (ADCENTERDESKTOP);c:\program files\Microsoft SQL Server\MSSQL10_50.ADCENTERDESKTOP\MSSQL\Binn\SQLAGENT.EXE [4/3/2010 2:56 PM 367456]
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 12:56]
    .
    2011-12-08 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
    .
    2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-162531612-725345543-1004Core.job
    - c:\documents and settings\Main\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-10 01:08]
    .
    2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-162531612-725345543-1004UA.job
    - c:\documents and settings\Main\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-10 01:08]
    .
    .
    ------- Supplementary Scan -------
    .
    uInternet Settings,ProxyOverride = *.local
    IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    IE: Show RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - e:\program files\ICQ7.6\ICQ.exe
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{AB1E8D68-CDA5-4E9F-AAB1-87F92CA37C3F}: NameServer = 8.8.8.8,8.8.4.4
    FF - ProfilePath - c:\documents and settings\Main\Application Data\Mozilla\Firefox\Profiles\3dc188pm.default\
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-07-07 15:20
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\ASUS\ASUS Probe\2.23.01]
    @DACL=(02 0000)
    .
    Completion time: 2012-07-07 15:23:58
    ComboFix-quarantined-files.txt 2012-07-07 19:23
    .
    Pre-Run: 8,349,921,280 bytes free
    Post-Run: 8,406,777,856 bytes free
    .
    - - End Of File - - 5312BEE7B996F76CBB63D035C868F132
  4. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    That cleaned up a lot of it.

    For the BSODs...why did you post here then for help: http://www.techspot.com/community/topics/random-bsods.178440 (I deleted the post earlier, by the way).

    Scan for malware

    [​IMG] Please download Malwarebytes Anti-Malware from HERE.


    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
    • Please save the log to a location you will remember.
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
    • Copy and paste the entire report in your next reply.
  5. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    Yeah I was wondering where did my post go? I didn't ask for help, I was offering my help of how I fixed my random BSOD's a while ago!

    I have a paid version of Malwarebytes so I'll run that.
  6. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Oh I see, my apologies.

    I look forward to the MBAM log. Post when you can. I'll be back later.
  7. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    Malwarebytes Anti-Malware (PRO) 1.61.0.1400
    www.malwarebytes.org

    Database version: v2012.07.06.14

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Main :: HOME [administrator]

    Protection: Enabled

    7/7/2012 4:17:41 PM
    mbam-log-2012-07-07 (16-17-41).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 234860
    Time elapsed: 19 minute(s), 19 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
  8. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Any more issues?

    We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

    Many of the things to note for us would be:

    • Slow computer
    • Error messages
    • Fake antivirus alerts or the icon in the system tray
    • svchost.exe running at 100%
    • System crashes or blue screen of death
  9. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    The same issue persists as stated in the OP. After a few hours it will say Insufficient resources to run any program. A restart fixes it and then the same thing happens after few hours.
  10. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Farbar Service Scanner
    Please download Farbar Service Scanner and run it on the computer with the issue.
    • Check "Include All Files" option.
      Press "Scan".
      It will create a log (FSS.txt) in the same directory the tool is run.
      Please copy and paste the log to your reply.

    MySystemSearch
    Please download MySystem-Search from here:
    • Save the file to your Desktop.
    • Double-click on mss.exe
    • Allow it to run, and follow the prompts.
    • Once done, it will launch a log.
    • Post it in your next reply.
    Note: the logs are long. Please use more than one post, if necessary.
  11. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    Farbar Service Scanner Version: 08-07-2012
    Ran by Main (administrator) on 08-07-2012 at 17:38:07
    Running from "D:\1. Downloads"
    Microsoft Windows XP Home Edition Service Pack 3 (X86)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo IP is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Security Center:
    ============

    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    File Check:
    ========
    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
    C:\WINDOWS\system32\netman.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\srsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
    C:\WINDOWS\system32\qmgr.dll => MD5 is legit
    C:\WINDOWS\system32\es.dll => MD5 is legit
    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit

    Extra List:
    =======
    aswTdi(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
    0x09000000050000000100000002000000030000000400000008000000060000000700000009000000
    IpSec Tag value is correct.

    **** End of log ****
     
  12. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    MySystem-Search


    MSS v1.7


    Basic System Information

    Username: Main - Date: 07/08/2012 - Time: 17:40:22

    Microsoft Windows XP [Version 5.1.2600]
    Processor type: x86 Family 15 Model 3 Stepping 4, GenuineIntel
    Total processors: 2
    Computer Name: HOME
    Logon Server: \\HOME


    CD Emulation Drivers running?



    Peer-to-Peer applications?



    Security Tools Check

    User has Sandboxie installed! :D
    CCleaner


    File associations

    .exe=exefile
    .scr=scrfile
    .pif=piffile
    .com=ComFile
    .bat=batfile
    .cmd=cmdfile
    .log=txtfile
    .txt=txtfile
    .reg=regfile
    .sys=sysfile
    .dll=dllfile
    .ini=inifile
    .inf=inffile


    Running processes

    PROCESS PID PRIO PATH
    smss.exe 652 Normal C:\WINDOWS\System32\smss.exe
    csrss.exe 700 Normal C:\WINDOWS\system32\csrss.exe
    winlogon.exe 724 High C:\WINDOWS\system32\winlogon.exe
    services.exe 768 Normal C:\WINDOWS\system32\services.exe
    lsass.exe 780 Normal C:\WINDOWS\system32\lsass.exe
    svchost.exe 948 Normal C:\WINDOWS\system32\svchost.exe
    svchost.exe 1016 Normal C:\WINDOWS\system32\svchost.exe
    SbieSvc.exe 1112 Normal E:\Program Files\Sandboxie\SbieSvc.exe
    svchost.exe 1132 Normal C:\WINDOWS\System32\svchost.exe
    svchost.exe 1260 Normal C:\WINDOWS\system32\svchost.exe
    svchost.exe 1360 Normal C:\WINDOWS\system32\svchost.exe
    AvastSvc.exe 1452 Normal C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    spoolsv.exe 1608 Normal C:\WINDOWS\system32\spoolsv.exe
    svchost.exe 1824 Normal C:\WINDOWS\system32\svchost.exe
    AppleMobileDeviceService.exe 1928 Normal C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    mDNSResponder.exe 2044 Normal C:\Program Files\Bonjour\mDNSResponder.exe
    Explorer.EXE 404 Normal C:\WINDOWS\Explorer.EXE
    jqs.exe 544 Idle C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
    mbamservice.exe 1336 Normal E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    SOUNDMAN.EXE 1948 Normal C:\WINDOWS\SOUNDMAN.EXE
    sqlservr.exe 2024 Normal C:\Program Files\Microsoft SQL Server\MSSQL10_50.ADCENTERDESKTOP\MSSQL\Binn\sqlservr.exe
    ALCWZRD.EXE 2000 Normal C:\WINDOWS\ALCWZRD.EXE
    avastUI.exe 136 Normal C:\Program Files\Alwil Software\Avast5\avastUI.exe
    mbamgui.exe 572 Normal E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    RUNDLL32.EXE 1496 Normal C:\WINDOWS\system32\RUNDLL32.EXE
    nvsvc32.exe 1220 Normal C:\WINDOWS\system32\nvsvc32.exe
    sqlwriter.exe 1012 Normal C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    svchost.exe 2068 Normal C:\WINDOWS\system32\svchost.exe
    GrooveMonitor.exe 2192 Normal C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    iTunesHelper.exe 2380 Normal D:\Program Files\iTunes\iTunesHelper.exe
    jusched.exe 2480 Normal C:\Program Files\Common Files\Java\Java Update\jusched.exe
    RoboTaskBarIcon.exe 3080 Normal C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    RBTray.exe 3256 Normal C:\Program Files\RBTray\RBTray.exe
    iPodService.exe 3288 Normal C:\Program Files\iPod\bin\iPodService.exe
    alg.exe 3884 Normal C:\WINDOWS\System32\alg.exe
    firefox.exe 3608 Normal E:\Program Files\Mozilla Firefox\firefox.exe
    plugin-container.exe 3324 Normal E:\Program Files\Mozilla Firefox\plugin-container.exe
    thunderbird.exe 132 Normal E:\Program Files\Mozilla Thunderbird\thunderbird.exe
    FSS.exe 2688 Normal D:\1. Downloads\FSS.exe
    notepad.exe 2452 Normal C:\WINDOWS\system32\notepad.exe
    mss.exe 3688 Normal C:\Documents and Settings\Main\Desktop\mss.exe
    cmd.exe 2876 Normal C:\WINDOWS\system32\cmd.exe
    pv.exe 2656 Normal C:\Documents and Settings\Main\Desktop\pv.exe


    User Profile check



    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
    ProfilesDirectory REG_EXPAND_SZ %SystemDrive%\Documents and Settings
    DefaultUserProfile REG_SZ Default User
    AllUsersProfile REG_SZ All Users

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
    Flags REG_DWORD 0xc
    State REG_DWORD 0x0
    RefCount REG_DWORD 0x1
    Sid REG_BINARY 010100000000000512000000
    ProfileImagePath REG_EXPAND_SZ %systemroot%\system32\config\systemprofile

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
    ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\LocalService
    Sid REG_BINARY 010100000000000513000000
    Flags REG_DWORD 0x9
    State REG_DWORD 0x0
    CentralProfile REG_SZ
    ProfileLoadTimeLow REG_DWORD 0x8e7f8d40
    ProfileLoadTimeHigh REG_DWORD 0x1cd5d16
    RefCount REG_DWORD 0x3

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
    ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\NetworkService
    Sid REG_BINARY 010100000000000514000000
    Flags REG_DWORD 0x9
    State REG_DWORD 0x0
    CentralProfile REG_SZ
    ProfileLoadTimeLow REG_DWORD 0x8e3f2dc2
    ProfileLoadTimeHigh REG_DWORD 0x1cd5d16
    RefCount REG_DWORD 0x2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1708537768-162531612-725345543-1004
    ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Main
    Sid REG_BINARY 010500000000000515000000A837D6651C09B00907E53B2BEC030000
    Flags REG_DWORD 0x0
    State REG_DWORD 0x100
    CentralProfile REG_SZ
    ProfileLoadTimeLow REG_DWORD 0x8f4ef9d6
    ProfileLoadTimeHigh REG_DWORD 0x1cd5d16
    RefCount REG_DWORD 0x1
    RunLogonScriptSync REG_DWORD 0x0
    OptimizedLogonStatus REG_DWORD 0xb

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1708537768-162531612-725345543-500
    ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Administrator
    Sid REG_BINARY 010500000000000515000000A837D6651C09B00907E53B2BF4010000
    Flags REG_DWORD 0x0
    State REG_DWORD 0x104
    CentralProfile REG_SZ
    ProfileLoadTimeLow REG_DWORD 0x5a5c2e3c
    ProfileLoadTimeHigh REG_DWORD 0x1ccf8f9
    RefCount REG_DWORD 0x0
    RunLogonScriptSync REG_DWORD 0x0


    Current Scheduled Tasks

    PATH: C:\Windows\Tasks

    Adobe Flash Player Updater.job
    AppleSoftwareUpdate.job
    GoogleUpdateTaskUserS-1-5-21-1708537768-162531612-725345543-1004Core.job
    GoogleUpdateTaskUserS-1-5-21-1708537768-162531612-725345543-1004UA.job
    desktop.ini
    SA.DAT


    Windows Drivers and NT-Services

    Volume in drive C is Windows Only
    Volume Serial Number is 7C71-E4D8

    Directory of C:\Windows\System32\Drivers

    11/24/2011 04:36 PM 0 MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
    06/08/2012 08:09 PM 0 Msft_Kernel_btathprot_01005.Wdf
    06/08/2012 08:09 PM 0 Msft_Kernel_btathspp_01005.Wdf
    11/24/2011 04:36 PM 0 Msft_Kernel_MijXfilt_01009.Wdf
    11/24/2011 04:36 PM 0 Msft_Kernel_xusb21_01009.Wdf
    5 File(s) 0 bytes
    0 Dir(s) 8,241,008,640 bytes free
    Volume in drive C is Windows Only
    Volume Serial Number is 7C71-E4D8

    Directory of C:\Windows\System32\Drivers

    04/22/1997 11:16 AM 6,272 ASLM75.SYS
    08/17/2001 09:59 AM 3,072 audstub.sys
    11/27/2002 07:30 AM 16,080 HPZipr12.sys
    11/27/2002 07:30 AM 22,384 HPZius12.sys
    11/27/2002 07:30 AM 50,960 hpzid412.sys
    03/17/2004 04:10 PM 113,664 Hdaudio.sys
    04/27/2004 03:26 AM 5,824 ASUSHWIO.SYS
    05/19/2004 09:05 AM 8,037 EIO.sys
    06/16/2004 08:14 AM 180,480 yk51x86.sys
    07/06/2004 04:59 AM 2,185,408 RtkHDAud.sys
    07/17/2004 11:55 PM 129,045 cxthsfs2.cty
    08/03/2004 11:29 PM 57,856 atinbtxx.sys
    08/03/2004 11:29 PM 701,440 ati2mtag.sys
    08/03/2004 11:29 PM 327,040 ati2mtaa.sys
    08/03/2004 11:29 PM 11,615 ati1mdxx.sys
    08/03/2004 11:29 PM 12,047 ati1pdxx.sys
    08/03/2004 11:29 PM 14,336 atinpdxx.sys
    08/03/2004 11:29 PM 52,224 atinraxx.sys
    08/03/2004 11:29 PM 56,623 ati1btxx.sys
    08/03/2004 11:29 PM 13,824 atinmdxx.sys
    08/03/2004 11:29 PM 73,216 atintuxx.sys
    08/03/2004 11:29 PM 31,744 atinxbxx.sys
    08/03/2004 11:29 PM 28,672 atinsnxx.sys
    08/03/2004 11:29 PM 63,488 atinxsxx.sys
    08/03/2004 11:29 PM 30,671 ati1raxx.sys
    08/03/2004 11:29 PM 13,824 atinttxx.sys
    08/03/2004 11:29 PM 104,960 atinrvxx.sys
    08/03/2004 11:29 PM 34,735 ati1xsxx.sys
    08/03/2004 11:29 PM 29,455 ati1xbxx.sys
    08/03/2004 11:29 PM 36,463 ati1tuxx.sys
    08/03/2004 11:29 PM 21,343 ati1ttxx.sys
    08/03/2004 11:29 PM 26,367 ati1snxx.sys
    08/03/2004 11:29 PM 63,663 ati1rvxx.sys
    08/03/2004 11:29 PM 452,736 mtxparhm.sys
    08/03/2004 11:29 PM 11,807 wadv07nt.sys
    08/03/2004 11:29 PM 11,295 wadv08nt.sys
    08/03/2004 11:29 PM 11,871 wadv09nt.sys
    08/03/2004 11:29 PM 11,935 wadv11nt.sys
    08/03/2004 11:29 PM 25,471 watv10nt.sys
    08/03/2004 11:29 PM 22,271 watv06nt.sys
    08/03/2004 11:29 PM 166,912 s3gnbm.sys
    08/03/2004 11:41 PM 1,309,184 mtlstrm.sys
    08/03/2004 11:41 PM 13,776 recagent.sys
    08/03/2004 11:41 PM 126,686 mtlmnt5.sys
    08/03/2004 11:41 PM 180,360 ntmtlfax.sys
    08/03/2004 11:41 PM 129,535 slnt7554.sys
    08/03/2004 11:41 PM 404,990 slntamr.sys
    08/03/2004 11:41 PM 13,240 slwdmsup.sys
    08/03/2004 11:41 PM 95,424 slnthal.sys
    08/03/2004 11:41 PM 220,032 hsfbs2s2.sys
    08/03/2004 11:41 PM 685,056 hsfcxts2.sys
    08/03/2004 11:41 PM 11,868 mdmxsdk.sys
    08/03/2004 11:41 PM 1,041,536 hsfdpsp2.sys
    08/04/2004 08:00 AM 12,032 ws2ifsl.sys
    08/04/2004 08:00 AM 3,440,660 gm.dls
    08/04/2004 08:00 AM 5,888 rootmdm.sys
    08/04/2004 08:00 AM 31,360 atmepvc.sys
    08/04/2004 08:00 AM 12,032 riodrv.sys
    08/04/2004 08:00 AM 4,736 usbd.sys
    08/04/2004 08:00 AM 12,032 rio8drv.sys
    08/04/2004 08:00 AM 125,056 ftdisk.sys
    08/04/2004 08:00 AM 4,224 rdpcdd.sys
    08/04/2004 08:00 AM 34,432 rawwan.sys
    08/04/2004 08:00 AM 16,512 raspti.sys
    08/04/2004 08:00 AM 4,352 wmilib.sys
    08/04/2004 08:00 AM 7,936 fs_rec.sys
    08/04/2004 08:00 AM 21,376 tsbvcap.sys
    08/04/2004 08:00 AM 8,832 rasacd.sys
    08/04/2004 08:00 AM 17,792 ptilink.sys
    08/04/2004 08:00 AM 12,160 fsvga.sys
    08/04/2004 08:00 AM 3,328 pciide.sys
    08/04/2004 08:00 AM 6,784 parvdm.sys
    08/04/2004 08:00 AM 32,896 ipfltdrv.sys
    08/04/2004 08:00 AM 3,456 oprghdlr.sys
    08/04/2004 08:00 AM 13,952 cbidf2k.sys
    08/04/2004 08:00 AM 18,688 cdaudio.sys
    08/04/2004 08:00 AM 55,936 nwlnkspx.sys
    08/04/2004 08:00 AM 63,232 nwlnknb.sys
    08/04/2004 08:00 AM 32,512 nwlnkfwd.sys
    08/04/2004 08:00 AM 262,528 cinemst2.sys
    08/04/2004 08:00 AM 12,416 nwlnkflt.sys
    08/04/2004 08:00 AM 11,776 cpqdap01.sys
    08/04/2004 08:00 AM 7,680 mcd.sys
    08/04/2004 08:00 AM 58,112 vdmindvd.sys
    08/04/2004 08:00 AM 2,944 null.sys
    08/04/2004 08:00 AM 14,592 smclib.sys
    08/04/2004 08:00 AM 4,224 beep.sys_old
    08/04/2004 08:00 AM 12,032 nikedrv.sys
    08/04/2004 08:00 AM 646 gmreadme.txt
    08/04/2004 08:00 AM 5,888 dmload.sys
    08/04/2004 08:00 AM 51,712 tosdvd.sys
    08/04/2004 08:00 AM 4,224 beep.sys
    08/04/2004 08:00 AM 11,648 acpiec.sys
    08/04/2004 08:00 AM 3,328 dxgthk.sys
    08/04/2004 08:00 AM 12,160 mouhid.sys
    08/04/2004 08:00 AM 10,496 dxapi.sys
    08/04/2004 08:00 AM 4,224 mnmdd.sys
    08/04/2004 08:00 AM 352,256 atmuni.sys
    08/12/2004 10:56 PM 5,810 ASACPI.sys
    09/28/2006 07:55 PM 77,568 WudfPf.sys
    09/28/2006 08:00 PM 82,944 WudfRd.sys
    04/13/2008 12:36 PM 144,384 hdaudbus.sys
    04/13/2008 12:39 PM 20,480 secdrv.sys
    04/13/2008 12:39 PM 142,592 aec.sys
    04/13/2008 01:45 PM 15,104 usbscan.sys
    04/13/2008 01:45 PM 26,368 USBSTOR.SYS
    04/13/2008 02:31 PM 35,840 processr.sys
    04/13/2008 02:31 PM 42,752 p3.sys
    04/13/2008 02:31 PM 36,736 crusoe.sys
    04/13/2008 02:31 PM 36,352 intelppm.sys
    04/13/2008 02:31 PM 37,376 amdk6.sys
    04/13/2008 02:31 PM 37,760 amdk7.sys
    04/13/2008 02:32 PM 66,048 udfs.sys
    04/13/2008 02:32 PM 19,072 msfs.sys
    04/13/2008 02:32 PM 30,848 npfs.sys
    04/13/2008 02:32 PM 180,608 mrxdav.sys
    04/13/2008 02:32 PM 196,224 rdpdr.sys
    04/13/2008 02:32 PM 129,792 fltmgr.sys
    04/13/2008 02:33 PM 44,544 fips.sys
    04/13/2008 02:36 PM 5,888 smbali.sys
    04/13/2008 02:36 PM 187,776 acpi.sys
    04/13/2008 02:36 PM 42,752 alim1541.sys
    04/13/2008 02:36 PM 42,368 agp440.sys
    04/13/2008 02:36 PM 43,008 amdagp.sys
    04/13/2008 02:36 PM 40,960 sisagp.sys
    04/13/2008 02:36 PM 44,928 agpcpq.sys
    04/13/2008 02:36 PM 46,464 gagp30kx.sys
    04/13/2008 02:36 PM 42,240 viaagp.sys
    04/13/2008 02:36 PM 44,672 uagp35.sys
    04/13/2008 02:36 PM 37,248 isapnp.sys
    04/13/2008 02:36 PM 63,744 mf.sys
    04/13/2008 02:36 PM 120,192 pcmcia.sys
    04/13/2008 02:36 PM 68,224 pci.sys
    04/13/2008 02:36 PM 79,232 sdbus.sys
    04/13/2008 02:36 PM 15,488 mssmbios.sys
    04/13/2008 02:36 PM 73,472 sr.sys
    04/13/2008 02:38 PM 71,168 dxg.sys
    04/13/2008 02:39 PM 42,368 mountmgr.sys
    04/13/2008 02:39 PM 384,768 update.sys
    04/13/2008 02:39 PM 23,040 mouclass.sys
    04/13/2008 02:39 PM 24,576 kbdclass.sys
    04/13/2008 02:39 PM 14,592 kbdhid.sys
    04/13/2008 02:39 PM 5,376 mspclock.sys
    04/13/2008 02:39 PM 4,992 mspqm.sys
    04/13/2008 02:39 PM 7,552 mskssrv.sys
    04/13/2008 02:39 PM 4,352 swenum.sys
    04/13/2008 02:40 PM 80,128 parport.sys
    04/13/2008 02:40 PM 15,744 serenum.sys
    04/13/2008 02:40 PM 27,392 fdc.sys
    04/13/2008 02:40 PM 20,480 flpydisk.sys
    04/13/2008 02:40 PM 57,600 redbook.sys
    04/13/2008 02:40 PM 5,504 intelide.sys
    04/13/2008 02:40 PM 24,960 pciidex.sys
    04/13/2008 02:40 PM 96,512 atapi.sys
    04/13/2008 02:40 PM 96,384 scsiport.sys
    04/13/2008 02:40 PM 14,208 diskdump.sys
    04/13/2008 02:40 PM 62,976 cdrom.sys
    04/13/2008 02:40 PM 11,008 sffp_sd.sys
    04/13/2008 02:40 PM 11,904 sffdisk.sys
    04/13/2008 02:40 PM 36,352 disk.sys
    04/13/2008 02:40 PM 10,240 sffp_mmc.sys
    04/13/2008 02:40 PM 11,392 sfloppy.sys
    04/13/2008 02:40 PM 19,712 partmgr.sys
    04/13/2008 02:40 PM 14,976 tape.sys
    04/13/2008 02:40 PM 42,112 imapi.sys
    04/13/2008 02:41 PM 52,352 volsnap.sys
    04/13/2008 02:43 PM 14,208 wacompen.sys
    04/13/2008 02:43 PM 12,672 mutohpen.sys
    04/13/2008 02:44 PM 81,664 videoprt.sys
    04/13/2008 02:44 PM 20,992 vga.sys
    04/13/2008 02:44 PM 153,344 dmio.sys
    04/13/2008 02:44 PM 799,744 dmboot.sys
    04/13/2008 02:45 PM 52,864 dmusic.sys
    04/13/2008 02:45 PM 6,272 splitter.sys
    04/13/2008 02:45 PM 56,576 swmidi.sys
    04/13/2008 02:45 PM 172,416 kmixer.sys
    04/13/2008 02:45 PM 2,944 drmkaud.sys
    04/13/2008 02:45 PM 60,160 drmk.sys
    04/13/2008 02:45 PM 49,408 stream.sys
    04/13/2008 02:45 PM 24,960 hidparse.sys
    04/13/2008 02:45 PM 36,864 hidclass.sys
    04/13/2008 02:45 PM 19,200 hidir.sys
    04/13/2008 02:45 PM 10,368 hidusb.sys
    04/13/2008 02:45 PM 30,208 usbehci.sys
    04/13/2008 02:45 PM 20,608 usbuhci.sys
    04/13/2008 02:45 PM 143,872 usbport.sys
    04/13/2008 02:45 PM 59,520 usbhub.sys
    04/13/2008 02:45 PM 32,128 usbccgp.sys
    04/13/2008 02:45 PM 25,600 usbcamd.sys
    04/13/2008 02:45 PM 25,728 usbcamd2.sys
    04/13/2008 02:45 PM 15,872 usbintel.sys
    04/13/2008 02:46 PM 25,344 sonydcam.sys
    04/13/2008 02:46 PM 121,984 usbvideo.sys
    04/13/2008 02:46 PM 18,944 bthusb.sys
    04/13/2008 02:46 PM 25,600 hidbth.sys
    04/13/2008 02:46 PM 36,480 bthprint.sys
    04/13/2008 02:46 PM 59,136 rfcomm.sys
    04/13/2008 02:46 PM 37,888 bthmodem.sys
    04/13/2008 02:46 PM 17,024 bthenum.sys
    04/13/2008 02:47 PM 25,856 usbprint.sys
    04/13/2008 02:51 PM 59,904 atmarpc.sys
    04/13/2008 02:51 PM 60,800 arp1394.sys
    04/13/2008 02:51 PM 61,824 nic1394.sys
    04/13/2008 02:51 PM 55,808 atmlane.sys
    04/13/2008 02:51 PM 101,120 bthpan.sys
    04/13/2008 02:53 PM 40,320 nmnt.sys
    04/13/2008 02:53 PM 71,552 bridge.sys
    04/13/2008 02:53 PM 36,608 ip6fw.sys
    04/13/2008 02:54 PM 11,264 irenum.sys
    04/13/2008 02:55 PM 14,592 ndisuio.sys
    04/13/2008 02:56 PM 12,288 tunmp.sys
    04/13/2008 02:56 PM 34,688 netbios.sys
    04/13/2008 02:56 PM 88,320 nwlnkipx.sys
    04/13/2008 02:56 PM 35,072 msgpc.sys
    04/13/2008 02:56 PM 69,120 psched.sys
    04/13/2008 02:56 PM 30,592 rndismpx.sys
    04/13/2008 02:56 PM 30,592 rndismp.sys
    04/13/2008 02:56 PM 12,800 usb8023x.sys
    04/13/2008 02:56 PM 12,800 usb8023.sys
    04/13/2008 02:57 PM 20,864 ipinip.sys
    04/13/2008 02:57 PM 152,832 ipnat.sys
    04/13/2008 02:57 PM 34,560 wanarp.sys
    04/13/2008 02:57 PM 14,336 asyncmac.sys
    04/13/2008 02:57 PM 41,472 raspppoe.sys
    04/13/2008 03:00 PM 19,072 tdi.sys
    04/13/2008 03:00 PM 30,080 modem.sys
    04/13/2008 03:14 PM 63,744 cdfs.sys
    04/13/2008 03:14 PM 143,744 fastfat.sys
    04/13/2008 03:15 PM 64,512 serial.sys
    04/13/2008 03:15 PM 574,976 ntfs.sys
    04/13/2008 03:15 PM 60,800 sysaudio.sys
    04/13/2008 03:16 PM 49,536 classpnp.sys
    04/13/2008 03:16 PM 141,056 ks.sys
    04/13/2008 03:17 PM 83,072 wdmaud.sys
    04/13/2008 03:18 PM 52,480 i8042prt.sys
    04/13/2008 03:19 PM 146,048 portcls.sys
    04/13/2008 03:19 PM 75,264 ipsec.sys
    04/13/2008 03:19 PM 51,328 rasl2tp.sys
    04/13/2008 03:19 PM 48,384 raspptp.sys
    04/13/2008 03:20 PM 182,656 ndis.sys
    04/13/2008 03:20 PM 91,520 ndiswan.sys
    04/13/2008 03:21 PM 162,816 netbt.sys
    04/13/2008 03:28 PM 175,744 rdbss.sys
    04/13/2008 08:11 PM 3,775 adv11nt5.dll
    04/13/2008 08:11 PM 3,967 adv02nt5.dll
    04/13/2008 08:11 PM 4,255 adv01nt5.dll
    04/13/2008 08:11 PM 3,135 adv08nt5.dll
    04/13/2008 08:11 PM 3,647 adv07nt5.dll
    04/13/2008 08:11 PM 3,615 adv05nt5.dll
    04/13/2008 08:11 PM 3,711 adv09nt5.dll
    04/13/2008 08:11 PM 25,471 atv04nt5.dll
    04/13/2008 08:11 PM 17,279 atv10nt5.dll
    04/13/2008 08:11 PM 15,423 ch7xxnt5.dll
    04/13/2008 08:11 PM 21,183 atv01nt5.dll
    04/13/2008 08:11 PM 11,359 atv02nt5.dll
    04/13/2008 08:11 PM 14,143 atv06nt5.dll
    04/13/2008 08:12 PM 3,901 siint5.dll
    04/13/2008 08:12 PM 11,325 vchnt5.dll
    04/13/2008 08:13 PM 40,840 termdd.sys
    04/13/2008 08:13 PM 12,040 tdpipe.sys
    04/13/2008 08:13 PM 21,896 tdtcp.sys
    05/08/2008 10:02 AM 203,136 rmcast.sys
    06/13/2008 07:05 AM 272,128 bthport.sys
    06/20/2008 07:51 AM 361,600 tcpip.sys
    01/30/2009 05:20 PM 38,528 wpdusb.sys
    05/18/2009 01:17 PM 26,600 GEARAspiWDM.sys
    06/24/2009 07:18 AM 92,928 ksecdd.sys
    07/14/2009 11:35 AM 444,136 wdf01000.sys
    07/14/2009 11:35 AM 37,608 wdfldr.sys
    10/20/2009 12:20 PM 265,728 http.sys
    01/30/2010 05:59 PM <DIR> disdn
    01/31/2010 03:06 AM 368,480 tdrpman.sys
    01/31/2010 03:06 AM 132,480 snapman.sys
    01/31/2010 03:06 AM 441,760 timntr.sys
    01/31/2010 03:06 AM 44,384 tifsfilt.sys
    02/11/2010 08:02 AM 226,880 tcpip6.sys
    04/03/2010 11:02 AM 240,608 RsFx0150.sys
    08/19/2010 08:24 PM 61,984 xusb21.sys
    11/02/2010 11:17 AM 40,960 ndproxy.sys
    02/17/2011 09:18 AM 357,888 srv.sys
    04/21/2011 09:37 AM 105,472 mup.sys
    04/25/2011 06:25 PM 218,688 dtsoftbus01.sys
    05/24/2011 10:38 PM <DIR> UMDF
    07/08/2011 10:02 AM 10,496 ndistapi.sys
    07/15/2011 09:29 AM 456,320 mrxsmb.sys
    08/10/2011 02:42 AM 23,456 DrvAgent32.sys
    08/17/2011 09:49 AM 138,496 afd.sys
    11/10/2011 07:32 PM 95,304 MijXfilt.sys
    11/11/2011 10:24 AM 25,088 teamviewervpn.sys
    11/23/2011 04:45 PM 32,768 taphss.sys
    02/10/2012 12:10 AM 13,415,040 nv4_mini.sys
    02/15/2012 11:01 AM 43,520 usbaapl.sys
    04/04/2012 03:56 PM 22,344 mbam.sys
    05/02/2012 09:46 AM 139,656 rdpwd.sys
    06/28/2012 08:52 AM 25,256 aavmker4.sys
    06/28/2012 08:52 AM 21,256 aswFsBlk.sys
    06/28/2012 08:52 AM 89,624 aswmon.sys
    06/28/2012 08:52 AM 721,000 aswSnx.sys
    06/28/2012 08:52 AM 35,928 aswRdr.sys
    06/28/2012 08:52 AM 97,352 aswmon2.sys
    06/28/2012 08:52 AM 54,232 aswTdi.sys
    06/28/2012 08:52 AM 353,688 aswSP.sys
    07/07/2012 03:20 PM <DIR> etc
    07/07/2012 04:39 PM <DIR> .
    07/07/2012 04:39 PM <DIR> ..
    300 File(s) 43,641,650 bytes
    5 Dir(s) 8,240,992,256 bytes free


    Stealth malware?


    Internet Explorer


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
    Default_Page_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
    Search Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
    Enable_Disk_Cache REG_SZ yes
    Cache_Percent_of_Disk REG_BINARY 0A000000
    Delete_Temp_Files_On_Exit REG_SZ yes
    Local Page REG_SZ C:\WINDOWS\system32\blank.htm
    Anchor_Visitation_Horizon REG_BINARY 01000000
    Use_Async_DNS REG_SZ yes
    Placeholder_Width REG_BINARY 1A000000
    Placeholder_Height REG_BINARY 1A000000
    Start Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157
    CompanyName REG_SZ Microsoft Corporation
    Custom_Key REG_SZ MICROSO
    Wizard_Version REG_SZ 6.0.2600.0000
    FullScreen REG_SZ no
    Default_Secondary_Page_URL REG_MULTI_SZ \0
    Extensions Off Page REG_SZ about:NoAdd-ons
    Security Risk Page REG_SZ about:SecurityRisk
    Check_Associations REG_SZ yes
    StatusBarWeb REG_DWORD 0x1
    SearchControlWidth REG_DWORD 0x12c
    ForceGDIPlus REG_DWORD 0x0
    DEPOff REG_DWORD 0x0
    MaxRenderLine REG_DWORD 0xfa0
    UseClearType REG_SZ yes
    Page_Transitions REG_DWORD 0x1
    Use_DlgBox_Colors REG_SZ yes
    Anchor Underline REG_SZ yes
    Display Inline Images REG_SZ yes
    Display Inline Videos REG_DWORD 0x1
    Play_Background_Sounds REG_SZ yes
    Play_Animations REG_SZ yes
    Print_Background REG_SZ no
    SmoothScroll REG_DWORD 0x1
    XMLHTTP REG_DWORD 0x1
    Show image placeholders REG_DWORD 0x0
    Disable Script Debugger REG_SZ yes
    Enable AutoImageResize REG_SZ yes
    XDomainRequest REG_DWORD 0x1
    DOMStorage REG_DWORD 0x1
    IE8RunOnceLastShown REG_DWORD 0x0
    IE8RunOncePerInstallCompleted REG_DWORD 0x0
    IE8TourNoShow REG_DWORD 0x0
    IE8TourShown REG_DWORD 0x0
    FrameTabWindow REG_DWORD 0x1
    AdminTabProcs REG_DWORD 0x1
    SessionMerging REG_DWORD 0x1
    FrameMerging REG_DWORD 0x1
    HangResistantFrame REG_DWORD 0x0
    TabShutdownDelay REG_DWORD 0xea60
    FrameShutdownDelay REG_DWORD 0x0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\ErrorThresholds

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\UrlTemplate

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    User Agent REG_SZ Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    IE5_UA_Backup_Flag REG_SZ 5.0
    NoNetAutodial REG_DWORD 0x0
    MigrateProxy REG_DWORD 0x1
    EmailName REG_SZ IEUser@
    AutoConfigProxy REG_SZ wininet.dll
    MimeExclusionListForCache REG_SZ multipart/mixed multipart/x-mixed-replace multipart/x-byteranges
    WarnOnPost REG_BINARY 01000000
    UseSchannelDirectly REG_BINARY 01000000
    EnableHttp1_1 REG_DWORD 0x1
    PrivacyAdvanced REG_DWORD 0x0
    EnableNegotiate REG_DWORD 0x1
    ProxyEnable REG_DWORD 0x0
    PrivDiscUiShown REG_DWORD 0x1
    WarnOnZoneCrossing REG_DWORD 0x0
    UrlEncoding REG_DWORD 0x0
    SecureProtocols REG_DWORD 0xa0
    ZonesSecurityUpgrade REG_BINARY 14B5EA7A30A2CA01
    DisableCachingOfSSLPages REG_DWORD 0x0
    ProxyHttp1.1 REG_DWORD 0x1
    GlobalUserOffline REG_DWORD 0x0
    SyncMode5 REG_DWORD 0x3
    ProxyOverride REG_SZ *.local
    EnableAutodial REG_DWORD 0x0
    EnablePunycode REG_DWORD 0x1
    ShowPunycode REG_DWORD 0x0
    CreateUriCacheSize REG_DWORD 0x50
    CoInternetCombineIUriCacheSize REG_DWORD 0x50
    SecurityIdIUriCacheSize REG_DWORD 0x1e
    SpecialFoldersCacheSize REG_DWORD 0x8
    WarnOnIntranet REG_DWORD 0x1
    DisableIDNPrompt REG_DWORD 0x0
    CertificateRevocation REG_DWORD 0x0
    WarnonBadCertRecving REG_DWORD 0x1
    WarnOnPostRedirect REG_DWORD 0x0
    WarnOnHTTPSToHTTPRedirect REG_DWORD 0x1

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Passport

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Protocols

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Url History

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
    NoUpdateCheck REG_DWORD 0x1
    Disable Script Debugger REG_SZ yes
    Anchor Underline REG_SZ yes
    Cache_Update_Frequency REG_SZ Once_Per_Session
    Display Inline Images REG_SZ yes
    Do404Search REG_BINARY 01000000
    Local Page REG_SZ C:\WINDOWS\system32\blank.htm
    Save_Session_History_On_Exit REG_SZ no
    Show_FullURL REG_SZ no
    Show_StatusBar REG_SZ yes
    Show_ToolBar REG_SZ yes
    Show_URLinStatusBar REG_SZ yes
    Show_URLToolBar REG_SZ yes
    Use_DlgBox_Colors REG_SZ yes
    Search Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    XMLHTTP REG_DWORD 0x1
    UseClearType REG_SZ yes
    Enable Browser Extensions REG_SZ yes
    Play_Background_Sounds REG_SZ yes
    Play_Animations REG_SZ yes
    IE8RunOnceLastShown REG_DWORD 0x1
    IE8TourShown REG_DWORD 0x1
    IE8TourShownTime REG_BINARY 40122F1C5BD9CC01
    IE8RunOncePerInstallCompleted REG_DWORD 0x1
    IE8RunOnceCompletionTime REG_BINARY 7E26231C5BD9CC01
    StatusBarWeb REG_DWORD 0x1
    SearchControlWidth REG_DWORD 0x12c
    ForceGDIPlus REG_DWORD 0x0
    SuppressScriptDebuggerDialog REG_DWORD 0x0
    Page_Transitions REG_DWORD 0x1
    CSS_Compat REG_SZ doctype
    Expand Alt Text REG_SZ no
    Display Inline Videos REG_DWORD 0x1
    Print_Background REG_SZ no
    Use Stylesheets REG_DWORD 0x1
    SmoothScroll REG_DWORD 0x1
    Show image placeholders REG_DWORD 0x0
    DisableScriptDebuggerIE REG_SZ yes
    Move System Caret REG_SZ no
    Force Offscreen Composition REG_DWORD 0x0
    Enable AutoImageResize REG_SZ yes
    UseThemes REG_DWORD 0x1
    UseHR REG_DWORD 0x0
    Q300829 REG_DWORD 0x0
    Cleanup HTCs REG_DWORD 0x0
    XDomainRequest REG_DWORD 0x1
    DOMStorage REG_DWORD 0x1
    IE8TourNoShow REG_DWORD 0x0
    FrameTabWindow REG_DWORD 0x1
    AdminTabProcs REG_DWORD 0x1
    SessionMerging REG_DWORD 0x1
    FrameMerging REG_DWORD 0x1
    HangResistantFrame REG_DWORD 0x0
    TabShutdownDelay REG_DWORD 0xea60
    FrameShutdownDelay REG_DWORD 0x0
    NscSingleExpand REG_DWORD 0x0
    Error Dlg Displayed On Every Error REG_SZ no
    EnableSearchPane REG_DWORD 0x0
    NotifyDownloadComplete REG_SZ no
    AllowWindowReuse REG_DWORD 0x1
    Friendly http errors REG_SZ yes
    AutoSearch REG_DWORD 0x4
    FullScreen REG_SZ no
    Window_Placement REG_BINARY 2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2000000F2000000760400004A030000
    CompatibilityFlags REG_DWORD 0x0
    IE8RunOnceLastShown_TIMESTAMP REG_BINARY 36F7C6EA5AD9CC01
    Check_Associations REG_SZ no
    RunOnceHasShown REG_DWORD 0x1
    RunOnceComplete REG_DWORD 0x1
    Start Page Redirect Cache_TIMESTAMP REG_BINARY A06E229E785CCD01
    Start Page Redirect Cache AcceptLangs REG_SZ en-us
    Start Page Redirect Cache REG_SZ http://ca.msn.com/?rd=1&ucc=CA&dcc=CA&opt=0&ocid=iehp&tc=1

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default Feeds

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Touch

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search
    SearchAssistant REG_SZ http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    CustomizeSearch REG_SZ http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
    {CFBFAE00-17A6-11D0-99CB-00C04FD64497} REG_SZ

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
    {724d43a0-0d85-11d4-9908-00400523e39a} REG_BINARY 00
    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} REG_BINARY

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\QuickComplete

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Customize Menu

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Fill Forms

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Save Forms

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Show RoboForm Toolbar


    Security Center


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
    FirstRunDisabled REG_DWORD 0x1
    UpdatesDisableNotify REG_DWORD 0x0
    AntiVirusDisableNotify REG_DWORD 0x0
    FirewallDisableNotify REG_DWORD 0x0
    AntiVirusOverride REG_DWORD 0x0
    FirewallOverride REG_DWORD 0x0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
    EnableFirewall REG_DWORD 0x1
    DoNotAllowExceptions REG_DWORD 0x0
    DisableNotifications REG_DWORD 0x0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
    %windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
    %windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
    E:\Program Files\Mozilla Firefox\plugin-container.exe REG_SZ E:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:plugin Container for Firefox
    E:\Program Files\Paltalk Messenger\paltalk.exe REG_SZ E:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:paltalk Messenger
    E:\Program Files\Mozilla Firefox\firefox.exe REG_SZ E:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox
    E:\Program Files\IBP 9\IBP.exe REG_SZ E:\Program Files\IBP 9\IBP.exe:*:Enabled:Internet Business Promoter (IBP)
    E:\Program Files\SopCast\SopCast.exe REG_SZ E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application
    E:\Program Files\SopCast\adv\SopAdver.exe REG_SZ E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver
    E:\Program Files\ICQ7.6\ICQ.exe REG_SZ E:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6
    C:\Program Files\Bonjour\mDNSResponder.exe REG_SZ C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service
    E:\Program Files\Opera\opera.exe REG_SZ E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
    D:\Program Files\Steam\Steam.exe REG_SZ D:\Program Files\Steam\Steam.exe:*:Enabled:Steam
    C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.515\Agent.exe REG_SZ C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.515\Agent.exe:*:Enabled:Blizzard Agent
    C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.516\Agent.exe REG_SZ C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.516\Agent.exe:*:Enabled:Blizzard Agent
    E:\Program Files\uTorrent\uTorrent.exe REG_SZ E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
    C:\Program Files\Microsoft Office\Office12\GROOVE.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove
    C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote
    D:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe REG_SZ D:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe:*:Enabled:MP3 Skype Recorder
    D:\Program Files\CounterPath\eyeBeam 1.5\eyeBeam.exe REG_SZ D:\Program Files\CounterPath\eyeBeam 1.5\eyeBeam.exe:*:Enabled:eyeBeam
    C:\Documents and Settings\Main\Local Settings\Application Data\vghd\bin\Virtuagirl_Downloader.exe REG_SZ C:\Documents and Settings\Main\Local Settings\Application Data\vghd\bin\Virtuagirl_Downloader.exe:*:Enabled:DLManager
    C:\Program Files\Skype\Phone\Skype.exe REG_SZ C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
    E:\Program Files\AirVideoServer\AirVideoServer.exe REG_SZ E:\Program Files\AirVideoServer\AirVideoServer.exe:*:Enabled:Air Video Server
    C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe REG_SZ C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit
    D:\Program Files\iTunes\iTunes.exe REG_SZ D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes


    Uninstall List


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AI RoboForm

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Air Video Server

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Applian FLV and Media Player

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASUS Probe V2.23.01

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Audacity_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\avast

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Branding

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CASHFLOW® 202 THE E-GAME

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CASHFLOW® THE E-GAME

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Cisco Connect

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DictionaryDotComCleverKeys_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectAnimation

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverAgent.exe

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ENTERPRISE

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ESET Online Scanner

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eyeBeam 1.5_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fast Blog Finder 3_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FastImageResizer

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileHippo.com

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IBP9_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICW

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IDNMitigationAPIs

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie7

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2079403

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2115168

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2121546

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2229593

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2296011

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2345886

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2347290

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2360937

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2378111_WM9

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2387149

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2393802

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2412687

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2419632

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2423089

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2440591

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2443105

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2443685

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2476490

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2476687

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2478960

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2478971

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2479943

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2481109

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2483185

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2485663

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2497640-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2503658

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2503665

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2506212

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2506223

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2507618

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2507938

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2508272

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2508429

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2509553

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2510531-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2511455

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2524375

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2530548-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2535512

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2536276

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2536276-v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2541763

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2544521-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2544893

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2544893-v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2555917

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2559049-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2562937

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2564958
  13. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2566454

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2567053

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2567680

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2570222

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2570791

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2570947

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2584146

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2585542

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2586448-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2592799

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2598479

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2603381

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2607712

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2616676

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2618444-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2618451

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2619339

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2620712

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2621440

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2624667

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2631813

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2633171

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2633952

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2639417

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2641653

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2641690

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2646524

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2647516-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2647518

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2653956

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2659262

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2660465

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2661637

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2675157-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2676562

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2685939

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2686509

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2695962

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2699988-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2707511

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2709162

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2718704

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB835221WXP

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB884016

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB884267

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB885353

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB886612

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB887078

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB887626

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB888656

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB889858

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB891122

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB892130

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB892313

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893240

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893241

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893803

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893803v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB895181

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB895316

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB895572

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB897586

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB898549

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB900399

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB902344

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB907658

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB911565

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB911854

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB923561

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB929399

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB931906

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB935695_Beta

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB939683

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB941569

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB942288-v3

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB946648

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950762

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950974

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951066

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951376-v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951748

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951978

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952004

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952069_WM9

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952287

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952954

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954154_WM11

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954155_WM9

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954550-v5

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955069

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955759

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956572

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956744

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956802

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956803

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956844

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB957097

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958644

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958687

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958869

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB959426

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960225

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960803

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960859

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961118

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961501

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961503

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB967715

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968389

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968816_WM9

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969059

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969947

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970238

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970430

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971029

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971486

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971557

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971633

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971657

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971737

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB972270

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973354

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973507

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973525

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973540_WM9

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973540_WM9L

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973687

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973815

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973869

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973904

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974112

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974318

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974392

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974571

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975025

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975467

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975558_WM8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975560

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975562

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975713

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976098-v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976325-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977816

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977914

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978207

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978207-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978338

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978506-IE8

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978542

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978601

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978695_WM9

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978706

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979309

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979482

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979687

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB980436

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981322

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981997

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB982132

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB982665

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 3.5 SP1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Extended

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft SQL Server 10

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft SQL Server 2008 R2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 13.0.1 (x86 en-US)

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Thunderbird 13.0.1 (x86 en-US)

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSCompPackV1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-KB884016

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30a-KB884016

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-Beta

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-RC1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NLSDownlevelMapping

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Display Control Panel

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA nView Desktop Manager

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Opera 11.52.1100

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OutlookExpress

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PalTalk8.2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCHealth

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Quick Screenshot Maker 2.1_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RBTray

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Replay Media Catcher 4

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sandboxie

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seopowersuite

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SopCast

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spybot - Search & Destroy_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Traffic Travis_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TVUPlayer

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Veetle TV

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Visual Studio Tools for the Office system 3.0 Runtime

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wdf01000

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wdf01001

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wdf01005

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wdf01007

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wdf01009

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WGA

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinGimp-2.0_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite_Wave3

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WMCSetup

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WMFDist11

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wmp11

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wudf01000

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Xenu's Link Sleuth

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHCIELangPack

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{048298C9-A4D3-490B-9FF9-AB023A9238F3}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2162169

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2478063

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2487367

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2544514

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2572063

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2599651

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600211

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2604121

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2639327

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2656351

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1111706F-666A-4037-7777-211328764D10}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{122ADF8C-DDA1-480C-9936-C88F2825B265}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{178832DE-9DE0-4C87-9F82-9315A9B03985}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{205C6BDD-7B73-42DE-8505-9A093F35A238}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216026FB}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216027FB}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216029FB}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216031FF}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217005FF}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2160841

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2162169

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478063

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2514805

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2544514

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572063

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2599651

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600211

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2633870

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2639327

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656405

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2686827

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3E171899-0175-47CC-84C4-562ACDD4C021}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{41A01180-D9FD-3428-9FD6-749F4C637CBF}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{45338B07-A236-4270-9A77-EBB4115517B5}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4AB6A079-178B-4144-B21F-4D1AE71666A2}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{65EF063E-C7C9-433F-88AF-843FF9A3E9D9}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7644E42D-B096-457F-8B5B-901238FC81AE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{79155F2B-9895-49D7-8612-D92580E0DE5B}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BE15435-2D3E-4B58-867F-9C75BED0208C}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FB53850-246A-3507-8ADE-0060093FFEA6}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0010-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0015-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0016-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0018-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0019-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001A-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001B-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001F-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001F-040C-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001F-0C0A-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0020-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-002C-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{075C2272-0881-46D3-B3A5-1D83D6940270}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{293FB6BE-D3EB-4162-B522-F9108040B9FE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2B3C041A-A7F2-4A24-968D-4BEB6A123D15}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3069CE04-082C-4669-9BA1-E6AA66330C1F}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{31C0F635-15AD-4AA3-A3C6-B542B403D0EE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AEA16A27-0B97-4670-818F-A98D06EC0A6F}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B4C12F08-B0EF-4CC4-AD5F-381DD62BF640}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B5B7C5DB-74C3-43E0-8413-0C6C1CA4DED0}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E34960DB-2A93-45DB-A208-02650F7AB09C}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0044-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-006E-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00A1-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00BA-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0114-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0115-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0117-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90140000-1146-0000-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90140000-2005-0000-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{93998800-1608-403F-9A51-420A77D23C25}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{95120000-00B9-0409-0000-0000000FF1CE}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB2604110

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB2656407

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB300003

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB960043

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB975195

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976570

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976769

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976769v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB977354

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB977354v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AA1000000001}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B510A987-487E-4C66-9F4F-D386AC275715}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B83FC356-B7C0-441F-8A4D-D71E088E7974}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BF9BF038-FE03-429D-9B26-2FA0FD756052}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB200003

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2418241

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2446704

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2446704v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2478658

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2518864

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2539631

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2572058

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2572073

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2604092

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2616155

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2633880

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2639328

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2656352

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2656369

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2656369v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2686828

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB960043

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB971111

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB974417

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976569

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976576

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976765v2

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB979909

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB980773

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB983583

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C950420B-4182-49EA-850A-A6A2ABF06C6B}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2604111

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2657424

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D1999042-FC82-4098-96B8-510A857C8EA8}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E6158D07-2637-4ECF-B576-37C489669174}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F7E1CA14-B39D-452A-960B-39423DDDD933}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\A6BBC93F6AE67419334EE101D41F9F87B26DF317

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirtuaGirl_is1


    Adobe Products


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX
    DisplayName REG_SZ Adobe Flash Player 11 ActiveX
    Publisher REG_SZ Adobe Systems Incorporated
    DisplayVersion REG_SZ 11.2.202.235
    HelpLink REG_SZ http://www.adobe.com/go/flashplayer_support/
    NoModify REG_DWORD 0x1
    NoRepair REG_DWORD 0x1
    RequiresIESysFile REG_SZ 4.70.0.1155
    URLInfoAbout REG_SZ http://www.adobe.com
    URLUpdateInfo REG_SZ http://www.adobe.com/go/getflashplayer/
    VersionMajor REG_DWORD 0xb
    VersionMinor REG_DWORD 0x2
    UninstallString REG_SZ C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe -maintain activex
    DisplayIcon REG_SZ C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
    EstimatedSize REG_DWORD 0x1800

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin
    DisplayName REG_SZ Adobe Flash Player 11 Plugin
    Publisher REG_SZ Adobe Systems Incorporated
    DisplayVersion REG_SZ 11.3.300.262
    HelpLink REG_SZ http://www.adobe.com/go/flashplayer_support/
    NoModify REG_DWORD 0x1
    NoRepair REG_DWORD 0x1
    RequiresIESysFile REG_SZ 4.70.0.1155
    URLInfoAbout REG_SZ http://www.adobe.com
    URLUpdateInfo REG_SZ http://www.adobe.com/go/getflashplayer/
    VersionMajor REG_DWORD 0xb
    VersionMinor REG_DWORD 0x3
    UninstallString REG_SZ C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe -maintain plugin
    DisplayIcon REG_SZ C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe
    EstimatedSize REG_DWORD 0x1800


    Autorun
  14. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    GoodSync REG_SZ "C:\Program Files\Siber Systems\GoodSync\GoodSync.exe" /min
    RoboForm REG_SZ "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    High Definition Audio Property Page Shortcut REG_SZ HDAudPropShortcut.exe
    SoundMan REG_SZ SOUNDMAN.EXE
    AlcWzrd REG_SZ ALCWZRD.EXE
    Adobe ARM REG_SZ "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    avast REG_SZ "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    Malwarebytes' Anti-Malware REG_SZ "E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    APSDaemon REG_SZ "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    NvMediaCenter REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    nwiz REG_SZ C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
    GrooveMonitor REG_SZ "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    QuickTime Task REG_SZ "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    iTunesHelper REG_SZ "D:\Program Files\iTunes\iTunesHelper.exe"
    SunJavaUpdateSched REG_SZ "C:\Program Files\Common Files\Java\Java Update\jusched.exe"


    Restrictions - Internet Explorer


    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel


    Restrictions - REGEDIT


    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System


    Restrictions - Explorer


    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
    NoDriveTypeAutoRun REG_DWORD 0x143
    NoDriveAutoRun REG_DWORD 0x3ffffff
    NoDrives REG_DWORD 0x0

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run


    DNS Settings


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{14D0D488-2578-4B4E-878E-945FA0E940C3}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{26AD3498-974E-4C4C-818A-A7CDFDFE2BF2}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6505454F-C66B-4A02-B502-6C287C261505}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AB1E8D68-CDA5-4E9F-AAB1-87F92CA37C3F}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B54C9E49-EEC5-4B36-B4D4-CECA7BDF324B}


    Windows IP Configuration



    Host Name . . . . . . . . . . . . : home

    Primary Dns Suffix . . . . . . . :

    Node Type . . . . . . . . . . . . : Broadcast

    IP Routing Enabled. . . . . . . . : No

    WINS Proxy Enabled. . . . . . . . : No



    Ethernet adapter Local Area Connection:



    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller

    Physical Address. . . . . . . . . : 00-11-2F-37-E4-9D

    Dhcp Enabled. . . . . . . . . . . : Yes

    Autoconfiguration Enabled . . . . : Yes

    IP Address. . . . . . . . . . . . : 192.168.0.137

    Subnet Mask . . . . . . . . . . . : 255.255.255.0

    Default Gateway . . . . . . . . . : 192.168.0.1

    DHCP Server . . . . . . . . . . . : 192.168.0.1

    DNS Servers . . . . . . . . . . . : 8.8.8.8

    8.8.4.4

    Lease Obtained. . . . . . . . . . : Sunday, July 08, 2012 10:32:52 AM

    Lease Expires . . . . . . . . . . : Monday, July 09, 2012 10:32:52 AM



    AppInit DLLs


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows



    Shell Service Object Delay Load


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    PostBootReminder REG_SZ {7849596a-48ea-486e-8937-a2a3009f31a9}
    CDBurn REG_SZ {fbeb8a05-beee-4442-804e-409d6c4515e9}
    WebCheck REG_SZ {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
    SysTray REG_SZ {35CEC8A3-2BE6-11D2-8773-92E220524153}
    WPDShServiceObj REG_SZ {AAA288BA-9A4C-45B0-95D7-94D524869DB5}



    Shell Execute Hooks


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
    {AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
    {B5A7F190-DDA6-4420-B3BA-52453494E6CD} REG_SZ Groove GFS Stub Execution Hook


    Image File Execution Options


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apitrap.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ASSTE.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVSTE.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Cleanup.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cqw32.exe

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divxdec.ax

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DJSMAR00.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRMINST.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\enc98.EXE

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EncodeDivXExt.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EncryptPatchVer.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\front.exe

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fullsoft.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GBROWSER.DLL

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htmlmarq.ocx

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htmlmm.ocx

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ishscan.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ISSTE.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javai.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm_g.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\main123w.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mngreg32.exe

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msci_uno.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscoree.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorsvr.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorwks.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msjava.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mso.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVOPTRF.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NeVideoFX.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPMLIC.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NSWSTE.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photohse.EXE

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PMSTE.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppw32hlp.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\printhse.EXE

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prwin8.EXE

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ps80.EXE

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psdmt.exe

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qfinder.EXE

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qpw.EXE

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\salwrap.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup32.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sevinst.exe

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcnet.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tcore_ebook.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TFDTCTT8.DLL

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ua80.EXE

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\udtapi.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ums.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vb40032.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbe6.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wpwin8.EXE

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xlmlEN.dll

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xwsetup.EXE

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_INSTPGM.EXE


    Security Providers



    Local Security Authority


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Bounds REG_BINARY 0030000000200000
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    ImpersonatePrivilegeUpgradeToolHasRun REG_DWORD 0x1
    LsaPid REG_DWORD 0x30c
    SecureBoot REG_DWORD 0x1
    auditbaseobjects REG_DWORD 0x0
    crashonauditfail REG_DWORD 0x0
    disabledomaincreds REG_DWORD 0x0
    everyoneincludesanonymous REG_DWORD 0x0
    fipsalgorithmpolicy REG_DWORD 0x0
    forceguest REG_DWORD 0x1
    fullprivilegeauditing REG_BINARY 00
    limitblankpassworduse REG_DWORD 0x1
    lmcompatibilitylevel REG_DWORD 0x0
    nodefaultadminowner REG_DWORD 0x1
    nolmhash REG_DWORD 0x0
    restrictanonymous REG_DWORD 0x0
    restrictanonymoussam REG_DWORD 0x1
    Notification Packages REG_MULTI_SZ scecli\0\0
    enabledcom REG_SZ y

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Data

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\GBG

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\JD

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\msv1_0

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Skew1

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache


    AppCert DLLs



    App Paths


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\AcroRd32.exe
    <NO NAME> REG_SZ E:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
    Path REG_SZ E:\Program Files\Adobe\Reader 10.0\Reader\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\AirVideoServer.exe
    <NO NAME> REG_SZ E:\Program Files\AirVideoServer\AirVideoServer.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\AvastUI.exe
    Path REG_SZ C:\Program Files\Alwil Software\Avast5
    <NO NAME> REG_SZ C:\Program Files\Alwil Software\Avast5\AvastUI.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\bckgzm.exe
    <NO NAME> REG_SZ C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ccleaner.exe
    <NO NAME> REG_SZ C:\Program Files\CCleaner\CCleaner.exe
    Path REG_SZ C:\Program Files\CCleaner

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\chkrzm.exe
    <NO NAME> REG_SZ C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\chrome.exe
    Path REG_SZ C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application
    <NO NAME> REG_SZ C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\combofix.exe
    <NO NAME> REG_SZ D:\1. Downloads\ComboFix.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\CONF.EXE
    <NO NAME> REG_SZ C:\Program Files\NetMeeting\conf.exe
    Path REG_SZ C:\Program Files\NetMeeting;

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\dexplore.exe
    <NO NAME> REG_SZ "C:\Program Files\Common Files\Microsoft Shared\Help 8\dexplore.exe"

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\dialer.exe
    <NO NAME> REG_SZ C:\Program Files\Windows NT\dialer.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\excel.exe
    <NO NAME> REG_SZ C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE
    Path REG_SZ C:\Program Files\Microsoft Office\Office12\
    SaveURL REG_SZ 1
    useURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\firefox.exe
    <NO NAME> REG_SZ E:\Program Files\Mozilla Firefox\firefox.exe
    Path REG_SZ E:\Program Files\Mozilla Firefox

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\gimp-2.6.exe
    <NO NAME> REG_SZ E:\Program Files\GIMP-2.0\bin\gimp-2.6.exe
    Path REG_SZ E:\Program Files\GIMP-2.0\bin

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\GROOVE.EXE
    <NO NAME> REG_SZ C:\PROGRA~1\MICROS~3\Office12\GROOVE.EXE
    Path REG_SZ C:\Program Files\Microsoft Office\Office12\
    useURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\HELPCTR.EXE
    <NO NAME> REG_EXPAND_SZ %Systemroot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\hrtzzm.exe
    <NO NAME> REG_SZ C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\hypertrm.exe
    <NO NAME> REG_SZ "C:\Program Files\Windows NT\hypertrm.exe"

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ICQ.exe
    <NO NAME> REG_SZ E:\Program Files\ICQ7.6\ICQ.exe
    Path REG_SZ E:\Program Files\ICQ7.6

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ICWCONN1.EXE
    <NO NAME> REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN1.EXE"
    Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ICWCONN2.EXE
    <NO NAME> REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN2.EXE"
    Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\IEXPLORE.EXE
    <NO NAME> REG_SZ C:\Program Files\Internet Explorer\IEXPLORE.EXE
    Path REG_SZ C:\Program Files\Internet Explorer;

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\INETWIZ.EXE
    <NO NAME> REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\INETWIZ.EXE"
    Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\infopath.exe
    <NO NAME> REG_SZ C:\PROGRA~1\MICROS~3\Office12\INFOPATH.EXE
    Path REG_SZ C:\Program Files\Microsoft Office\Office12\
    useURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\install.exe
    RunAsOnNonAdminInstall REG_DWORD 0x1
    BlockOnTSNonInstallMode REG_DWORD 0x1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ISIGNUP.EXE
    <NO NAME> REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ISIGNUP.EXE"
    Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\iTunes.exe
    <NO NAME> REG_SZ D:\Program Files\iTunes\iTunes.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\javaws.exe
    <NO NAME> REG_SZ C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\javaws.exe
    Path REG_SZ C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mbam.exe
    <NO NAME> REG_SZ E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    Path REG_SZ E:\Program Files\Malwarebytes' Anti-Malware

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\migwiz.exe
    <NO NAME> REG_EXPAND_SZ %SystemRoot%\system32\usmt\migwiz.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\moviemk.exe
    <NO NAME> REG_SZ C:\Program Files\Movie Maker\moviemk.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mplayer2.exe
    <NO NAME> REG_SZ "C:\Program Files\Windows Media Player\mplayer2.exe"
    Path REG_SZ "C:\Program Files\Windows Media Player"

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSACCESS.EXE
    <NO NAME> REG_SZ C:\PROGRA~1\MICROS~3\Office12\MSACCESS.EXE
    Path REG_SZ C:\Program Files\Microsoft Office\Office12\
    useURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSCONFIG.EXE
    <NO NAME> REG_EXPAND_SZ %systemroot%\pchealth\helpctr\Binaries\MSCONFIG.EXE

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msimn.exe
    <NO NAME> REG_EXPAND_SZ %ProgramFiles%\Outlook Express\msimn.exe
    Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msinfo32.exe
    <NO NAME> REG_SZ C:\Program Files\Common Files\Microsoft Shared\MSInfo\MSInfo32.exe
    Path REG_SZ C:\Program Files\Common Files\Microsoft Shared\MSInfo

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSMSGS.EXE
    <NO NAME> REG_SZ C:\Program Files\Messenger\msmsgs.exe
    Path REG_SZ C:\Program Files\Messenger;

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSNMSGR.EXE
    <NO NAME> REG_SZ C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    Path REG_SZ C:\Program Files\Windows Live\Messenger\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MsoHtmEd.exe
    useURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msoxmled.exe
    <NO NAME> REG_SZ C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE
    useURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSPUB.EXE
    <NO NAME> REG_SZ C:\PROGRA~1\MICROS~3\Office12\MSPUB.EXE
    Path REG_SZ C:\Program Files\Microsoft Office\Office12\
    useURL REG_DWORD 0x1
    SaveURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ois.exe
    <NO NAME> REG_SZ C:\PROGRA~1\MICROS~3\Office12\OIS.EXE
    Path REG_SZ C:\Program Files\Microsoft Office\Office12\
    SaveURL REG_SZ 0
    useURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\OneNote.exe
    <NO NAME> REG_SZ C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE
    Path REG_SZ C:\Program Files\Microsoft Office\Office12\
    SaveURL REG_SZ 1
    useURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\OUTLOOK.EXE
    <NO NAME> REG_SZ C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE
    Path REG_SZ C:\Program Files\Microsoft Office\Office12\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\pbrush.exe
    <NO NAME> REG_EXPAND_SZ %SystemRoot%\system32\mspaint.exe
    Path REG_EXPAND_SZ %SystemRoot%\system32

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\PictureViewer.exe
    Path REG_SZ D:\Program Files\QuickTime\
    <NO NAME> REG_SZ D:\Program Files\QuickTime\PictureViewer.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\pinball.exe
    <NO NAME> REG_SZ C:\Program Files\Windows NT\Pinball\pinball.exe
    Path REG_SZ C:\Program Files\Windows NT\Pinball

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\powerpnt.exe
    <NO NAME> REG_SZ C:\PROGRA~1\MICROS~3\Office12\POWERPNT.EXE
    Path REG_SZ C:\Program Files\Microsoft Office\Office12\
    useURL REG_SZ 1
    SaveURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\QuickTimePlayer.exe
    <NO NAME> REG_SZ D:\Program Files\QuickTime\QuickTimePlayer.exe
    Path REG_SZ D:\Program Files\QuickTime\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\RBTray.exe
    Keyboard Indicator REG_DWORD 0x1
    <NO NAME> REG_SZ C:\Program Files\RBTray\RBTray.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\rvsezm.exe
    <NO NAME> REG_SZ C:\Program Files\MSN Gaming Zone\Windows\rvsezm.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\sbase.exe
    <NO NAME> REG_SZ D:\Program Files\OpenOffice.org 3\program\sbase.exe
    Path REG_SZ D:\Program Files\OpenOffice.org 3\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\scalc.exe
    <NO NAME> REG_SZ D:\Program Files\OpenOffice.org 3\program\scalc.exe
    Path REG_SZ D:\Program Files\OpenOffice.org 3\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\sdraw.exe
    <NO NAME> REG_SZ D:\Program Files\OpenOffice.org 3\program\sdraw.exe
    Path REG_SZ D:\Program Files\OpenOffice.org 3\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\setup.exe
    RunAsOnNonAdminInstall REG_DWORD 0x1
    BlockOnTSNonInstallMode REG_DWORD 0x1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\shvlzm.exe
    <NO NAME> REG_SZ C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\simpress.exe
    <NO NAME> REG_SZ D:\Program Files\OpenOffice.org 3\program\simpress.exe
    Path REG_SZ D:\Program Files\OpenOffice.org 3\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\smath.exe
    <NO NAME> REG_SZ D:\Program Files\OpenOffice.org 3\program\smath.exe
    Path REG_SZ D:\Program Files\OpenOffice.org 3\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\soffice.exe
    <NO NAME> REG_SZ D:\Program Files\OpenOffice.org 3\program\soffice.exe
    Path REG_SZ D:\Program Files\OpenOffice.org 3\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\SopCast.exe
    <NO NAME> REG_SZ E:\Program Files\SopCast\SopCast.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\soundman.exe
    Path REG_SZ C:\WINDOWS\
    <NO NAME> REG_SZ C:\WINDOWS\soundman.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\swriter.exe
    <NO NAME> REG_SZ D:\Program Files\OpenOffice.org 3\program\swriter.exe
    Path REG_SZ D:\Program Files\OpenOffice.org 3\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\table30.exe
    UseShortName REG_SZ

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\TextPad.exe
    <NO NAME> REG_SZ E:\Program Files\TextPad 4\TextPad.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\thunderbird.exe
    <NO NAME> REG_SZ E:\Program Files\Mozilla Thunderbird\thunderbird.exe
    Path REG_SZ E:\Program Files\Mozilla Thunderbird

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\unopkg.exe
    <NO NAME> REG_SZ D:\Program Files\OpenOffice.org 3\program\unopkg.exe
    Path REG_SZ D:\Program Files\OpenOffice.org 3\

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\vsta.exe
    <NO NAME> REG_SZ C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\vsta.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wab.exe
    <NO NAME> REG_EXPAND_SZ %ProgramFiles%\Outlook Express\wab.exe
    Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wabmig.exe
    <NO NAME> REG_EXPAND_SZ %ProgramFiles%\Outlook Express\wabmig.exe
    Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\winnt32.exe
    RunAsOnNonAdminInstall REG_DWORD 0x1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WinRAR.exe
    <NO NAME> REG_SZ E:\Program Files\WinRAR\WinRAR.exe
    Path REG_SZ E:\Program Files\WinRAR

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Winword.exe
    <NO NAME> REG_SZ C:\PROGRA~1\MICROS~3\Office12\WINWORD.EXE
    Path REG_SZ C:\Program Files\Microsoft Office\Office12\
    useURL REG_SZ 1
    SaveURL REG_SZ 1

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wmplayer.exe
    <NO NAME> REG_SZ C:\Program Files\Windows Media Player\wmplayer.exe
    Path REG_SZ C:\Program Files\Windows Media Player

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WORDPAD.EXE
    <NO NAME> REG_EXPAND_SZ "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WRITE.EXE
    <NO NAME> REG_EXPAND_SZ "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Xenu.exe
    <NO NAME> REG_SZ E:\Program Files\Xenu\Xenu.exe

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\XPSViewer.exe
    <NO NAME> REG_SZ "C:\WINDOWS\system32\XPSViewer\XPSViewer.exe"


    Mozilla


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions
    {20a82645-c095-46ed-80e3-08825760534b} REG_SZ C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    wrc@avast.com REG_SZ C:\Program Files\Alwil Software\Avast5\WebRep\FF
    {22119944-ED35-4ab1-910B-E619EA06A115} REG_SZ C:\Program Files\Siber Systems\AI RoboForm\Firefox

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MaintenanceService
    Attempted REG_DWORD 0x1
    Installed REG_DWORD 0x1

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MaintenanceService\5b5e17316ce47b18d3a6272c0712884f

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MaintenanceService\5b5e17316ce47b18d3a6272c0712884f\0
    name REG_SZ Mozilla Corporation
    issuer REG_SZ Thawte Code Signing CA - G2

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox
    <NO NAME> REG_SZ 13.0.1
    CurrentVersion REG_SZ 13.0.1 (en-US)

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\13.0.1 (en-US)
    <NO NAME> REG_SZ 13.0.1 (en-US)

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\13.0.1 (en-US)\Main
    Install Directory REG_SZ E:\Program Files\Mozilla Firefox
    PathToExe REG_SZ E:\Program Files\Mozilla Firefox\firefox.exe

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\13.0.1 (en-US)\Uninstall
    Description REG_SZ Mozilla Firefox 13.0.1 (x86 en-US)

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 13.0.1
    GeckoVer REG_SZ 13.0.1

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 13.0.1\bin
    PathToExe REG_SZ E:\Program Files\Mozilla Firefox\firefox.exe

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 13.0.1\extensions
    Components REG_SZ E:\Program Files\Mozilla Firefox\components
    Plugins REG_SZ E:\Program Files\Mozilla Firefox\plugins

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird
    <NO NAME> REG_SZ 13.0.1
    CurrentVersion REG_SZ 13.0.1 (en-US)

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird\13.0.1 (en-US)
    <NO NAME> REG_SZ 13.0.1 (en-US)

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird\13.0.1 (en-US)\Main
    Install Directory REG_SZ E:\Program Files\Mozilla Thunderbird
    PathToExe REG_SZ E:\Program Files\Mozilla Thunderbird\thunderbird.exe

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird\13.0.1 (en-US)\Uninstall
    Description REG_SZ Mozilla Thunderbird 13.0.1 (x86 en-US)

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird 13.0.1
    GeckoVer REG_SZ 13.0.1

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird 13.0.1\bin
    PathToExe REG_SZ E:\Program Files\Mozilla Thunderbird\thunderbird.exe

    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird 13.0.1\extensions
    Components REG_SZ E:\Program Files\Mozilla Thunderbird\components
    Plugins REG_SZ E:\Program Files\Mozilla Thunderbird\plugins


    Shared Task Scheduler


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
    {438755C2-A8BA-11D1-B96B-00A0C90312E1} REG_SZ Browseui preloader
    {8C7461EF-2B13-11d2-BE35-3078302C2030} REG_SZ Component Categories cache daemon


    SafeBoot



    SafeBootMinimal


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}


    SafeBootNetwork


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}


    File Rename Operations - Session


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations


    Known DLLs - Session


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls
    advapi32 REG_SZ advapi32.dll
    comdlg32 REG_SZ comdlg32.dll
    DllDirectory REG_EXPAND_SZ %SystemRoot%\system32
    gdi32 REG_SZ gdi32.dll
    imagehlp REG_SZ imagehlp.dll
    kernel32 REG_SZ kernel32.dll
    lz32 REG_SZ lz32.dll
    ole32 REG_SZ ole32.dll
    oleaut32 REG_SZ oleaut32.dll
    olecli32 REG_SZ olecli32.dll
    olecnv32 REG_SZ olecnv32.dll
    olesvr32 REG_SZ olesvr32.dll
    olethk32 REG_SZ olethk32.dll
    rpcrt4 REG_SZ rpcrt4.dll
    shell32 REG_SZ shell32.dll
    url REG_SZ url.dll
    urlmon REG_SZ urlmon.dll
    user32 REG_SZ user32.dll
    version REG_SZ version.dll
    wininet REG_SZ wininet.dll
    wldap32 REG_SZ wldap32.dll


    Downloaded program files (ActiveX)


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

    PATH: C:\windows\Downloaded Program Files



    Mountpoints


    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\A

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1530f8de-6d48-11e0-9b72-806d6172696f}

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1530f8df-6d48-11e0-9b72-00112f37e49d}

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58670cb6-0de9-11df-b847-806d6172696f}

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58670cb7-0de9-11df-b847-806d6172696f}

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58670cbc-0de9-11df-b847-806d6172696f}

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58670cbe-0de9-11df-b847-806d6172696f}

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{760414ae-6f53-11e0-9b7b-00112f37e49d}

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC


    Winlogon


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    AutoRestartShell REG_DWORD 0x1
    DefaultDomainName REG_SZ HOME
    DefaultUserName REG_SZ Main
    LegalNoticeCaption REG_SZ
    LegalNoticeText REG_SZ
    PowerdownAfterShutdown REG_SZ 0
    ReportBootOk REG_SZ 1
    Shell REG_SZ Explorer.exe
    ShutdownWithoutLogon REG_SZ 0
    System REG_SZ
    Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
    VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
    SfcQuota REG_DWORD 0xffffffff
    allocatecdroms REG_SZ 0
    allocatedasd REG_SZ 0
    allocatefloppies REG_SZ 0
    cachedlogonscount REG_SZ 10
    forceunlocklogon REG_DWORD 0x0
    passwordexpirywarning REG_DWORD 0xe
    scremoveoption REG_SZ 0
    AllowMultipleTSSessions REG_DWORD 0x1
    UIHost REG_EXPAND_SZ logonui.exe
    LogonType REG_DWORD 0x1
    Background REG_SZ 0 0 0
    DebugServerCommand REG_SZ no
    SFCDisable REG_DWORD 0x0
    WinStationsDisabled REG_SZ 0
    HibernationPreviouslyEnabled REG_DWORD 0x1
    ShowLogonOptions REG_DWORD 0x0
    AltDefaultUserName REG_SZ Main
    AltDefaultDomainName REG_SZ HOME
    ChangePasswordUseKerberos REG_DWORD 0x1
    LegalNotice Text REG_SZ

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Credentials


    Windows Update


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\windowsupdate\auto update\results\install
    LastSuccessTime REG_SZ 2012-06-14 02:18:52
    LastError REG_DWORD 0x0


    Security Software Information

    *Note*: Some security software does not store itself in the WMI.

    Antivirus: avast! Antivirus *Scanner enabled* (Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}


    {END OF FILE}
  15. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Please download the latest version of Kaspersky GetSystemInfo (GSI) from Kaspersky and save it to your Desktop.

    Note: please close all other applications running on your system.

    Double click GetSystemInfo.exe to open it. It will display an agreement. Click on I Agree to continue.

    Click the Settings button.[​IMG]

    [​IMG]

    Set the slider to Maximum.

    [​IMG]

    IMPORTANT! Then, click Customize - choose Driver / Ports tab and uncheck Scan Ports.


    [​IMG]

    On the General tab, make sure all of the boxes are checked.


    [​IMG]

    On the Misc tab, make sure all the checkboxes are checked.

    Then, click OK on the windows that you launched.


    [​IMG]
    Click Create Report to run it.

    [​IMG]
    It will begin scanning.

    It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop.

    It should automatically upload it to http://www.getsysteminfo.com. If it does not, then please submit it manually by going to the site and doing the upload process.

    It will redirect to a page, where it will provide a sharing URL for specialists. Copy and paste the url of the GSI Parser report in your next reply.
  16. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

  17. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    I don't see anymore malware.

    Any more issues?

    We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

    Many of the things to note for us would be:

    • Slow computer
    • Error messages
    • Fake antivirus alerts or the icon in the system tray
    • svchost.exe running at 100%
    • System crashes or blue screen of death
  18. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    Yes mostly text disappears or gets jumbled up, I thought it was graphics but its mostly text. When this happens I can't execute any other programs unless I close some firefox tabs or programs that use memory I guess. The message I get is: "Insufficient system resources exist to complete the requested service." and others which I will upload images of.

    Basically the same problem persists. Could it be my ram or motherboard? I did try several rams one by one and it had the same problem.

    Attached Files:

  19. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Could indeed be caused by memory issues...

    Please follow this tutorial on using MEMTEST

    Let me know how it works.
  20. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    Ok I ran memtest and did the tests 1-8 and there were no errors. What else could it be?
  21. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    DxDiag
    1. Click Start and then click Run.
    2. Type dxdiag in the Open box, and then click OK.
    3. Click Save all information, and it will collect information and it will prompt you to save the file. Save the file to the Desktop.
    4. Find DxDiag.txt on your Desktop, and post the contents of it in your next reply.
  22. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    ------------------
    System Information
    ------------------
    Time of this report: 7/12/2012, 22:08:49
    Machine name: HOME
    Operating System: Windows XP Home Edition (5.1, Build 2600) Service Pack 3 (2600.xpsp_sp3_gdr.120504-1619)
    Language: English (Regional Setting: English)
    System Manufacturer: System manufacturer
    System Model: System Product Name
    BIOS: BIOS Date: 09/16/05 11:39:35 Ver: 08.00.10
    Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz (2 CPUs)
    Memory: 2048MB RAM
    Page File: 1136MB used, 2807MB available
    Windows Dir: C:\WINDOWS
    DirectX Version: DirectX 9.0c (4.09.0000.0904)
    DX Setup Parameters: Not found
    DxDiag Version: 5.03.2600.5512 32bit Unicode

    ------------
    DxDiag Notes
    ------------
    DirectX Files Tab: No problems found.
    Display Tab 1: No problems found.
    Sound Tab 1: No problems found.
    Music Tab: No problems found.
    Input Tab: No problems found.
    Network Tab: No problems found.

    --------------------
    DirectX Debug Levels
    --------------------
    Direct3D: 0/4 (n/a)
    DirectDraw: 0/4 (retail)
    DirectInput: 0/5 (n/a)
    DirectMusic: 0/5 (n/a)
    DirectPlay: 0/9 (retail)
    DirectSound: 0/5 (retail)
    DirectShow: 0/6 (retail)

    ---------------
    Display Devices
    ---------------
    Card name: NVIDIA GeForce 7800 GT
    Manufacturer: NVIDIA
    Chip type: GeForce 7800 GT
    DAC type: Integrated RAMDAC
    Device Key: Enum\PCI\VEN_10DE&DEV_0092&SUBSYS_00000000&REV_A1
    Display Memory: 256.0 MB
    Current Mode: 1440 x 900 (32 bit) (75Hz)
    Monitor: Plug and Play Monitor
    Monitor Max Res: 1600,1200
    Driver Name: nv4_disp.dll
    Driver Version: 6.14.0012.9573 (English)
    DDI Version: 9 (or higher)
    Driver Attributes: Final Retail
    Driver Date/Size: 2/10/2012 00:10:00, 4309760 bytes
    WHQL Logo'd: Yes
    WHQL Date Stamp: n/a
    VDD: n/a
    Mini VDD: nv4_mini.sys
    Mini VDD Date: 2/10/2012 00:10:00, 13415040 bytes
    Device Identifier: {D7B71E3E-43D2-11CF-D546-0C2000C2CB35}
    Vendor ID: 0x10DE
    Device ID: 0x0092
    SubSys ID: 0x00000000
    Revision ID: 0x00A1
    Revision ID: 0x00A1
    Video Accel: ModeMPEG2_C ModeMPEG2_D ModeWMV9_B ModeWMV9_A
    Deinterlace Caps: {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
    Registry: OK
    DDraw Status: Enabled
    D3D Status: Enabled
    AGP Status: Enabled
    DDraw Test Result: Not run
    D3D7 Test Result: Not run
    D3D8 Test Result: Not run
    D3D9 Test Result: Not run

    -------------
    Sound Devices
    -------------
    Description: Realtek HD Audio rear output
    Default Sound Playback: Yes
    Default Voice Playback: Yes
    Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0880&SUBSYS_08800000&REV_0905
    Manufacturer ID: 1
    Product ID: 100
    Type: WDM
    Driver Name: RtkHDAud.sys
    Driver Version: 5.10.0000.5027 (English)
    Driver Attributes: Final Retail
    WHQL Logo'd: Yes
    Date and Size: 7/6/2004 04:59:44, 2185408 bytes
    Other Files:
    Driver Provider: Realtek Semiconductor Corp.
    HW Accel Level: Full
    Cap Flags: 0xF5F
    Min/Max Sample Rate: 100, 192000
    Static/Strm HW Mix Bufs: 33, 32
    Static/Strm HW 3D Bufs: 33, 32
    HW Memory: 0
    Voice Management: No
    EAX(tm) 2.0 Listen/Src: Yes, Yes
    I3DL2(tm) Listen/Src: Yes, Yes
    Sensaura(tm) ZoomFX(tm): No
    Registry: OK
    Sound Test Result: Not run

    ---------------------
    Sound Capture Devices
    ---------------------
    Description: Realtek HD Audio rear input
    Default Sound Capture: Yes
    Default Voice Capture: Yes
    Driver Name: RtkHDAud.sys
    Driver Version: 5.10.0000.5027 (English)
    Driver Attributes: Final Retail
    Date and Size: 7/6/2004 04:59:44, 2185408 bytes
    Cap Flags: 0x41
    Format Flags: 0xFFF

    -----------
    DirectMusic
    -----------
    DLS Path: C:\WINDOWS\SYSTEM32\drivers\GM.DLS
    DLS Version: 1.00.0016.0002
    Acceleration: n/a
    Ports: Microsoft Synthesizer, Software (Not Kernel Mode), Output, DLS, Internal, Default Port
    Microsoft MIDI Mapper [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
    Microsoft GS Wavetable SW Synth [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
    Registry: OK
    Test Result: Not run

    -------------------
    DirectInput Devices
    -------------------
    Device Name: Mouse
    Attached: 1
    Controller ID: n/a
    Vendor/Product ID: n/a
    FF Driver: n/a

    Device Name: Keyboard
    Attached: 1
    Controller ID: n/a
    Vendor/Product ID: n/a
    FF Driver: n/a

    Device Name: USB Receiver
    Attached: 1
    Controller ID: 0x0
    Vendor/Product ID: 0x046D, 0xC50B
    FF Driver: n/a

    Device Name: USB Receiver
    Attached: 1
    Controller ID: 0x0
    Vendor/Product ID: 0x046D, 0xC50B
    FF Driver: n/a

    Device Name: USB Receiver
    Attached: 1
    Controller ID: 0x0
    Vendor/Product ID: 0x046D, 0xC50B
    FF Driver: n/a

    Poll w/ Interrupt: No
    Registry: OK

    -----------
    USB Devices
    -----------
    + USB Root Hub
    | Vendor/Product ID: 0x8086, 0x2658
    | Matching Device ID: usb\root_hub
    | Service: usbhub
    | Driver: usbd.sys, 8/4/2004 08:00:00, 4736 bytes
    | Driver: usbhub.sys, 4/13/2008 14:45:37, 59520 bytes
    |
    +-+ USB Human Interface Device
    | | Vendor/Product ID: 0x1532, 0x0007
    | | Location: DeathAdder
    | | Matching Device ID: usb\class_03&subclass_01
    | | Service: HidUsb
    | | Driver: hidusb.sys, 4/13/2008 14:45:27, 10368 bytes
    | | Driver: hidclass.sys, 4/13/2008 14:45:26, 36864 bytes
    | | Driver: hidparse.sys, 4/13/2008 14:45:22, 24960 bytes
    | | Driver: hid.dll, 4/13/2008 20:11:54, 20992 bytes
    | |
    | +-+ HID-compliant mouse
    | | | Vendor/Product ID: 0x1532, 0x0007
    | | | Matching Device ID: hid_device_system_mouse
    | | | Service: mouhid
    | | | Driver: mouhid.sys, 8/4/2004 08:00:00, 12160 bytes
    | | | Driver: mouclass.sys, 4/13/2008 14:39:47, 23040 bytes

    ----------------
    Gameport Devices
    ----------------

    ------------
    PS/2 Devices
    ------------
    + HID Keyboard Device
    | Vendor/Product ID: 0x046D, 0xC50B
    | Matching Device ID: hid_device_system_keyboard
    | Service: kbdhid
    | Driver: kbdhid.sys, 4/13/2008 14:39:48, 14592 bytes
    | Driver: kbdclass.sys, 4/13/2008 14:39:47, 24576 bytes
    |
    + Terminal Server Keyboard Driver
    | Matching Device ID: root\rdp_kbd
    | Upper Filters: kbdclass
    | Service: TermDD
    | Driver: termdd.sys, 4/13/2008 20:13:20, 40840 bytes
    | Driver: kbdclass.sys, 4/13/2008 14:39:47, 24576 bytes
    |
    + HID-compliant mouse
    | Vendor/Product ID: 0x046D, 0xC50B
    | Matching Device ID: hid_device_system_mouse
    | Service: mouhid
    | Driver: mouhid.sys, 8/4/2004 08:00:00, 12160 bytes
    | Driver: mouclass.sys, 4/13/2008 14:39:47, 23040 bytes
    |
    + Terminal Server Mouse Driver
    | Matching Device ID: root\rdp_mou
    | Upper Filters: mouclass
    | Service: TermDD
    | Driver: termdd.sys, 4/13/2008 20:13:20, 40840 bytes
    | Driver: mouclass.sys, 4/13/2008 14:39:47, 23040 bytes

    ----------------------------
    DirectPlay Service Providers
    ----------------------------
    DirectPlay8 Modem Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.5512)
    DirectPlay8 Serial Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.5512)
    DirectPlay8 IPX Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.5512)
    DirectPlay8 TCP/IP Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.5512)
    Internet TCP/IP Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
    IPX Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
    Modem Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)
    Serial Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)

    DirectPlay Voice Wizard Tests: Full Duplex: Not run, Half Duplex: Not run, Mic: Not run
    DirectPlay Test Result: Not run
    Registry: OK

    -------------------
    DirectPlay Adapters
    -------------------
    DirectPlay8 Serial Service Provider: COM1
    DirectPlay8 Serial Service Provider: COM2
    DirectPlay8 TCP/IP Service Provider: Local Area Connection - IPv4 -

    -----------------------
    DirectPlay Voice Codecs
    -----------------------
    Voxware VR12 1.4kbit/s
    Voxware SC06 6.4kbit/s
    Voxware SC03 3.2kbit/s
    MS-PCM 64 kbit/s
    MS-ADPCM 32.8 kbit/s
    Microsoft GSM 6.10 13 kbit/s
    TrueSpeech(TM) 8.6 kbit/s

    -------------------------
    DirectPlay Lobbyable Apps
    -------------------------

    --------------
    System Devices
    --------------
    Name: Intel(R) 82801FB/FBM Ultra ATA Storage Controllers - 266F
    Device ID: PCI\VEN_8086&DEV_266F&SUBSYS_80A61043&REV_03\3&11583659&0&F9
    Driver: C:\WINDOWS\system32\DRIVERS\intelide.sys, 5.01.2600.5512 (English), 4/13/2008 14:40:29, 5504 bytes
    Driver: C:\WINDOWS\system32\DRIVERS\pciidex.sys, 5.01.2600.5512 (English), 4/13/2008 14:40:29, 24960 bytes
    Driver: C:\WINDOWS\system32\DRIVERS\atapi.sys, 5.01.2600.5512 (English), 4/13/2008 14:40:30, 96512 bytes

    Name: Intel(R) 82801FB/FBM SMBus Controller - 266A
    Device ID: PCI\VEN_8086&DEV_266A&SUBSYS_80A61043&REV_03\3&11583659&0&FB
    Driver: n/a

    Name: Microsoft UAA Bus Driver for High Definition Audio
    Device ID: PCI\VEN_8086&DEV_2668&SUBSYS_814E1043&REV_03\3&11583659&0&D8
    Driver: C:\WINDOWS\system32\DRIVERS\hdaudbus.sys, 5.10.0001.5013 (English), 4/13/2008 12:36:05, 144384 bytes

    Name: Intel(R) 82801FB/FBM PCI Express Root Port - 2662
    Device ID: PCI\VEN_8086&DEV_2662&SUBSYS_00000000&REV_03\3&11583659&0&E1
    Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 14:36:44, 68224 bytes

    Name: Intel(R) 82801FB/FBM PCI Express Root Port - 2660
    Device ID: PCI\VEN_8086&DEV_2660&SUBSYS_00000000&REV_03\3&11583659&0&E0
    Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 14:36:44, 68224 bytes

    Name: Intel(R) 82801FB/FBM USB2 Enhanced Host Controller - 265C
    Device ID: PCI\VEN_8086&DEV_265C&SUBSYS_80A61043&REV_03\3&11583659&0&EF
    Driver: C:\WINDOWS\system32\drivers\usbehci.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:35, 30208 bytes
    Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:36, 143872 bytes
    Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 20:12:08, 74240 bytes
    Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:37, 59520 bytes
    Driver: C:\WINDOWS\system32\hccoin.dll, 5.01.2600.5512 (English), 4/13/2008 20:11:54, 7168 bytes

    Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 265B
    Device ID: PCI\VEN_8086&DEV_265B&SUBSYS_80A61043&REV_03\3&11583659&0&EB
    Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:35, 20608 bytes
    Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:36, 143872 bytes
    Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 20:12:08, 74240 bytes
    Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:37, 59520 bytes

    Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 265A
    Device ID: PCI\VEN_8086&DEV_265A&SUBSYS_80A61043&REV_03\3&11583659&0&EA
    Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:35, 20608 bytes
    Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:36, 143872 bytes
    Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 20:12:08, 74240 bytes
    Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:37, 59520 bytes

    Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 2659
    Device ID: PCI\VEN_8086&DEV_2659&SUBSYS_80A61043&REV_03\3&11583659&0&E9
    Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:35, 20608 bytes
    Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:36, 143872 bytes
    Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 20:12:08, 74240 bytes
    Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:37, 59520 bytes

    Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 2658
    Device ID: PCI\VEN_8086&DEV_2658&SUBSYS_80A61043&REV_03\3&11583659&0&E8
    Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:35, 20608 bytes
    Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:36, 143872 bytes
    Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 20:12:08, 74240 bytes
    Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:37, 59520 bytes

    Name: Intel(R) 82801FB Ultra ATA Storage Controllers - 2652
    Device ID: PCI\VEN_8086&DEV_2652&SUBSYS_26011043&REV_03\3&11583659&0&FA
    Driver: C:\WINDOWS\system32\DRIVERS\intelide.sys, 5.01.2600.5512 (English), 4/13/2008 14:40:29, 5504 bytes
    Driver: C:\WINDOWS\system32\DRIVERS\pciidex.sys, 5.01.2600.5512 (English), 4/13/2008 14:40:29, 24960 bytes
    Driver: C:\WINDOWS\system32\DRIVERS\atapi.sys, 5.01.2600.5512 (English), 4/13/2008 14:40:30, 96512 bytes

    Name: Intel(R) 82801FB LPC Interface Controller - 2640
    Device ID: PCI\VEN_8086&DEV_2640&SUBSYS_00000000&REV_03\3&11583659&0&F8
    Driver: C:\WINDOWS\system32\DRIVERS\isapnp.sys, 5.01.2600.5512 (English), 4/13/2008 14:36:41, 37248 bytes

    Name: Intel(R) 915G/P/GV PCI Express Root Port - 2581
    Device ID: PCI\VEN_8086&DEV_2581&SUBSYS_00000000&REV_04\3&11583659&0&08
    Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 14:36:44, 68224 bytes

    Name: Intel(R) 915G/P/GV Processor to I/O Controller - 2580
    Device ID: PCI\VEN_8086&DEV_2580&SUBSYS_00000000&REV_04\3&11583659&0&00
    Driver: n/a

    Name: Intel(R) 82801 PCI Bridge - 244E
    Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_00000000&REV_D3\3&11583659&0&F0
    Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 14:36:44, 68224 bytes

    Name: Mass Storage Controller
    Device ID: PCI\VEN_1283&DEV_8212&SUBSYS_813A1043&REV_13\4&23C0B1C&0&18F0
    Driver: n/a

    Name: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
    Device ID: PCI\VEN_11AB&DEV_4362&SUBSYS_81421043&REV_15\4&2065177B&0&00E1
    Driver: C:\WINDOWS\system32\DRIVERS\yk51x86.sys, 7.14.0001.0003 (English), 6/16/2004 08:14:00, 180480 bytes

    Name: NVIDIA GeForce 7800 GT
    Device ID: PCI\VEN_10DE&DEV_0092&SUBSYS_00000000&REV_A1\4&37AD8B77&0&0008
    Driver: C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe, 6.14.0012.9573 (English), 2/10/2012 00:10:00, 175104 bytes
    Driver: C:\Program Files\NVIDIA Corporation\Drs\nvdrsdb.bin, 2/10/2012 00:10:00, 292700 bytes
    Driver: C:\Program Files\NVIDIA Corporation\CPLInstallerCache\NvCplSetupEng.exe, 1.00.0001.0000 (English), 2/10/2012 00:10:00, 30796560 bytes
    Driver: C:\Program Files\NVIDIA Corporation\license.txt, 2/10/2012 00:10:00, 21887 bytes
    Driver: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys, 6.14.0012.9573 (English), 2/10/2012 00:10:00, 13415040 bytes
    Driver: C:\WINDOWS\system32\OpenCL.dll, 1.00.0000.0000 (English), 2/10/2012 00:10:00, 65536 bytes
    Driver: C:\WINDOWS\system32\nv4_disp.dll, 6.14.0012.9573 (English), 2/10/2012 00:10:00, 4309760 bytes
    Driver: C:\WINDOWS\system32\nvapi.dll, 6.14.0012.9573 (English), 2/10/2012 00:10:00, 2292224 bytes
    Driver: C:\WINDOWS\system32\nvcompiler.dll, 6.14.0012.9573 (English), 2/10/2012 00:10:00, 17534976 bytes
    Driver: C:\WINDOWS\system32\nvcuda.dll, 6.14.0012.9573 (English), 2/10/2012 00:10:00, 5918720 bytes
    Driver: C:\WINDOWS\system32\nvcuvenc.dll, 6.14.0012.9573 (English), 2/10/2012 00:10:00, 2437440 bytes
    Driver: C:\WINDOWS\system32\nvcuvid.dll, 6.14.0012.9573 (English), 2/10/2012 00:10:00, 2522944 bytes
    Driver: C:\WINDOWS\system32\nvdata.data, 2/10/2012 00:10:00, 2783770 bytes
    Driver: C:\WINDOWS\system32\nvinfo.pb, 2/10/2012 00:10:00, 7843 bytes
    Driver: C:\WINDOWS\system32\nvoglnt.dll, 6.14.0012.9573 (English), 2/10/2012 00:10:00, 18620416 bytes
    Driver: C:\WINDOWS\system32\nvdispco32.dll, 2.00.0025.0001 (English), 2/10/2012 00:10:00, 1000256 bytes
    Driver: C:\WINDOWS\system32\nvgenco32.dll, 2.00.0014.0000 (English), 2/10/2012 00:10:00, 881984 bytes

    ------------------
    DirectX Components
    ------------------
    ddraw.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:51 279552 bytes
    ddrawex.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:51 27136 bytes
    dxapi.sys: 5.01.2600.0000 English Final Retail 8/4/2004 08:00:00 10496 bytes
    d3d8.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:51 1179648 bytes
    d3d8thk.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:51 8192 bytes
    d3d9.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:51 1689088 bytes
    d3dim.dll: 5.01.2600.0000 English Final Retail 8/4/2004 08:00:00 436224 bytes
    d3dim700.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:51 824320 bytes
    d3dramp.dll: 5.01.2600.0000 English Final Retail 8/4/2004 08:00:00 590336 bytes
    d3drm.dll: 5.01.2600.0000 English Final Retail 8/4/2004 08:00:00 350208 bytes
    d3dxof.dll: 5.01.2600.0000 English Final Retail 8/4/2004 08:00:00 47616 bytes
    d3dpmesh.dll: 5.01.2600.0000 English Final Retail 8/4/2004 08:00:00 34816 bytes
    dplay.dll: 5.00.2134.0001 English Final Retail 8/4/2004 08:00:00 33040 bytes
    dplayx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 229888 bytes
    dpmodemx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 23552 bytes
    dpwsock.dll: 5.00.2134.0001 English Final Retail 8/4/2004 08:00:00 42768 bytes
    dpwsockx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 57344 bytes
    dplaysvr.exe: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:17 29696 bytes
    dpnsvr.exe: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:17 17920 bytes
    dpnet.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 375296 bytes
    dpnlobby.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:09:20 3072 bytes
    dpnaddr.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:09:19 3072 bytes
    dpvoice.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 212480 bytes
    dpvsetup.exe: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:18 83456 bytes
    dpvvox.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 116736 bytes
    dpvacm.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 21504 bytes
    dpnhpast.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 35328 bytes
    dpnhupnp.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 60928 bytes
    dpserial.dll: 5.00.2134.0001 English Final Retail 8/4/2004 08:00:00 53520 bytes
    dinput.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 158720 bytes
    dinput8.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 181760 bytes
    dimap.dll: 5.01.2600.0000 English Final Retail 8/4/2004 08:00:00 44032 bytes
    diactfrm.dll: 5.01.2600.0000 English Final Retail 8/4/2004 08:00:00 394240 bytes
    joy.cpl: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:41 68608 bytes
    gcdef.dll: 5.01.2600.0000 English Final Retail 8/4/2004 08:00:00 76800 bytes
    pid.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:02 35328 bytes
    dsound.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 367616 bytes
    dsound3d.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 1293824 bytes
    dswave.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 19456 bytes
    dsdmo.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 181248 bytes
    dsdmoprp.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 71680 bytes
    dmusic.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 104448 bytes
    dmband.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 28672 bytes
    dmcompos.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 61440 bytes
    dmime.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 181248 bytes
    dmloader.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 35840 bytes
    dmstyle.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 105984 bytes
    dmsynth.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 103424 bytes
    dmscript.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 82432 bytes
    Microsoft.DirectX.Direct3D.dll: 9.05.0132.0000 English Final Retail 11/20/2011 19:01:55 473600 bytes
    Microsoft.DirectX.Direct3DX.dll: 5.04.0000.3900 English Final Retail 11/20/2011 19:01:45 2676224 bytes
    Microsoft.DirectX.Direct3DX.dll: 9.04.0091.0000 English Final Retail 11/20/2011 19:01:47 2846720 bytes
    Microsoft.DirectX.Direct3DX.dll: 9.05.0132.0000 English Final Retail 11/20/2011 19:01:48 563712 bytes
    Microsoft.DirectX.Direct3DX.dll: 9.06.0168.0000 English Final Retail 11/20/2011 19:01:49 567296 bytes
    Microsoft.DirectX.Direct3DX.dll: 9.07.0239.0000 English Final Retail 11/20/2011 19:01:49 576000 bytes
    Microsoft.DirectX.Direct3DX.dll: 9.08.0299.0000 English Final Retail 11/20/2011 19:01:50 577024 bytes
    Microsoft.DirectX.Direct3DX.dll: 9.09.0376.0000 English Final Retail 11/20/2011 19:01:51 577536 bytes
    Microsoft.DirectX.Direct3DX.dll: 9.10.0455.0000 English Final Retail 11/20/2011 19:01:51 577536 bytes
    Microsoft.DirectX.Direct3DX.dll: 9.11.0519.0000 English Final Retail 11/20/2011 19:01:52 578560 bytes
    Microsoft.DirectX.Direct3DX.dll: 9.12.0589.0000 English Final Retail 11/20/2011 19:01:55 578560 bytes
    Microsoft.DirectX.DirectDraw.dll: 5.04.0000.2904 English Final Retail 11/20/2011 19:01:56 145920 bytes
    Microsoft.DirectX.DirectInput.dll: 5.04.0000.2904 English Final Retail 11/20/2011 19:01:56 159232 bytes
    Microsoft.DirectX.DirectPlay.dll: 5.04.0000.2904 English Final Retail 11/20/2011 19:01:57 364544 bytes
    Microsoft.DirectX.DirectSound.dll: 5.04.0000.2904 English Final Retail 11/20/2011 19:01:57 178176 bytes
    Microsoft.DirectX.AudioVideoPlayback.dll: 5.04.0000.2904 English Final Retail 11/20/2011 19:01:54 53248 bytes
    Microsoft.DirectX.Diagnostics.dll: 5.04.0000.2904 English Final Retail 11/20/2011 19:01:54 12800 bytes
    Microsoft.DirectX.dll: 5.04.0000.2904 English Final Retail 11/20/2011 19:01:53 223232 bytes
    dx7vb.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 619008 bytes
    dx8vb.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 1227264 bytes
    dxdiagn.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:52 2113536 bytes
    mfc40.dll: 4.01.0000.6151 English Beta Retail 9/18/2010 02:53:25 954368 bytes
    mfc42.dll: 6.02.8081.0000 English Final Retail 2/8/2011 09:33:55 978944 bytes
    wsock32.dll: 5.01.2600.5512 English Final Retail 4/13/2008 20:12:10 22528 bytes
    amstream.dll: 6.05.2600.5512 English Final Retail 4/13/2008 20:11:49 70656 bytes
    devenum.dll: 6.05.2600.5512 English Final Retail 4/13/2008 20:11:51 59904 bytes
    dxmasf.dll: 6.04.0009.1133 English Final Retail 4/13/2008 20:11:52 498742 bytes
    mciqtz32.dll: 6.05.2600.5512 English Final Retail 4/13/2008 20:11:56 35328 bytes
    mpg2splt.ax: 6.05.2600.5512 English Final Retail 4/13/2008 20:12:42 148992 bytes
    msdmo.dll: 6.05.2600.5512 English Final Retail 4/13/2008 20:11:59 14336 bytes
    encapi.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:53 20480 bytes
    qasf.dll: 11.00.5721.5262 English Final Retail 1/30/2009 20:34:02 211456 bytes
    qcap.dll: 6.05.2600.5512 English Final Retail 4/13/2008 20:12:03 192512 bytes
    qdv.dll: 6.05.2600.5512 English Final Retail 4/13/2008 20:12:03 279040 bytes
    qdvd.dll: 6.05.2600.6169 English Final Retail 11/3/2011 11:28:36 386048 bytes
    qedit.dll: 6.05.2600.5512 English Final Retail 4/13/2008 20:12:03 562176 bytes
    qedwipes.dll: 6.05.2600.5512 English Final Retail 4/13/2008 13:21:32 733696 bytes
    quartz.dll: 6.05.2600.6169 English Final Retail 11/3/2011 11:28:36 1292288 bytes
    strmdll.dll: 4.01.0000.3938 English Final Retail 8/26/2009 04:00:21 247326 bytes
    iac25_32.ax: 2.00.0005.0053 English Final Retail 4/13/2008 20:12:42 199680 bytes
    ir41_32.ax: 4.51.0016.0003 English Final Retail 4/13/2008 20:12:42 848384 bytes
    ir41_qc.dll: 4.30.0062.0002 English Final Retail 4/13/2008 20:11:55 120320 bytes
    ir41_qcx.dll: 4.30.0064.0001 English Final Retail 4/13/2008 20:11:55 338432 bytes
    ir50_32.dll: 5.2562.0015.0055 English Final Retail 4/13/2008 20:11:55 755200 bytes
    ir50_qc.dll: 5.00.0063.0048 English Final Retail 4/13/2008 20:11:55 200192 bytes
    ir50_qcx.dll: 5.00.0064.0048 English Final Retail 4/13/2008 20:11:55 183808 bytes
    ivfsrc.ax: 5.10.0002.0051 English Final Retail 4/13/2008 20:12:42 154624 bytes
    mswebdvd.dll: 6.05.2600.5857 English Final Retail 8/5/2009 05:01:48 204800 bytes
    ks.sys: 5.03.2600.5512 English Final Retail 4/13/2008 15:16:36 141056 bytes
    ksproxy.ax: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:42 129536 bytes
    ksuser.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:56 4096 bytes
    stream.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:45:15 49408 bytes
    mspclock.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:39:50 5376 bytes
    mspqm.sys: 5.01.2600.5512 English Final Retail 4/13/2008 14:39:51 4992 bytes
    mskssrv.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:39:52 7552 bytes
    swenum.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:39:53 4352 bytes
    mpeg2data.ax: 6.05.2600.5512 English Final Retail 4/13/2008 20:12:42 118272 bytes
    msvidctl.dll: 6.05.2600.5512 English Final Retail 4/13/2008 20:12:01 1428992 bytes
    vbisurf.ax: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:42 30208 bytes
    msyuv.dll: 5.03.2600.5908 English Final Retail 11/27/2009 13:11:44 17920 bytes
    wstdecod.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:10 50688 bytes

    ------------------
    DirectShow Filters
    ------------------

    DirectShow Filters:
    WMAudio Decoder DMO,0x00800800,1,1,,
    WMAPro over S/PDIF DMO,0x00600800,1,1,,
    WMA Voice Decoder DMO,0x00600800,1,1,,
    Mpeg4s Decoder DMO,0x00800001,1,1,,
    WMV Screen decoder DMO,0x00800001,1,1,,
    WMVideo Decoder DMO,0x00800001,1,1,,
    Mpeg43 Decoder DMO,0x00800001,1,1,,
    Mpeg4 Decoder DMO,0x00800001,1,1,,
    WMT MuxDeMux Filter,0x00200000,0,0,wmm2filt.dll,2.01.4026.0000
    Full Screen Renderer,0x00200000,1,0,quartz.dll,6.05.2600.6169
    DV Muxer,0x00400000,0,0,qdv.dll,6.05.2600.5512
    MPC - Mpeg Source (Gabest),0x00400000,0,0,MpegSplitter.ax,1.04.2499.0000
    Color Space Converter,0x00400001,1,1,quartz.dll,6.05.2600.6169
    WM ASF Reader,0x00400000,0,0,qasf.dll,11.00.5721.5262
    Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,11.00.5721.5262
    AVI Splitter,0x00600000,1,1,quartz.dll,6.05.2600.6169
    WMT AudioAnalyzer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.05.2600.6169
    Indeo® video 5.10 Compression Filter,0x00200000,1,1,ir50_32.dll,5.2562.0015.0055
    Windows Media Audio Decoder,0x00800001,1,1,msadds32.ax,8.00.0000.4487
    AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.05.2600.5512
    WMT Format Conversion,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    StreamBufferSink,0x00200000,0,0,sbe.dll,6.05.2600.6076
    WMT Black Frame Generator,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
    Indeo® video 5.10 Decompression Filter,0x00640000,1,1,ir50_32.dll,5.2562.0015.0055
    WMT Screen Capture filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
    Microsoft Screen Video Decompressor,0x00800000,1,1,msscds32.ax,8.00.0000.4487
    MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.05.2600.6169
    SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
    MPEG Layer-3 Decoder,0x00810000,1,1,l3codecx.ax,1.06.0000.0052
    MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.05.2600.5512
    ACELP.net Sipro Lab Audio Decoder,0x00800001,1,1,acelpdec.ax,1.04.0000.0000
    Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.05.2600.6169
    MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.05.2600.6169
    File Source (Netshow URL),0x00400000,0,1,wmpasf.dll,11.00.5721.5262
    WMT Import Filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
    DV Splitter,0x00600000,1,2,qdv.dll,6.05.2600.5512
    Bitmap Generate,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    Windows Media Video Decoder,0x00800000,1,1,wmvds32.ax,8.00.0000.4487
    Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,
    Windows Media Video Decoder,0x00800000,1,1,wmv8ds32.ax,8.00.0000.4000
    WMT VIH2 Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    Record Queue,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    Windows Media Multiplexer,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
    ASX file Parser,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
    ASX v.2 file Parser,0x00600000,1,0,wmpasf.dll,11.00.5721.5262
    NSC file Parser,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
    ACM Wrapper,0x00600000,1,1,quartz.dll,6.05.2600.6169
    Windows Media source filter,0x00600000,0,2,wmpasf.dll,11.00.5721.5262
    Video Renderer,0x00800001,1,0,quartz.dll,6.05.2600.6169
    Frame Eater,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.05.2600.6076
    Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.05.2600.6169
    Video Port Manager,0x00600000,2,1,quartz.dll,6.05.2600.6169
    DivX H.264 Decoder,0x00800000,1,1,h264dec.ax,9.00.0001.0021
    WST Decoder,0x00600000,1,1,wstdecod.dll,5.03.2600.5512
    Video Renderer,0x00400000,1,0,quartz.dll,6.05.2600.6169
    WM ASF Writer,0x00400000,0,0,qasf.dll,11.00.5721.5262
    WMT Sample Information Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,5.03.2600.5512
    Microsoft MPEG-4 Video Decompressor,0x00800000,1,1,mpg4ds32.ax,8.00.0000.4504
    File writer,0x00200000,1,0,qcap.dll,6.05.2600.5512
    WMT Log Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    WMT Virtual Renderer,0x00200000,1,0,wmm2filt.dll,2.01.4026.0000
    DVD Navigator,0x00200000,0,2,qdvd.dll,6.05.2600.6169
    Overlay Mixer2,0x00400000,1,1,qdvd.dll,6.05.2600.6169
    AVI Draw,0x00600064,9,1,quartz.dll,6.05.2600.6169
    .RAM file Parser,0x00600000,1,0,wmpasf.dll,11.00.5721.5262
    WMT DirectX Transform Wrapper,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    G.711 Codec,0x00200000,1,1,g711codc.ax,5.01.2600.0000
    MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.05.2600.5512
    DV Video Decoder,0x00800000,1,1,qdv.dll,6.05.2600.5512
    Indeo® audio software,0x00500000,1,1,iac25_32.ax,2.00.0005.0053
    Windows Media Update Filter,0x00400000,1,0,wmpasf.dll,11.00.5721.5262
    ASF DIB Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
    ASF ACM Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
    ASF ICM Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
    ASF URL Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
    ASF JPEG Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
    ASF DJPEG Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
    ASF embedded stuff Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
    9x8Resize,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    WIA Stream Snapshot Filter,0x00200000,1,1,wiasf.ax,1.00.0000.0000
    Allocator Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    SampleGrabber,0x00200000,1,1,qedit.dll,6.05.2600.5512
    Null Renderer,0x00200000,1,0,qedit.dll,6.05.2600.5512
    WMT Virtual Source,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
    MPEG-2 Sections and Tables,0x005fffff,1,0,mpeg2data.ax,
    WMT Interlacer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    StreamBufferSource,0x00200000,0,0,sbe.dll,6.05.2600.6076
    Smart Tee,0x00200000,1,2,qcap.dll,6.05.2600.5512
    Overlay Mixer,0x00200000,0,0,qdvd.dll,6.05.2600.6169
    AVI Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
    Uncompressed Domain Shot Detection Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.05.2600.6169
    QuickTime Movie Parser,0x00600000,1,1,quartz.dll,6.05.2600.6169
    Wave Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
    MIDI Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
    Multi-file Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
    File stream renderer,0x00400000,1,1,quartz.dll,6.05.2600.6169
    XML Playlist,0x00400000,1,0,wmpasf.dll,11.00.5721.5262
    MPC - Mpeg Splitter (Gabest),0x00600001,1,1,MpegSplitter.ax,1.04.2499.0000
    AVI Mux,0x00200000,1,0,qcap.dll,6.05.2600.5512
    Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.05.2600.6169
    File Source (Async.),0x00400000,0,1,quartz.dll,6.05.2600.6169
    File Source (URL),0x00400000,0,1,quartz.dll,6.05.2600.6169
    WMT DV Extract,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    WMT Switch Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    WMT Volume,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    Stretch Video,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
    Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.05.2600.5512
    QT Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
    MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.05.2600.6169
    Indeo® video 4.4 Decompression Filter,0x00640000,1,1,ir41_32.ax,4.51.0016.0003
    Indeo® video 4.4 Compression Filter,0x00200000,1,1,ir41_32.ax,4.51.0016.0003

    WDM Streaming Data Transforms:
    Microsoft Kernel Acoustic Echo Canceller,0x00000000,0,0,,
    Microsoft Kernel GS Wavetable Synthesizer,0x00200000,1,1,,5.03.2600.5512
    Microsoft Kernel DLS Synthesizer,0x00200000,1,1,,5.03.2600.5512
    Microsoft Kernel DRM Audio Descrambler,0x00200000,1,1,,5.03.2600.5512

    Video Compressors:
    WMVideo8 Encoder DMO,0x00600800,1,1,,
    MSScreen encoder DMO,0x00600800,1,1,,
    WMVideo9 Encoder DMO,0x00600800,1,1,,
    MSScreen 9 encoder DMO,0x00600800,1,1,,
    DV Video Encoder,0x00200000,0,0,qdv.dll,6.05.2600.5512
    Indeo® video 5.10 Compression Filter,0x00100000,1,1,ir50_32.dll,5.2562.0015.0055
    MJPEG Compressor,0x00200000,0,0,quartz.dll,6.05.2600.6169
    Cinepak Codec by Radius,0x00200000,1,1,qcap.dll,6.05.2600.5512
    Intel 4:2:0 Video V2.50,0x00200000,1,1,qcap.dll,6.05.2600.5512
    Intel Indeo(R) Video R3.2,0x00200000,1,1,qcap.dll,6.05.2600.5512
    Intel Indeo® Video 4.5,0x00200000,1,1,qcap.dll,6.05.2600.5512
    Indeo® video 5.10,0x00200000,1,1,qcap.dll,6.05.2600.5512
    Intel IYUV codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
    Microsoft H.261 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
    Microsoft H.263 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
    Microsoft RLE,0x00200000,1,1,qcap.dll,6.05.2600.5512
    Microsoft Video 1,0x00200000,1,1,qcap.dll,6.05.2600.5512

    Audio Compressors:
    WMA Voice Encoder DMO,0x00600800,1,1,,
    WM Speech Encoder DMO,0x00600800,1,1,,
    WMAudio Encoder DMO,0x00600800,1,1,,
    IAC2,0x00200000,1,1,quartz.dll,6.05.2600.6169
    IMA ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
    PCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
    Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
    ACELP.net,0x00200000,1,1,quartz.dll,6.05.2600.6169
    DSP Group TrueSpeech(TM),0x00200000,1,1,quartz.dll,6.05.2600.6169
    Windows Media Audio V1,0x00200000,1,1,quartz.dll,6.05.2600.6169
    Windows Media Audio V2,0x00200000,1,1,quartz.dll,6.05.2600.6169
    GSM 6.10,0x00200000,1,1,quartz.dll,6.05.2600.6169
    Messenger Audio Codec,0x00200000,1,1,quartz.dll,6.05.2600.6169
    Microsoft G.723.1,0x00200000,1,1,quartz.dll,6.05.2600.6169
    CCITT A-Law,0x00200000,1,1,quartz.dll,6.05.2600.6169
    CCITT u-Law,0x00200000,1,1,quartz.dll,6.05.2600.6169
    MPEG Layer-3,0x00200000,1,1,quartz.dll,6.05.2600.6169

    Audio Capture Sources:
    Realtek HD Audio rear input,0x00200000,0,0,qcap.dll,6.05.2600.5512

    Midi Renderers:
    Default MidiOut Device,0x00800000,1,0,quartz.dll,6.05.2600.6169
    Microsoft GS Wavetable SW Synth,0x00200000,1,0,quartz.dll,6.05.2600.6169

    WDM Streaming Capture Devices:
    Realtek HD Audio rear input,0x00200000,1,1,,5.03.2600.5512
    ,0x00000000,0,0,,

    WDM Streaming Rendering Devices:
    ,0x00000000,0,0,,
    Realtek HD Audio rear output,0x00200000,2,1,,5.03.2600.5512

    BDA Transport Information Renderers:
    MPEG-2 Sections and Tables,0x00600000,1,0,mpeg2data.ax,

    WDM Streaming Mixer Devices:
    Microsoft Kernel Wave Audio Mixer,0x00000000,0,0,,

    BDA CP/CA Filters:
    Decrypt/Tag,0x00600000,1,0,encdec.dll,6.05.2600.6161
    Encrypt/Tag,0x00200000,0,0,encdec.dll,6.05.2600.6161
    XDS Codec,0x00200000,0,0,encdec.dll,6.05.2600.6161

    Audio Renderers:
    Realtek HD Audio rear output,0x00200000,1,0,quartz.dll,6.05.2600.6169
    Default DirectSound Device,0x00800000,1,0,quartz.dll,6.05.2600.6169
    Default WaveOut Device,0x00200000,1,0,quartz.dll,6.05.2600.6169
    DirectSound: Realtek HD Audio rear output,0x00200000,1,0,quartz.dll,6.05.2600.6169

    WDM Streaming System Devices:
    Realtek HD Audio rear input,0x00200000,6,1,,5.03.2600.5512
    Realtek HD Audio rear output,0x00200000,14,1,,5.03.2600.5512
  23. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Closer look with Process Explorer...

    Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
    Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
    Click on View > Select Colunms.
    In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
    Go File>Save As, and save the report as Procexp.txt.
    Attach the file to your next reply.
  24. Query323

    Query323 Newcomer, in training Topic Starter Posts: 47

    Ok here it is.

    Attached Files:

  25. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    One more task...

    If you have a tower/desktop computer, open the tower and prepare to clean (as long as there isn't warranty):

    Remove all power to the computer, reseat all cards and expansions, remove and re-attach all cables and attachments, and clean the system of debris or dust.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.