Solved Google Redirect & Same IP user on network issue

Status
Not open for further replies.
O

oniya

Posts: 22   +0
Hey all,

I have some malware on my computer. I have had the issue where typing a search into firefox's google toolbar yields a page of results that all redirect the user to a different webpage.

Also today a pop up came up on my computer that said someone with the same IP address as me is also on my network. This seemed very suspicious to me.

Any help/thoughts/anyone else had these issues?
 
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Thank you Broni. I am currently following the steps and will post them as I complete them.
 
mbam log

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6565

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

5/16/2011 5:49:12 PM
mbam-log-2011-05-16 (17-49-12).txt

Scan type: Quick scan
Objects scanned: 190718
Time elapsed: 7 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
dds log

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Femi at 19:14:36.05 on Mon 05/16/2011
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3933.2206 [GMT -7:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Security 360 *Enabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}
SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe
C:\Windows\system32\lxcgcoms.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
C:\Program Files (x86)\Lexmark 2300 Series\ezprint.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Femi\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uStart Page = hxxp://www.nfl.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
uRun: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
uRun: [Google Update] "C:\Users\Femi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
mRun: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
mRun: [PCMAgent] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe"
mRun: [Camera Assistant Software] "C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe" /start
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [IObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/53.13/uploader2.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - hxxp://www.cooliris.com/shared/plinstll.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun-x64: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun-x64: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [LXCGCATS] rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXCGtime.dll,RunDLLEntry
mRun-x64: [lxcgmon.exe] "C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe"
mRun-x64: [EzPrint] "C:\Program Files (x86)\Lexmark 2300 Series\ezprint.exe"
mRun-x64: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Femi\AppData\Roaming\Mozilla\Firefox\Profiles\25u6p1tl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nfl.com/
FF - prefs.js: keyword.URL - hxxp://urlseek40.vmn.net/search.php?lg=en&type=dns&tbn=oovoo2_0dn&q=
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Femi\AppData\Local\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-7-29 52856]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\System32\drivers\tos_sps64.sys [2010-1-14 482384]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2009-7-14 42368]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 IS360service;IS360service;C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe [2010-6-28 312152]
R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-12-3 1839776]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe [2009-7-13 24652]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-5-11 136824]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-1-13 7675392]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-8-25 89600]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2008-9-1 54136]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate1ca0e6acd6067d0;Google Update Service (gupdate1ca0e6acd6067d0);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-7-26 133104]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-4-29 32768]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-1-26 1038088]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-22 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-7-26 133104]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-6-15 139616]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\System32\drivers\ManyCam_x64.sys [2008-3-13 27136]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2011-4-18 15360]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-24 1255736]
S4 KR10I64;KR10I64;C:\Windows\System32\drivers\KR10I64.sys [2008-9-1 248320]
S4 KR10N64;KR10N64;C:\Windows\System32\drivers\KR10N64.sys [2008-9-1 237568]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-05-16 22:43:50 -------- d-----w- C:\Users\Femi\AppData\Roaming\IObit
2011-05-15 09:45:53 8802128 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{ABBA7758-E8B7-4971-9BB5-BC4049E3A80A}\mpengine.dll
2011-05-13 04:17:19 -------- d-----w- C:\Users\Femi\AppData\Roaming\Malwarebytes
2011-05-13 04:17:08 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-13 04:17:07 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-05-13 04:17:04 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-05-13 04:17:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-05-12 15:26:24 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-05-12 15:24:28 0 ----a-w- C:\Users\Femi\AppData\Local\Vsilupiseriyo.bin
2011-05-12 15:24:26 -------- d-----w- C:\Users\Femi\AppData\Local\{C14F2885-1279-489D-980A-003BF91775E2}
2011-05-12 09:58:11 35100 ----a-w- C:\Users\Femi\AppData\Local\iyalabefoguf.dll
2011-05-11 18:27:14 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-11 18:26:59 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-11 18:26:53 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-11 18:25:17 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-11 18:25:11 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-11 18:24:54 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-11 18:24:27 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-11 18:24:15 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-05-11 18:24:14 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-05-11 18:24:13 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-10 23:50:38 -------- d-----w- C:\PROGRA~3\Research In Motion
2011-04-29 10:45:38 -------- d-----w- C:\Program Files\iPod
2011-04-29 10:45:34 -------- d-----w- C:\Program Files\iTunes
2011-04-29 10:45:34 -------- d-----w- C:\Program Files (x86)\iTunes
2011-04-29 10:42:06 -------- d-----w- C:\Program Files\Bonjour
2011-04-29 10:42:06 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-04-28 01:13:47 2870272 ----a-w- C:\Windows\explorer.exe
2011-04-28 01:13:45 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-04-28 01:13:44 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-04-28 01:13:43 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-04-19 02:03:08 708168 ----a-w- C:\Windows\System32\WinUSBCoInstaller.dll
2011-04-19 02:03:08 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll
2011-04-19 02:03:07 15360 ----a-w- C:\Windows\System32\drivers\pneteth.sys
2011-04-19 02:03:07 -------- d-----w- C:\Program Files (x86)\PdaNet for Android
2011-04-19 01:57:33 -------- d-----w- C:\superboot
.
==================== Find3M ====================
.
2011-04-06 23:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 23:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 23:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 23:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys
2011-02-24 06:30:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-24 05:32:52 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:36:13 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-19 00:36:58 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2011-02-19 00:36:58 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
2011-02-18 06:33:50 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-02-18 05:33:29 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-02-17 01:23:46 74240 ----a-w- C:\Windows\System32\drivers\RimUsb_AMD64.sys
.
============= FINISH: 19:15:36.14 ===============
 
attach log

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/14/2010 7:03:09 PM
System Uptime: 5/16/2011 6:41:14 PM (1 hours ago)
.
Motherboard: TOSHIBA | | KTKAA
Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz | U2E1 | 2133/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 164.885 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP179: 4/9/2011 9:57:25 PM - Scheduled Checkpoint
RP180: 4/10/2011 7:00:25 PM - Installed BlackBerry 8900.
RP181: 4/13/2011 5:28:11 AM - Windows Update
RP182: 4/18/2011 7:05:31 PM - Device Driver Package Install: Google, Inc.
RP183: 4/18/2011 7:10:31 PM - Device Driver Package Install: June Fabrics Technology Inc. Network adapters
RP184: 4/22/2011 3:00:23 AM - Windows Update
RP185: 4/26/2011 11:24:48 AM - Installed Windows Mobile Device Center
RP186: 4/28/2011 3:00:21 AM - Windows Update
RP187: 4/28/2011 12:53:42 PM - Installed BlackBerry 8520.
RP188: 5/6/2011 2:37:33 AM - Windows Update
RP189: 5/12/2011 3:00:24 AM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Acrobat 9.4.2 - CPSID_83708
Adobe AIR
Adobe Anchor Service CS4
Adobe Asset Services CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe Contribute CS4
Adobe Creative Suite 4 Web Premium
Adobe CS4 American English Speech Analysis Models
Adobe CS4 French Speech Analysis Models
Adobe CS4 German Speech Analysis Models
Adobe CS4 International English Speech Analysis Models
Adobe CS4 Italian Speech Analysis Models
Adobe CS4 Japanese Speech Analysis Models
Adobe CS4 Korean Speech Analysis Models
Adobe CS4 Spanish Speech Analysis Models
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 8.1.5
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Soundbooth CS4
Adobe Soundbooth CS4 Codecs
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe Version Cue CS4 Server
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Akamai NetSession Interface
Amazon Links
Any Video Converter 2.7.9
Apple Application Support
Apple Software Update
BlackBerry Desktop Software 6.0.2
BlackBerry Device Software Updater
BlackBerry Device Software v4.6.1 for the BlackBerry 8520 smartphone
BlackBerry Device Software v5.0.0 for the BlackBerry 8900 smartphone
Camera Assistant Software for Toshiba
CD/DVD Drive Acoustic Silencer
Compatibility Pack for the 2007 Office system
Connect
CyberLink PowerCinema for TOSHIBA
D3DX10
DivX Web Player
DVD MovieFactory for TOSHIBA
FileZilla 3.1.2
Google Chrome
Google Update Helper
HijackThis 2.0.2
IObit Security 360
Java Auto Updater
Java(TM) 6 Update 23
Java(TM) 6 Update 6
Java(TM) SE Development Kit 6 Update 14
Java(TM) SE Development Kit 6 Update 23
JMicron JMB38X Flash Media Controller
Junk Mail filter update
KB408682
kuler
LiveUpdate 3.3 (Symantec Corporation)
Malwarebytes' Anti-Malware
Mesh Runtime
Messenger Companion
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Microsoft XML Parser
Mozilla Firefox 4.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Notepad++
PDF Settings CS4
Photoshop Camera Raw
Pixel Bender Toolkit
PL-2303 Vista Driver Installer
QuickBooks Financial Center
QuickTime
Realtek High Definition Audio Driver
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 4.2
SmartSound Quicktracks for Premiere Elements
Suite Shared Configuration CS4
Text-To-Speech-Runtime
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Desktop Links
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
Toshiba Registration
TOSHIBA Service Station
TOSHIBA Upgrade Assistant
TOSHIBA Value Added Package
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver
Utility support driver
VC80CRTRedist - 8.0.50727.762
Viewpoint Media Player
WampServer 2.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
.
==== Event Viewer Messages From Past Week ========
.
5/9/2011 9:13:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RapiMgr service.
5/9/2011 1:46:34 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
5/16/2011 6:13:07 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
5/16/2011 3:43:39 PM, Error: Service Control Manager [7034] - The IS360service service terminated unexpectedly. It has done this 1 time(s).
5/16/2011 2:42:42 PM, Error: Service Control Manager [7034] - The lxcg_device service terminated unexpectedly. It has done this 1 time(s).
5/16/2011 12:36:39 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address 00-00-00-00-00-00. Network operations on this system may be disrupted as a result.
5/14/2011 3:11:59 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
5/13/2011 5:30:18 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ConfigFree Gadget Service service to connect.
5/13/2011 5:30:18 AM, Error: Service Control Manager [7000] - The ConfigFree Gadget Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/12/2011 3:16:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Symantec AntiVirus service.
5/12/2011 12:18:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
5/12/2011 12:18:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the fdPHost service.
5/10/2011 6:27:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
.
==== End Of File ===========================
 
Download Bootkit Remover to your Desktop.

  • You then need to extract the remover.exe file from the RAR using a program capable of extracing RAR compressed files. If you don't have an extraction program, you can use 7-Zip: http://www.7-zip.org/
  • After extracing remover.exe to your Desktop, double-click on remover.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

=================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
bootkit remover

Bootkit remover said the following. Is this normal?


Bootkit Remover
(c) 2009 eSage Lab
www.esagelab.com

Program version: 1.2.0.0
OS Version: Microsoft Windows 7 Home Premium Edition (build 7600), 64-bit

System volume is \\.\C:
main(): CreateFile() ERROR 5
ERROR: Can't open volume device \\.\C:

Done;
Press any key to quit...
 
We'll double check the above result with some other tool.

For now, go ahead with Combofix.
 
combofix log

ComboFix 11-05-16.02 - Femi 05/16/2011 19:56:26.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3933.2336 [GMT -7:00]
Running from: c:\users\Femi\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: IObit Security 360 *Disabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}
SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\Femi\AppData\Local\{C14F2885-1279-489D-980A-003BF91775E2}
c:\users\Femi\AppData\Local\{C14F2885-1279-489D-980A-003BF91775E2}\chrome.manifest
c:\users\Femi\AppData\Local\{C14F2885-1279-489D-980A-003BF91775E2}\chrome\content\_cfg.js
c:\users\Femi\AppData\Local\{C14F2885-1279-489D-980A-003BF91775E2}\chrome\content\overlay.xul
c:\users\Femi\AppData\Local\{C14F2885-1279-489D-980A-003BF91775E2}\install.rdf
c:\users\Femi\AppData\Roaming\Adobe\plugs
c:\users\Femi\AppData\Roaming\Adobe\plugs\mmc252085354.txt
c:\users\Femi\AppData\Roaming\Adobe\shed
c:\users\Femi\AppData\Roaming\Adobe\shed\thr1.chm
.
.
((((((((((((((((((((((((( Files Created from 2011-04-17 to 2011-05-17 )))))))))))))))))))))))))))))))
.
.
2011-05-17 02:50 . 2011-05-17 02:54 -------- d-----w- C:\32788R22FWJFW
2011-05-17 02:27 . 2011-05-17 02:27 -------- d-----w- c:\program files (x86)\7-Zip
2011-05-16 22:43 . 2011-05-16 22:43 -------- d-----w- c:\users\Femi\AppData\Roaming\IObit
2011-05-15 09:45 . 2011-04-18 16:15 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABBA7758-E8B7-4971-9BB5-BC4049E3A80A}\mpengine.dll
2011-05-13 04:17 . 2011-05-13 04:17 -------- d-----w- c:\users\Femi\AppData\Roaming\Malwarebytes
2011-05-13 04:17 . 2010-12-21 01:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-13 04:17 . 2011-05-13 04:17 -------- d-----w- c:\programdata\Malwarebytes
2011-05-13 04:17 . 2010-12-21 01:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-13 04:17 . 2011-05-13 04:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-12 15:26 . 2011-04-14 16:26 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-05-12 15:24 . 2011-05-13 10:11 0 ----a-w- c:\users\Femi\AppData\Local\Vsilupiseriyo.bin
2011-05-12 09:58 . 2011-05-12 09:58 35100 ----a-w- c:\users\Femi\AppData\Local\iyalabefoguf.dll
2011-05-11 18:27 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 18:26 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 18:26 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 18:25 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 18:25 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 18:24 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 18:24 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 18:24 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 18:24 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 18:24 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-10 23:50 . 2011-05-10 23:50 -------- d-----w- c:\programdata\Research In Motion
2011-04-29 10:45 . 2011-04-29 10:45 -------- d-----w- c:\program files\iPod
2011-04-29 10:45 . 2011-04-29 10:46 -------- d-----w- c:\program files\iTunes
2011-04-29 10:45 . 2011-04-29 10:46 -------- d-----w- c:\program files (x86)\iTunes
2011-04-29 10:42 . 2011-04-29 10:42 -------- d-----w- c:\program files\Bonjour
2011-04-29 10:42 . 2011-04-29 10:42 -------- d-----w- c:\program files (x86)\Bonjour
2011-04-28 01:13 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer.exe
2011-04-28 01:13 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-28 01:13 . 2011-03-12 11:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-28 01:13 . 2011-03-12 12:03 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-19 02:03 . 2009-11-08 09:41 708168 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2011-04-19 02:03 . 2009-11-08 09:41 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-04-19 02:03 . 2011-04-21 10:05 -------- d-----w- c:\program files (x86)\PdaNet for Android
2011-04-19 02:03 . 2010-09-03 00:49 15360 ----a-w- c:\windows\system32\drivers\pneteth.sys
2011-04-19 01:57 . 2011-04-19 02:39 -------- d-----w- C:\superboot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-06 23:26 . 2011-04-06 23:26 96544 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 23:26 . 2011-04-06 23:26 119584 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 23:20 . 2011-04-06 23:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-04-06 23:20 . 2011-04-06 23:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-03-11 06:19 . 2011-04-13 02:53 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:19 . 2011-04-13 02:53 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:40 . 2011-04-13 02:53 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:40 . 2011-04-13 02:53 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-09 15:47 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-08 06:14 . 2011-04-13 02:51 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:38 . 2011-04-13 02:51 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:17 . 2011-04-28 01:13 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-04-28 01:13 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17 . 2011-04-13 02:51 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:14 . 2011-04-13 02:51 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:27 . 2011-04-13 02:51 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58 . 2011-04-13 02:53 3133440 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:30 . 2011-04-13 02:53 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:32 . 2011-04-13 02:53 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-23 05:16 . 2011-04-13 02:53 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 05:16 . 2011-04-13 02:53 401920 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 05:15 . 2011-04-13 02:53 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 05:15 . 2011-04-13 02:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 05:15 . 2011-04-13 02:51 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 05:15 . 2011-04-13 02:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 05:15 . 2011-04-13 02:51 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 06:37 . 2011-03-09 10:03 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 10:03 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 10:03 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:36 . 2011-04-13 02:53 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 05:32 . 2011-03-09 10:03 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 10:03 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-19 05:32 . 2011-04-13 02:53 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-19 04:13 . 2011-04-13 02:53 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 03:37 . 2011-04-13 02:53 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-02-19 00:36 . 2011-02-19 00:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-19 00:36 . 2011-02-19 00:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-17 01:23 . 2011-02-17 01:23 74240 ----a-w- c:\windows\system32\drivers\RimUsb_AMD64.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 163328]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-05-19 432640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-12-03 115560]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-03 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2006-11-07 34352]
"PCMAgent"="c:\program files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" [2009-04-11 143360]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"CLMLServer"="c:\program files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [2009-04-11 200704]
"Camera Assistant Software"="c:\program files (x86)\Camera Assistant Software for Toshiba\traybar.exe" [2009-04-11 417792]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-01-31 38840]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-06-19 640440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"IObit Security 360"="c:\program files (x86)\IObit\IObit Security 360\IS360tray.exe" [2010-06-12 1280344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate1ca0e6acd6067d0;Google Update Service (gupdate1ca0e6acd6067d0);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-07-27 133104]
R2 IS360service;IS360service;c:\program files (x86)\IObit\IObit Security 360\IS360srv.exe [2010-06-12 312152]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-01-26 1038088]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-07-27 133104]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 KR10I64;KR10I64;c:\windows\system32\drivers\kr10i64.sys [x]
R4 KR10N64;KR10N64;c:\windows\system32\drivers\kr10n64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files (x86)\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-09 136824]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-08-25 89600]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-07-27 03:31]
.
2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-07-27 03:31]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3042896104-2401317275-119532014-1000Core.job
- c:\users\Femi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28 12:00]
.
2011-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3042896104-2401317275-119532014-1000UA.job
- c:\users\Femi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28 12:00]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-12-15 237056]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-24 8081952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592]
"LXCGCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXCGtime.dll" [2007-02-22 28672]
"lxcgmon.exe"="c:\program files (x86)\Lexmark 2300 Series\lxcgmon.exe" [2007-04-30 205744]
"EzPrint"="c:\program files (x86)\Lexmark 2300 Series\ezprint.exe" [2007-04-30 103344]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.nfl.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - hxxp://www.cooliris.com/shared/plinstll.cab
FF - ProfilePath - c:\users\Femi\AppData\Roaming\Mozilla\Firefox\Profiles\25u6p1tl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nfl.com/
FF - prefs.js: keyword.URL - hxxp://urlseek40.vmn.net/search.php?lg=en&type=dns&tbn=oovoo2_0dn&q=
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-Symantec Antvirus
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:9d,05,b9,60,1a,14,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,db,aa,61,01,6e,cf,4c,ab,81,27,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,db,aa,61,01,6e,cf,4c,ab,81,27,\
.
[HKEY_USERS\S-1-5-21-3042896104-2401317275-119532014-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3042896104-2401317275-119532014-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3042896104-2401317275-119532014-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:78,7e,bd,4b,d4,8d,2a,3b,e9,e9,44,ab,cb,8d,23,c0,6e,b3,15,35,49,fb,ac,
aa,3b,2f,7e,9b,b6,fd,b8,d5,67,9b,36,f6,8d,4e,7a,14,68,30,c8,45,89,2f,30,22,\
"??"=hex:81,07,ea,d1,9b,2d,4f,51,43,f6,f4,a7,bc,67,57,a3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
 
combofix log cont.

.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Common Client\ccService\Channels]
@Denied: (C D) (Everyone)
"{0E37BD6E-EA54-4EE8-8F5F-BCE28BF9A867}"="{005DC0D6-81B7-4D48-A6B0-0AE6456505A6}"
"{30262754-0B79-45BD-9450-ACD8513B4927}"="{005DC0D6-81B7-4D48-A6B0-0AE6456505A6}"
"{3DB93A2B-50A8-4C26-9568-7F0264901AE5}"="{005DC0D6-81B7-4D48-A6B0-0AE6456505A6}"
"{DE0AEFB9-1820-4DB1-9702-425D4BC4CF2D}"="{37C4EF1C-0B77-4641-BEA6-3FA88D87E4E3}"
"{4E8C1BCB-7AE4-4AC5-BFD5-55BD6273C45D}"="{C4692B12-B263-4CE5-899E-C40D28DD2395}"
"{54AE348C-476A-4BFB-9D8B-72F94B2C1A0F}"="{64F1CC74-90CE-42F9-9D8A-98D39640D060}"
"{61912ACB-68E3-47A2-8C75-6CBA26252738}"="{64F1CC74-90CE-42F9-9D8A-98D39640D060}"
"{DDCD2DAB-1461-4896-B73D-41D7B618C07A}"="{242869A7-9454-4C2A-AD07-2D5FBC099B5B}"
"{13A9C41A-7548-4272-804D-B06B760A2E82}"="{F4B0602D-89FC-4DC6-AFD8-18A2BC09556F}"
"{2AB9485B-718A-4C54-AB2B-E8E8A0E068A1}"="{07F6E904-20C9-4DE7-BBA6-CC27960136D2}"
"{6CF2B975-A780-4719-90E0-8901CE19F261}"="{73B82685-4BAE-4C1F-984E-C01D5BEBED8F}"
"{1FBCE52B-E9E3-4400-9096-2E93A7F1F1E0}"="{A019B004-93CD-4D0C-ABA8-CDEBA2ED7419}"
"{0EC51F64-1D8E-48ED-8B50-3ADDA0847DA5}"="{34881677-8407-4C66-A3E1-245F1DFE2A6D}"
"{0C540367-9A77-4DF8-ADE1-10DA585ADCA5}"="{7FB31398-1DA6-4926-AB59-47FCD5A3B8F0}"
"{88B3397B-6DAE-4764-B9DE-CB47F1AEA4DA}"="{5E098FE4-5384-48EF-B9F1-7EEA57B6002D}"
"{68155822-B5B5-43DE-B826-DEF15D07B3EE}"="{C0787688-D71D-4C26-8456-AD679D21E995}"
"{F169FC67-7DC0-4BF3-A3EA-3DB16D6E24E5}"="{C0787688-D71D-4C26-8456-AD679D21E995}"
"{52D02FA9-C835-414E-89D5-FF7CBFCBF643}"="{C0787688-D71D-4C26-8456-AD679D21E995}"
"{1CCE122A-AA83-4F93-8C28-820853D3D40F}"="{90DF15BC-EEA0-46CA-A334-90EACE84F35F}"
"{01517E35-45C8-4D90-B026-978F152C63E7}"="{14480E76-6AB5-4F2F-AE52-C5ED8B25B47A}"
"{A832D9AB-25C2-4C56-8ECF-FC1952092BB6}"="{CA88AE62-8A6E-4A6B-8C33-0BFFB6F3E54E}"
"{A83EBEF9-9149-4C6A-B906-9C817F4BBBC5}"="{740C0474-37D2-45A1-BB1F-1A7162DD6A6A}"
"{647A2154-1B4E-4437-88E0-8BC8486E4931}"="{950D8888-FAA2-469D-A3D8-390E46F776ED}"
"{E9F98231-08CD-400D-96B9-B7FEA66E170D}"="{47560D74-38B0-4810-8229-2F1E7F60618E}"
"{064E36D7-5B27-4630-B778-D2474FFB3E58}"="{44310B0E-CB1B-4C8F-B85C-8BEED267EF8E}"
"{7464BAEC-91CB-4EA7-8391-344455B0A832}"="{BBB096A2-F33A-4DA1-837F-3012B8918593}"
"{2FF8C4D7-7F3C-4FCE-BDB6-60117AD33806}"="{1D8E4720-C28B-4EC3-9C62-28FCF0E91C3F}"
"{8C98E782-493B-4626-9453-F3B8B8129A43}"="{154354D1-F82E-4DC8-B62F-C8A3D9CA5078}"
"{065A2508-1028-452C-AC91-BC40E7E2F7FC}"="{9EF5699B-7B28-49B9-94A3-3647626630F5}"
"{72581FB7-AE8C-4DAC-A7DD-1934951C2E31}"="{C6270277-0323-4FDE-9EC8-7F60AA91921D}"
"{F3851220-A26D-45E3-9B35-29FF0798A572}"="{343FFCCE-62BB-4991-B80C-AC14D113935E}"
"{D1BD7F4C-F057-4955-99A6-C94BB8656F48}"="{9AFBF9E6-18F8-4AC3-AE97-1624D5ACC0E4}"
"{633D6DB0-83A2-4A88-82E0-187D53D5CBF1}"="{750CA668-7330-4559-8B3F-704E5BC46C9E}"
"{23C32548-2959-41FE-8BFA-E3B91C127682}"="{717AD521-83EB-40D0-A0B3-9719E1820BCA}"
"{28CA6DAC-7E78-412C-A209-43E9DA18EAC3}"="{649C2BC6-94A6-4C4E-BC41-A80290D5FA90}"
"{B185EE29-06BC-4FBB-B9DA-1ECE135EA978}"="{6F02CE39-93AB-4AFA-AAB1-016E18E2423B}"
"{CEB6F4C9-C6E0-4D59-B02A-DC28CB6D9D8E}"="{E3DD16E8-5C91-446F-947C-388C020D4FB1}"
"{92A24F55-1A50-4AA8-836D-F25D59767D13}"="{E3DD16E8-5C91-446F-947C-388C020D4FB1}"
"{E7FF4972-0650-43B4-81BC-38D4E58E4E32}"="{E3DD16E8-5C91-446F-947C-388C020D4FB1}"
"{B1B7FB5F-A2CE-43E8-BEAF-337346BE4B3E}"="{A177A956-5C43-47DE-8169-C4806F0A7099}"
"{6E3BDD1D-4D41-4D76-83DC-EF68727556EB}"="{16A7DC81-04F4-40E6-B5C2-F271518B0D8F}"
"{39772760-67CD-43F4-AC0B-401D3D1AE6C3}"="{BE2228F0-E14E-4600-B259-C29F4D407E73}"
"{EDD45594-BDCE-4808-9AA9-E9F3414F9B64}"="{4CD8081C-FE0E-4F0D-9C3C-652558DB2B70}"
"{CB36750C-EED7-49E3-A44C-95444881629A}"="{D3CF2887-4CB1-4BE8-98B8-0E11C60D42AC}"
"{2E303CF5-64B4-4D20-8141-972672643108}"="{8A14E30E-8D95-477C-A4E7-4F8458E31973}"
"{D60984CA-FC29-47EA-8C9A-71A8B6094C86}"="{698996C8-F057-440A-945B-AE74CB6345BB}"
"{5146CBB7-0010-4C6B-9D2A-6F6DE0C86A60}"="{F429CE8D-F46B-4D0E-9728-8B1E328941C5}"
"{16790119-47B8-4D83-9D73-B05ACAB8D899}"="{EF161BC9-AB14-4945-B721-7B21C3A6ED74}"
"{8ADE2E4D-6B2B-4E4C-B8AD-068ADB48E224}"="{EF161BC9-AB14-4945-B721-7B21C3A6ED74}"
"{8859462C-2FBE-4186-BB53-F3450D3E1042}"="{EF161BC9-AB14-4945-B721-7B21C3A6ED74}"
"{5D373F65-05CE-4617-8326-E5B29E50A1D3}"="{ADA352F3-891A-429C-A1E9-6B1893A0995E}"
"{B1658452-0C20-4991-91E7-27BE068EFD7D}"="{E11EED57-20A2-4D49-9717-D10C17ED2314}"
"{1BBD1EEA-137F-4481-8D27-9CEE8EEE607B}"="{E11EED57-20A2-4D49-9717-D10C17ED2314}"
"{DD20F2ED-5BD2-4CBB-A7F7-C4D521CBDC18}"="{E11EED57-20A2-4D49-9717-D10C17ED2314}"
"{F45C8F84-AF5E-45B6-841E-902A4A364C08}"="{96809BD1-1607-4FF1-955D-673582B19BFC}"
"{912F5AA2-091B-422D-A972-F89F8B4EA6A0}"="{8189AB98-382F-4F9C-A1C4-5BC74F29E23A}"
"{9F1B9E5E-9DBF-47AE-9163-BE62400298D8}"="{F2FBF9B6-572C-4B22-9552-00FA81FF9D64}"
"{B5535647-62D9-4721-8D47-91613C1BC38B}"="{F2FBF9B6-572C-4B22-9552-00FA81FF9D64}"
"{C2929B69-274F-4E1D-A062-99E8BB056B45}"="{7871EC43-4415-435E-A75C-B22290FBD787}"
"{176F3337-C333-4611-B02E-34E591DA2209}"="{F2FBF9B6-572C-4B22-9552-00FA81FF9D64}"
"{8E883711-4557-4F59-B057-777A3E11B8C8}"="{E36A814C-E670-4B71-BEEF-70E696A1F93A}"
"{27C0BC5F-3243-4036-BE44-B8818AFB56F9}"="{C34EFF02-1CD6-41B8-82EE-D2F6C6A0A7C3}"
"{0A76E64F-EF62-403D-BFBA-29EFD00C098D}"="{98873009-6C9A-4D78-98C4-B03DF95505F8}"
"{8BE53E71-9F6A-43DA-8FDB-E6674ACF0B8C}"="{98873009-6C9A-4D78-98C4-B03DF95505F8}"
"{7D543457-4D3D-4CDC-B2F4-D874C665AF7E}"="{98873009-6C9A-4D78-98C4-B03DF95505F8}"
"{7BBF763C-2EDA-449C-8F89-5340B3E7CCC8}"="{A6C41ECB-F472-40BA-8AE7-685C87D1898E}"
"{24347213-6E6B-4EDA-9948-FF6AA737D44E}"="{CDBE6199-06AB-48C9-89BA-3D75DF83BA71}"
"{1E02BF89-91C6-40BD-8819-AB53C6FBDDEF}"="{91E8AE52-6D5B-450F-BADC-76BB9ABE2127}"
"{B2DE19B5-B722-41EF-AD80-5D78A52462C9}"="{91E8AE52-6D5B-450F-BADC-76BB9ABE2127}"
"{D4D98381-391A-4810-B2DD-048B30E582E1}"="{91E8AE52-6D5B-450F-BADC-76BB9ABE2127}"
"{564E5615-996A-47A9-A431-D7E273B35B0B}"="{B4D1F0AB-7366-4660-8A71-38F2468A9B51}"
"{3BEF3B3C-AAD9-4315-AB5D-6E5AE67D4F7C}"="{CF8F1FB1-4A5B-43C0-9DF6-DD6E381C992E}"
"{BD71B104-0ABB-4F06-8963-08208591FDD4}"="{1AB58CC6-3A7D-49D9-A072-6DA4052261DE}"
"{B5F73455-F72A-4E1A-A770-5A42DB2CBE03}"="{99EE2B92-B9E0-462F-B108-9FC922A20BF5}"
"{7E1DEBE6-386D-4E9F-BCC3-2B5058A0CEB0}"="{99EE2B92-B9E0-462F-B108-9FC922A20BF5}"
"{65161BF0-3D08-4352-ABAA-52C6D6B41FA1}"="{82723E45-7492-433D-885E-9B7EDCA24F0D}"
"{EA2D3278-B195-4336-8FA1-75E382A54C22}"="{99EE2B92-B9E0-462F-B108-9FC922A20BF5}"
"{64ECE86E-6361-4218-8860-A1CDC7B1E8A4}"="{FBB712BA-6C88-4E97-BC76-DD90326A9E41}"
"{19B2C387-511E-4FE8-8E47-FA54E16CFDAB}"="{0DE4A1DD-F398-4B7F-A7A6-EA69A7BB2B41}"
"{2CF072D1-E579-4EB7-BB1C-A78E4BE82BF6}"="{0DE4A1DD-F398-4B7F-A7A6-EA69A7BB2B41}"
"{1C64722E-4086-4220-939C-27C2DD8669C5}"="{34D5F6F7-5A44-4C96-9814-8F1582DA2B95}"
"{5A5E20A5-3531-49E7-9BC6-4826F11AF139}"="{0DE4A1DD-F398-4B7F-A7A6-EA69A7BB2B41}"
"{6252046C-ADF8-4565-9CB4-A15E7A03087B}"="{E76EE05F-9F54-405F-ABA2-DAB137496C30}"
"{CAFD779D-1124-43BA-87C2-29585C4D1AA9}"="{E76EE05F-9F54-405F-ABA2-DAB137496C30}"
"{97BD0864-11BA-40C8-80A1-CD123BD197DF}"="{00A7D917-28EB-4126-BE05-884918527A4A}"
"{65862E89-2D55-4567-8FF0-4A06F947BCCB}"="{E76EE05F-9F54-405F-ABA2-DAB137496C30}"
"{0BED1FFC-177D-4EBB-A732-E1BC9C441379}"="{17211B53-839B-41E5-BB25-230C1AD90533}"
"{2EE57D18-F837-40EE-919B-406612D34432}"="{1F602863-199F-42E4-AE19-E87CDAE67A2B}"
"{31BD2B7B-0A51-4890-825F-1F4D65D8090A}"="{2EADD2EB-91C0-4D59-BF20-A7526CD76FE8}"
"{BD55F5FF-BF86-4596-ABF4-54AB33D5BA31}"="{2EADD2EB-91C0-4D59-BF20-A7526CD76FE8}"
"{04A86643-52D9-46B1-BA4D-8FACA1BB2AF5}"="{2EADD2EB-91C0-4D59-BF20-A7526CD76FE8}"
"{4D63605C-E812-4B4A-B845-59FEC4B64B57}"="{687964F0-3EC1-4BD8-993D-A1F298ACB0A7}"
"{23A7FFBE-2AE5-49A6-9A9B-2B3D2708AC01}"="{0039359A-A713-4376-A5AD-451B90F799BC}"
"{EE67D386-F39B-4AC4-94A4-C6FECB8B09A1}"="{0039359A-A713-4376-A5AD-451B90F799BC}"
"{65C263C7-F9ED-4980-94FF-76C7301B3E95}"="{0039359A-A713-4376-A5AD-451B90F799BC}"
"{5BF53824-A032-46D8-B6F2-F64481A59415}"="{AB458B27-3831-4B8B-8244-402F63D03995}"
"{15131067-532F-4065-A9F6-67D03D0809F1}"="{147315CA-496D-4CEA-BE0D-163FB7635323}"
"{88C20679-A582-4AA5-BD95-A62161D04C95}"="{67AC7A09-C541-4BFD-A6F1-9A3AFFFDC564}"
"{5A3648C9-0BE3-4625-B4B4-83542A7B17B6}"="{67AC7A09-C541-4BFD-A6F1-9A3AFFFDC564}"
"{67CBFAE4-8316-4D31-9F87-401385250610}"="{2709C8E1-8002-4C35-B6AF-EE1C4B608BDB}"
"{91B993CF-8BE1-46EB-82A9-FB107E9CA2D9}"="{67AC7A09-C541-4BFD-A6F1-9A3AFFFDC564}"
"{CE34235E-F1FD-43D3-904B-CA3ED7ECA91E}"="{2E885055-9773-4F4C-8416-0B88F9C454E5}"
"{54B4F8D2-4D0F-459F-8F86-0941022F7060}"="{91ED3C07-8F78-4C06-BF6B-59C80D8D4831}"
"{D0959D10-F03E-4734-AD61-277C44565C6B}"="{91ED3C07-8F78-4C06-BF6B-59C80D8D4831}"
"{A7EF929B-43E9-4D63-9EEF-7720881993DC}"="{35290637-E89F-4406-A4D0-6754AD232FED}"
"{6057E5FD-D757-4B3C-982C-E51CD4DD656E}"="{91ED3C07-8F78-4C06-BF6B-59C80D8D4831}"
"{C360C6B1-46D9-491C-A2C3-A18E1A44698E}"="{83BAAE7C-03C4-4F05-A7E4-D7BA9DA38BFA}"
"{9404DFFA-0745-4BDA-8AA0-65118922FD70}"="{17D33373-3BE1-42F1-826C-31BA758F494C}"
"{AC804472-15ED-4808-998E-BAAD2327EA45}"="{17D33373-3BE1-42F1-826C-31BA758F494C}"
"{F0183F48-3D16-4A2B-82C3-74E3B2A3D2F7}"="{ED525E0A-88BB-4159-B340-5BEB582732DF}"
"{96EC65D6-D0FF-4DB2-A7CC-1BF3F3A8EDC2}"="{17D33373-3BE1-42F1-826C-31BA758F494C}"
"{07895220-E3E5-40CF-A41A-47333B867A9F}"="{20641B40-1F04-4B43-8C8F-9A1A5FF41481}"
"{77C9E9A8-6483-405D-9BB9-574D46709AC3}"="{6F992272-6825-4F5B-AB8D-844086BE341E}"
"{D4707617-CC1B-4DFE-972E-E430D638B256}"="{EFE9882D-F1C3-419D-8471-60840A57FDF7}"
"{B8E7E447-1B08-437B-81DE-A691AB009369}"="{EFE9882D-F1C3-419D-8471-60840A57FDF7}"
"{219CAE48-1171-4DB8-BC23-E10BA779D523}"="{EFE9882D-F1C3-419D-8471-60840A57FDF7}"
"{0A302F41-D208-4184-9855-BFC825C19CC6}"="{5092CE48-6950-406D-8E9C-06066119E22E}"
"{438C2BD9-CE95-4920-863E-1AA30C98DDF4}"="{150F1784-0EBC-4568-B755-D92098B5177D}"
"{C91D3CD4-3170-42E5-952D-1A1E918E4A0F}"="{8C4FAC60-EC9B-464A-8E9B-EC591277EC44}"
"{32E4370D-1AE4-412C-AB68-AF71DC19270F}"="{A592B956-B1AD-4BCC-B896-8C427F27767A}"
"{04EB1D93-A13E-4AD2-AA0D-B323C09EA4D4}"="{A592B956-B1AD-4BCC-B896-8C427F27767A}"
"{CB9D704E-407F-4738-800D-FB3FA358AB74}"="{A592B956-B1AD-4BCC-B896-8C427F27767A}"
"{9288890D-64B3-4A23-9CC4-9F7B1A4D633C}"="{577526F1-CA91-4BB8-95FC-652846E0B7DA}"
"{FC09DD44-50BA-42FD-BE71-6682F0139E05}"="{93F2B5C5-EB8D-491D-90BE-7CA999698216}"
"{8F887EFA-2BBA-4054-8FCE-FE8455BB642A}"="{9B43C7D0-B82D-4ED6-8E78-0ACA042D3328}"
"{42DF8D75-8B66-4AD7-8C60-F0ACB1E8008D}"="{CE44A9BD-CD22-4772-BC94-8A624DE12D1A}"
"{52DB5C8D-B62A-4FF2-88EB-9129F92A9EF2}"="{CE44A9BD-CD22-4772-BC94-8A624DE12D1A}"
"{CD31EB2D-01F1-4ACC-BD8A-AF7751060BD7}"="{CE44A9BD-CD22-4772-BC94-8A624DE12D1A}"
"{B1802C90-5793-4ECB-ADDE-3A9D679F7F2F}"="{235DC956-32BC-4F1D-A060-6590F8FBD253}"
"{0EDE518F-7FCA-4DD8-B6D9-0B9C671E7E01}"="{02AEC1EF-B66A-418E-A95B-22FF01B123B0}"
"{2B9446EF-CE4F-4166-9DCD-C02AA38F7406}"="{02AEC1EF-B66A-418E-A95B-22FF01B123B0}"
"{783FFF1E-3A20-41D3-B50D-8573D2CF6CA4}"="{B7290867-2CEC-444C-B96A-0594E111FC4A}"
"{0E116D5D-B557-4977-A66A-0646563D67FA}"="{02AEC1EF-B66A-418E-A95B-22FF01B123B0}"
"{36050894-3A55-45BC-AD24-3F3717560BCC}"="{0CD85666-91AC-408B-8685-8A2F40D0BF65}"
"{636E660E-324D-4E8C-B4F0-1C35615592B8}"="{9C33C82B-54B3-4EAB-A088-E4490C4BCE50}"
"{9970EF82-020F-4973-8CE2-BB6FA7BB67D7}"="{9C33C82B-54B3-4EAB-A088-E4490C4BCE50}"
"{C8BEEE37-70C2-425C-AD6F-87B65ED3F76A}"="{0224FBB0-E768-4B66-9705-D70980BAA53A}"
"{71DF9D4F-07D1-4BF6-95C3-738978E2D49F}"="{9C33C82B-54B3-4EAB-A088-E4490C4BCE50}"
"{4918FCE2-1B81-4EF7-A241-D638A65EFC19}"="{6996B5BB-D014-4940-AD49-E1299920342A}"
"{543F533D-C82B-4696-A14F-15A326F4426D}"="{7BC5E0BB-2E7D-4520-8318-A9B590947AE8}"
"{67252FB3-6B15-4FA2-8CDB-99FBC25FCDB8}"="{7BC5E0BB-2E7D-4520-8318-A9B590947AE8}"
"{2B3BED59-8BE4-46FA-8D97-98953DBF37E8}"="{7BC5E0BB-2E7D-4520-8318-A9B590947AE8}"
"{E6D558D9-9A25-4332-9C40-4E784634DC05}"="{D3BDD2B3-3B6D-4CD0-99D0-BD51CFED8451}"
"{1C12BA96-1596-4284-8D9A-1E010C6025E8}"="{12705F8C-324F-4EEC-B40F-A642E6FE5AF6}"
"{5FD9691F-6426-4382-B2CD-29D74D0F482C}"="{8545912D-7279-4B36-88E2-3F0A7A6C0450}"
"{4494C3F5-83CB-413C-87CB-CD5E65B3B55A}"="{8545912D-7279-4B36-88E2-3F0A7A6C0450}"
"{5EEA225A-E48F-4562-8F2B-88802358F8FE}"="{8545912D-7279-4B36-88E2-3F0A7A6C0450}"
"{705B91EF-FEA0-43CE-8DD6-E2C45ED2267E}"="{FD021C1F-E236-4053-A07C-1128CCE17B0D}"
"{7A24075E-9BE5-424E-8D0B-A39119698E32}"="{7ECE0AC8-96D4-4521-803E-3BF36698C452}"
"{36819C92-2151-47C6-9A22-2A9D11F32CBC}"="{7ECE0AC8-96D4-4521-803E-3BF36698C452}"
"{BAF29A60-36E0-4A21-A490-0A7DDB9A03A6}"="{681AC54C-ABE1-4530-94FC-F15D30B52F82}"
"{BAEE8C81-3A92-4178-9860-9298F2C8207F}"="{7ECE0AC8-96D4-4521-803E-3BF36698C452}"
"{7B164DD9-45FB-43B2-A026-D2741C4C3B2E}"="{45F64063-9738-4A05-8B5F-29D9B09B27F2}"
"{3F13C268-AC66-474C-A87F-CD50E2B6BF54}"="{45F64063-9738-4A05-8B5F-29D9B09B27F2}"
"{F386AAA7-4DD1-4104-AC3F-B5357243A19E}"="{B6D3B0F5-6EED-4DB2-92B3-01E751D70811}"
"{955EEB17-35E7-4C14-8286-D79ED36E9CCC}"="{45F64063-9738-4A05-8B5F-29D9B09B27F2}"
"{5BD2D5D7-0033-4BE6-A4FC-3A64A8E2A8D7}"="{4F424FDC-9AFB-475E-9E2E-7213D96DC7C1}"
"{DB9F6F98-14A8-465E-A224-8163449E271C}"="{4F424FDC-9AFB-475E-9E2E-7213D96DC7C1}"
"{1657585C-7352-4BE3-9752-37B01DAB5FE5}"="{4F424FDC-9AFB-475E-9E2E-7213D96DC7C1}"
"{9839C015-654C-4887-B02A-676D80065EF1}"="{83456500-E69A-43EF-A80F-F9859CF45DAD}"
"{730B4930-6EE1-4E27-995F-8DF006D6B97B}"="{6A592539-4361-4EC3-8989-BAC13786BFDD}"
"{F6BEDF63-719B-487E-8393-0C53645DFD55}"="{84C4C862-D2C4-4CF5-8FFF-AF07CBD3077E}"
"{AEDDBFD4-126C-4F6E-BA41-0F2032118A6E}"="{84C4C862-D2C4-4CF5-8FFF-AF07CBD3077E}"
"{8B1700B1-7B52-4BF7-89FF-515E7D254619}"="{BC3C3036-BA99-4A34-B987-A9F0E3ABF88A}"
"{3E446E5F-A204-4332-BC3C-F254222EFF86}"="{84C4C862-D2C4-4CF5-8FFF-AF07CBD3077E}"
"{2E06EAC0-6FD9-4647-9338-A129A47393C3}"="{D7627AC2-F7C9-4E2F-A57A-80C2F24EA56F}"
"{00C2FC1E-2AF9-4CCD-9FE7-D70F4F83CA7D}"="{E889617A-6CD8-4E64-84FD-3E2D05FE6ECB}"
"{AB70B1BC-C415-4BC9-88B3-08D7BD11991D}"="{57F2B53F-28A6-4032-B38F-9FF7AA0E5609}"
"{FFD80365-CBF4-4D00-9843-66948274CAB4}"="{57F2B53F-28A6-4032-B38F-9FF7AA0E5609}"
"{C42DB0EB-14A8-4CC1-BAF4-592714810AE7}"="{57F2B53F-28A6-4032-B38F-9FF7AA0E5609}"
"{90197A16-CD8B-40A7-BF0B-A6848A37B6C8}"="{609D6606-41B3-4374-8CBB-8AAA7E974804}"
"{FEF185B9-635F-4E5E-971F-4C4092C69D38}"="{91732AEB-D359-4D44-A73E-BC01B6276D17}"
"{C486E4A6-F31F-4491-B4CF-ABFF298BB83F}"="{FBDBAB54-4535-4A37-9FC2-AAC2D2E902D3}"
"{9F217EE1-A14D-4840-B66B-7F55D21856BB}"="{FBDBAB54-4535-4A37-9FC2-AAC2D2E902D3}"
"{5BDF815D-2CB9-4A84-AA99-D305FC8862BA}"="{FBDBAB54-4535-4A37-9FC2-AAC2D2E902D3}"
"{B8EAF8E5-B032-4256-B82B-57A11DC8C1DA}"="{1C557B29-84F6-4AA0-B59D-BE6DF1DFCFA1}"
"{B78735D8-FFCF-452F-B70F-3B6467E640C5}"="{9873DF44-B5A9-4F82-ACAD-DBE50138CD90}"
"{77B05FA4-DFF7-481C-917C-575EA031F678}"="{9DFC5E45-1D24-4BC0-AF5C-2558E3A973E8}"
"{43D773F0-371A-459F-8349-15313734A18D}"="{4C011F16-B489-4865-BBDB-286DF47B745F}"
"{C06E7BAA-40FB-4E7D-A9FB-93B10853224A}"="{9026E6AC-8933-451A-A2D2-7242986FC8D3}"
"{E8F18DED-0619-4F88-A30B-4C0D7F2E73D7}"="{9026E6AC-8933-451A-A2D2-7242986FC8D3}"
"{2FD1D1EB-B5A8-4707-BFCC-C5E08051A9FA}"="{9026E6AC-8933-451A-A2D2-7242986FC8D3}"
"{9BDDE402-C443-4414-85BD-FC3DD08454AF}"="{E813B6CB-F75D-45BE-B14E-84058FBD1520}"
"{59CE1EBF-DD9C-4612-8AAB-B41144B7EFB8}"="{E813B6CB-F75D-45BE-B14E-84058FBD1520}"
"{EF69635C-D195-4267-A957-97A08E343BAD}"="{E813B6CB-F75D-45BE-B14E-84058FBD1520}"
"{E0DDE443-F292-4FE9-82A9-42DDF06C78EB}"="{1767B2F8-72E1-4004-9B36-42FB7DAE45D5}"
"{83424B45-F748-4F65-B6E9-9ED732C1FFE5}"="{6C591817-1EF2-436B-A116-82BFDF58F88F}"
"{83C71C08-CDCE-4E98-ADA6-6DF208E2CB06}"="{6C591817-1EF2-436B-A116-82BFDF58F88F}"
"{CFF93695-C755-41CA-9794-C9128EB00343}"="{6C591817-1EF2-436B-A116-82BFDF58F88F}"
"{EB51F794-7765-4C90-952D-7B95CA1070C2}"="{22ED4EC4-0867-4467-9979-B25EDBDB9D78}"
"{B995FA64-7B6D-4C46-B57C-129F53ED8CD3}"="{E44146A8-EF9C-40E8-BBEC-3087AAB0AEE1}"
"{7A10ECB2-1456-4C88-9E15-93BA1564FC2C}"="{766955ED-F058-436F-AC0A-D73884CD4358}"
"{50434ED6-2C53-4DE3-80E1-49CEE2C8FEDC}"="{F75E16D8-CE50-40AC-BF2E-440F9A2B2194}"
"{0914A2C0-0ABE-4785-BB95-1A2A43512DA3}"="{F75E16D8-CE50-40AC-BF2E-440F9A2B2194}"
"{9CADDDDF-20D4-446F-A19C-1FD849806B68}"="{F75E16D8-CE50-40AC-BF2E-440F9A2B2194}"
"{6CDCB215-FE77-47BF-A263-E91B31AC0DEE}"="{5849CCB4-2029-4C32-9252-08D44E50BCFC}"
"{855F18EE-929D-44B2-BBEC-473F07869CE6}"="{5BB1925F-1A0A-47F0-ABB6-429A7C1564FB}"
"{BA03CD96-3104-43AC-85D6-AFE1CC76148E}"="{95DF2D68-A79F-48FF-8412-1D565A94ADAA}"
"{45D569D5-7A10-4F31-BA31-E5F05EB4FC91}"="{95DF2D68-A79F-48FF-8412-1D565A94ADAA}"
"{1E10AE5B-0C84-4CEA-A8CC-FF897B6E2FA4}"="{95DF2D68-A79F-48FF-8412-1D565A94ADAA}"
"{9AC1D8D8-31CF-493F-AE44-1772985B45A7}"="{7D7E67AB-7469-43FA-AED4-60B29C0F6758}"
"{75F53219-F316-42AB-9A93-C02F88D5FC8C}"="{24C9FFD4-A717-4563-B1B8-015CE325BDF3}"
"{2E122443-0DD7-4ED5-A861-18CAFDBD927E}"="{00BBED4E-A1E6-4C22-9896-8C69E7E480C3}"
"{CC4F3F43-0273-4236-8E95-59EFEBB30462}"="{49699B73-6F9E-4F46-8905-883F7B66B7DF}"
"{F2D13B1C-60C2-40D8-AAD8-89A8ADDCF064}"="{476D059E-A2FC-41F4-9156-677A375C9408}"
"{23FB798E-08BB-498B-A1E9-8F222DC63983}"="{476D059E-A2FC-41F4-9156-677A375C9408}"
"{AD91A0F0-2B4C-4CDB-B3EF-F9D208BC9867}"="{9BEFDFB8-0415-4F42-89CD-877DE46E5568}"
"{F467CBEA-44DF-40A8-84AC-B3662B84BE4A}"="{476D059E-A2FC-41F4-9156-677A375C9408}"
"{EEBD02C7-DB4D-4BBC-8918-4692A58AB3FB}"="{F3A4EEDD-CD23-4A24-9A74-D8757949F5AF}"
"{D06A918E-79B5-4BAA-8C37-ECD68FEA4810}"="{5E034CB6-4958-4BE9-B446-48EF395262B6}"
"{3FA15FE8-BA17-4C0A-9D94-01BCA2B5DEC6}"="{5E034CB6-4958-4BE9-B446-48EF395262B6}"
"{5B0FF268-66BE-4F28-9B7E-A49CBB24F700}"="{5E034CB6-4958-4BE9-B446-48EF395262B6}"
"{7CFA626A-9B5B-47CB-BE65-90B5FCE3E849}"="{6A22A6BD-8D82-467B-87C3-4B076E929F71}"
"{C4E2A297-4A6B-4DB3-8533-B1172FBA4952}"="{147CE042-0CD9-406A-A702-232285316558}"
"{D0E12BC9-A3EB-460A-A3AA-56BE575EB05B}"="{D58B843C-C6EA-4042-A4A6-062A1ECE69E4}"
"{1163D095-D7DF-4CF6-B0DB-1FCB0A5D5756}"="{16B6AB42-A438-45D3-AA66-B32E3D16AF3F}"
"{859C247D-D1EE-4E09-9692-0EE166CB3E09}"="{16B6AB42-A438-45D3-AA66-B32E3D16AF3F}"
"{6CA69184-08E7-47D2-8C94-19F303BEAD35}"="{16B6AB42-A438-45D3-AA66-B32E3D16AF3F}"
"{49191CB1-1815-41DB-911D-37BF97964542}"="{FF2905E2-A4C2-4FF5-A2E1-93C9A37A0730}"
"{FC028E1B-C9E6-46BC-BF8F-974361009227}"="{5AFE0C87-88A2-43BC-9C44-D066A108209F}"
"{CE33C849-8DA3-4E3E-A1B9-AD8F0F7B4288}"="{46B64A72-4F9A-461D-98F6-1DD4A6461AB7}"
"{B89CBE54-205D-4527-B538-8B48163983D4}"="{C0880876-CD78-4429-91C2-438BA7C8647A}"
"{7D303819-E16F-4D2A-BEF3-AA8E7D353B23}"="{180113F8-C7E3-4147-B380-C61772EE30B0}"
"{3DA65099-C401-4A7D-8470-DE1416106DDA}"="{ED5AF431-B33F-4234-AE3E-48349F4AA1DD}"
"{1DA6E307-50CD-4CA6-803B-B0495DD6651F}"="{ED5AF431-B33F-4234-AE3E-48349F4AA1DD}"
"{AB39881E-2792-4CE5-A071-0D6298FD63BF}"="{B4529803-353C-4EBD-8A8C-68A857389531}"
"{34EC91E7-AAF8-49DD-911D-F31054A13439}"="{ED5AF431-B33F-4234-AE3E-48349F4AA1DD}"
"{C834C831-5D23-4863-897B-6C1AA2EF2CBE}"="{C73E27BD-D2C9-44FB-B224-B96C2F4AA706}"
"{F91CFEB8-601B-475F-A1C9-60880AB901B5}"="{116157E6-26C2-422B-BA9C-2FC12C53A78C}"
"{619030B9-CC42-4470-B8BB-4B534417DEB9}"="{63ABA866-C82A-44B3-BA29-13D349362D97}"
"{DE1EDEFD-9823-44FE-997C-C190A2752F20}"="{63ABA866-C82A-44B3-BA29-13D349362D97}"
"{FACF9554-39C8-4FA6-A2E9-B031A8EC75D1}"="{9BDB0EE8-694D-4265-8F94-295BDFF7770A}"
"{5B0F85A0-8475-4D38-B968-6A04C33FF41E}"="{63ABA866-C82A-44B3-BA29-13D349362D97}"
"{1FA5EF95-672B-4D0C-87F6-D3C0AFA0F171}"="{C872E73A-114F-4817-9345-F07AABD1514C}"
"{403BBBE2-C7AA-4BE0-A509-F8CE0095FEC8}"="{F92F4918-F335-4546-AF5F-49C4B900C5CA}"
"{9F1BA168-9CBF-480E-8F98-3B2CE5350B9A}"="{51CA5580-E0A3-4A10-A169-BD514461A160}"
"{C9B42C3B-BB97-4B50-961C-0341FC5C1635}"="{51CA5580-E0A3-4A10-A169-BD514461A160}"
"{051B1B0D-B71A-4D57-A402-8975E5909310}"="{EE7F58BC-7A00-4F61-9924-85C4AFE378E0}"
"{C1BF2E99-DE99-4ABB-97B2-314041918BDB}"="{F42E3DDD-0140-45B4-B791-723AD792A20C}"
"{C2389733-4C05-416A-ABB5-FC2E72AF5834}"="{89B4EBF6-FC8B-457C-94C4-C3C98D8AE8F2}"
"{5D9E27E1-C22A-4689-AAEF-FFBFD71D4F85}"="{89B4EBF6-FC8B-457C-94C4-C3C98D8AE8F2}"
"{8196E3EF-1CDC-4D45-B7FA-53305604B841}"="{89B4EBF6-FC8B-457C-94C4-C3C98D8AE8F2}"
"{1409F548-4D56-4A67-9047-ACED20F58A9B}"="{2368A4B4-8A9D-49C1-B8CD-DBDA88CC8B61}"
"{DD75D685-BD01-4B6D-BA29-1B3A99EE9745}"="{7F6FFC27-BFC8-4128-8A43-D773EDCA07AD}"
"{F95EAF72-F581-4729-9576-51A6A2A024E0}"="{E3267339-3265-47AF-B4C3-3904DA9D0095}"
"{AA34CDFC-B86F-48D7-94AA-DF8EF23583E1}"="{E3267339-3265-47AF-B4C3-3904DA9D0095}"
"{0D0FD366-CCC2-4740-B646-14627B7344BE}"="{E3267339-3265-47AF-B4C3-3904DA9D0095}"
"{E8D5F4B5-15E7-4D7B-928C-CE96C0B39313}"="{E74EF5BA-F97F-4806-B2CE-59ED3AF37E63}"
"{6EDD0511-9FAB-4566-AE48-457B3649B71F}"="{4DEF7B9E-EE92-4F07-8B98-6A8A60CC8CB5}"
"{271D67C4-66A9-42C2-B014-8CDAC7C0E68D}"="{B8ED7981-57D8-4181-91DD-7A8413D67E34}"
"{0C88EB4D-6FE1-498B-B163-A179A055AA8E}"="{38BD63DF-F878-4BB4-9FD8-266F52E4F2DE}"
"{4CB009CD-2131-417E-A385-C0FDBB531501}"="{38BD63DF-F878-4BB4-9FD8-266F52E4F2DE}"
"{E45E9663-48B8-49DC-9DA8-4AD9C0AF7965}"="{38BD63DF-F878-4BB4-9FD8-266F52E4F2DE}"
"{16CEE666-8AE3-4EB1-BDDB-8AD8236A7A2E}"="{1F03C474-A279-48C0-90A7-785E55ACBD5F}"
"{96B8E4C8-38D2-431C-BFE9-2FBED8631F7C}"="{9552ED60-658F-4C00-BC08-9CDEA37DFFB4}"
"{42F076B6-DB11-48FD-9ECC-B29EE42C961B}"="{F9CFCA5E-FD00-40E7-9825-A675093493D2}"
"{2D337865-00C6-4871-8DF8-68CF03B85A20}"="{CB019CB4-8E82-4AD4-A419-4BDB7AE0DECF}"
"{AD99EB96-85E3-40EB-AEA7-A073BBAB4DC3}"="{CB019CB4-8E82-4AD4-A419-4BDB7AE0DECF}"
"{7BBD1D95-CD76-484D-A7C3-F037416CD687}"="{5561069E-24CB-437C-9B4B-E8FE3FC830DE}"
"{55B9CEF1-C5A5-4690-BDA4-81E028B7D992}"="{CB019CB4-8E82-4AD4-A419-4BDB7AE0DECF}"
"{3A0C86DF-F660-4477-8AD7-0CD500222321}"="{FAF600FD-0949-4753-BDFB-E6ACA3F37743}"
"{21C04F79-FEE1-4DF5-B8E4-A3DF2E5CF338}"="{707945E0-9133-4585-9837-46287AC4B572}"
"{5FF1F333-68B2-465C-9B10-A218943E2C05}"="{707945E0-9133-4585-9837-46287AC4B572}"
"{8461F7E5-47C4-42BC-8BB6-83BCB34BAFF0}"="{707945E0-9133-4585-9837-46287AC4B572}"
"{93CE42B0-6B4C-45F9-A8D4-C5BA913D2D8A}"="{E6979E11-07B6-47B7-BCE5-0743AE89F54C}"
"{3D02CCB7-FD18-4418-8897-B5DD3596ADC4}"="{460B92A4-3277-4EA0-A8C5-EF5E603D5BA4}"
"{CBC9B96B-D928-418A-AC1B-7C38CB021AAB}"="{A1B3065A-7124-41DA-A7D0-3930D285EB44}"
"{EE710F37-8631-4A42-A45B-2E6B7CB95053}"="{3A4CECA8-7C09-4CEC-93A7-BC13E3A79441}"
"{E9F89D1C-E1B7-42C5-8474-C7A58FE78444}"="{3A4CECA8-7C09-4CEC-93A7-BC13E3A79441}"
"{E069F014-B030-45C8-A8C2-3EEBF8F23212}"="{3A4CECA8-7C09-4CEC-93A7-BC13E3A79441}"
"{4A0CEE21-1F79-46C4-B8FE-38B9386C3177}"="{BB42D6DE-8649-4764-B811-4EE4A58F2DE1}"
"{EA4081D4-EB16-418E-AB8C-D5CD538383D4}"="{47A3B029-DC44-4B31-A832-8845E36A1C33}"
"{9C3913D9-3DD5-4C08-9B0F-293F7870C6C7}"="{D0E40F7E-EDB3-4E81-82FB-58B8331692D4}"
"{4827457F-912C-4247-B7D7-948BC3C7CF89}"="{D1D943FB-8E95-42FC-ABD8-3022A46E2AE3}"
"{AFB6D5CC-215A-4CB5-A6E5-858D2A666AA7}"="{B1293E2E-17B3-48B7-AB2C-74DEC67A7552}"
"{1D389E2E-FE3D-4097-BCA5-FD34BCC7BCB5}"="{9E53EC6E-5C00-4548-9854-CB4E49EAC305}"
"{C8630F92-6E08-4C29-8026-CD2D0F7A13E7}"="{9E53EC6E-5C00-4548-9854-CB4E49EAC305}"
"{F0DA639D-5FF9-4EDA-AF54-D2B8E67CAEF8}"="{9E53EC6E-5C00-4548-9854-CB4E49EAC305}"
"{08FD1346-996C-4AC1-8AC7-8475390CA5C5}"="{88813642-590D-44D3-A4E2-65049A3713BF}"
"{329BEC2D-EA80-430D-9C21-A799F6591A81}"="{2D223589-50A6-4259-8590-D9DBD8535C0B}"
"{FB2535ED-E9D1-4163-BDAA-6E017CC20EA8}"="{E19AF676-18B5-4D87-8818-0A367B0A83EA}"
"{F038264A-F010-4337-A1B8-8F34AD32984F}"="{E19AF676-18B5-4D87-8818-0A367B0A83EA}"
"{639F4507-3AF9-4316-8D4C-2942AB2EAF59}"="{E19AF676-18B5-4D87-8818-0A367B0A83EA}"
"{12F778D6-C114-446E-997C-ADEEF4A1B57F}"="{43FC04E2-542C-40ED-9AB8-AF2DEFF91E9E}"
"{7FDC1966-4697-4CBE-96CE-99CF8003A4DC}"="{819FE30C-B8EA-40E2-AB9F-D9731F8D34C0}"
"{EC577128-039D-443F-88BC-2A37D752D92D}"="{BE2C79A2-0EE3-4B3A-8828-50DFA4D35062}"
"{DE79FE4C-CE1E-4200-9BC4-03E5A495ECFC}"="{C6384373-781E-41E2-801A-FFD937ACADC8}"
"{E1EE483D-1ABC-4927-9717-5D8E0AA1B2F6}"="{D0E20EBE-8498-47BF-A57C-AD6B99D2F4D1}"
"{4DBEBEBC-799B-4EA7-A2AA-C8E7B5E6E8A9}"="{9A84028D-1652-4770-A8CF-8AC07A468F8D}"
"{0DB37596-060F-4BFE-8591-FADE29B3BCCC}"="{9A84028D-1652-4770-A8CF-8AC07A468F8D}"
"{1393BFD7-0B98-444E-8C03-A5699F7DF5E1}"="{8DB2AD5E-3251-42D5-BC7C-1914D016EC7C}"
"{B0C1AEF0-4EBA-4638-806E-D72C21815D62}"="{9A84028D-1652-4770-A8CF-8AC07A468F8D}"
"{49FE23C6-9DE0-4E64-8F88-A1071E379721}"="{AED3EA29-067C-494F-83E9-03E46E83F31E}"
"{1407B0EA-6505-44B7-9091-E2169FA52D08}"="{32AE1E90-64F3-4282-8415-1396C889682A}"
"{7D4064A5-EE17-4281-92D6-0469D0B30EA4}"="{32AE1E90-64F3-4282-8415-1396C889682A}"
"{8F9310D3-F74D-482D-BB6B-3FE95F7A6830}"="{32AE1E90-64F3-4282-8415-1396C889682A}"
"{B507E2B7-BA2C-46DA-8FF4-ABF938C8895C}"="{5E4122B2-32DD-4DB0-84C8-04AE39A19AFA}"
"{49681157-7DA5-4D42-96A6-A28B26ABAA99}"="{8366B13B-369E-419A-9CE2-F4A8B24C15CC}"
"{68E98670-4112-4991-8F7C-0910686F6F91}"="{76E05A87-F57F-4B74-B861-1801CE12083F}"
"{D37B258C-608D-417C-AAA2-F7B302833213}"="{106469E2-28BE-4360-A593-D32F9CFDC620}"
"{A8DC0213-4586-4B14-83FE-E7B672B5899A}"="{106469E2-28BE-4360-A593-D32F9CFDC620}"
"{C62D2148-DE1D-4C30-8C3D-D233D1C1B22D}"="{106469E2-28BE-4360-A593-D32F9CFDC620}"
"{33814654-0113-43A0-9897-CF7C185E25D0}"="{4EFDF1BD-9CDA-46D8-BA0E-3EDF2342212B}"
"{81BB20E6-FF01-47D1-A8AE-9FB82C2E1315}"="{A7445572-14F5-4DFA-BF06-E6C82043CF39}"
"{82AF0BCB-07CB-4F54-8A91-B6CBE84B3E0F}"="{A7445572-14F5-4DFA-BF06-E6C82043CF39}"
"{FF75EDA2-A7F0-497A-A666-39092E57AE54}"="{A7445572-14F5-4DFA-BF06-E6C82043CF39}"
"{2CF5D742-B1F0-40FE-A164-B2259D3D3956}"="{FD79F2A6-B75C-4367-85CE-B8DB04F3C51A}"
"{9691D742-3AF9-47F6-9387-AD2791D56C89}"="{DABB5980-8923-4BF3-B1FD-DD38F50C623D}"
"{D666F3FD-BC60-4D0D-A72D-BFC353D184DA}"="{DABB5980-8923-4BF3-B1FD-DD38F50C623D}"
"{0A439652-16EE-4932-92BD-DD7BF5FA439D}"="{AD3F5C31-F405-46FD-BF52-48A223DF8F85}"
"{35C157B4-2F1F-4299-A543-7E7AAB8FA6C4}"="{809A1315-CF00-4AEF-9C65-584AAAD407E6}"
"{2377C9F7-0673-4010-BB13-084463DCD138}"="{3D47BC96-691E-43D2-B71D-5A07469FC940}"
"{31F4DA0F-8AE2-4E54-A936-E728293EB344}"="{3ED4B86B-1B00-4298-B0AB-1ECCF29689EC}"
"{66592852-BA00-4C0D-B206-1420FE27A32B}"="{3ED4B86B-1B00-4298-B0AB-1ECCF29689EC}"
"{191A35C8-E15F-4C06-8986-4A61A53AD8AE}"="{BA7B1AB7-A40A-41D3-B655-FD4B0E5DB38F}"
"{CA0DF13F-1956-4DBD-87C9-89D56348896D}"="{3ED4B86B-1B00-4298-B0AB-1ECCF29689EC}"
"{2B26E88E-1376-4C3A-A87E-BF9D694AD246}"="{D689862D-7BB5-419F-9BE7-94283403FFBE}"
"{624BB1A3-1E2A-4CF2-9F54-0B30BEDC0576}"="{4DD53085-E5B1-4775-8FFC-ACA6ABA01CB4}"
"{534506D2-62BD-46F3-8D1C-984B7BE92D14}"="{4DD53085-E5B1-4775-8FFC-ACA6ABA01CB4}"
"{F354B295-6AE2-412D-9113-326BCCC2AC1B}"="{4DD53085-E5B1-4775-8FFC-ACA6ABA01CB4}"
"{96A47A1B-6EF8-4551-97B4-285246E09887}"="{840DCA96-0693-4412-9F8A-22E63E8E5DAD}"
"{AE1C45F8-6FBF-4AC5-99DC-155739E405E7}"="{0201BEEA-880E-4E33-A81A-44C1B120CE23}"
"{D484CE18-3D44-400F-A469-4C1B9871493E}"="{37727028-B3E7-4235-A9B3-F6241A1F4231}"
"{62247818-B2BA-4C15-8F7E-3FD9BD6306E8}"="{37727028-B3E7-4235-A9B3-F6241A1F4231}"
"{3EA37D02-4492-41D8-8480-786580EDE758}"="{37727028-B3E7-4235-A9B3-F6241A1F4231}"
"{F28A57B0-0AFE-4E7A-966E-812362E5A9F3}"="{798595D2-BF09-49BB-8F69-3C86089EA056}"
"{9759671D-F502-42B8-8095-1F51D6465438}"="{DEB19FFC-CFEB-4203-8900-818F271B3388}"
"{B97BD548-739C-473E-9411-BD1FEA4CD1E3}"="{DEB19FFC-CFEB-4203-8900-818F271B3388}"
"{C34E3DB6-F4C2-4321-9893-782A135DCA60}"="{DEB19FFC-CFEB-4203-8900-818F271B3388}"
"{A245C252-60D4-4F04-AEA5-E36A27C9DF48}"="{3322C7AB-C8DA-4293-9681-BA96D37ECFFE}"
"{61830355-7C08-42EE-B020-8E1BCE96BDA7}"="{317E60F2-5BBD-4812-B9DA-EAB7CE596DD9}"
"{8BE7E27E-FD4B-4868-A2E1-807DF9CEE482}"="{4B2FC871-6BCB-47BE-BD25-7D4336522FF9}"
"{946638C4-F53F-4A8B-8C94-E2572E9CD434}"="{4B2FC871-6BCB-47BE-BD25-7D4336522FF9}"
"{F9D4B13A-D9B4-48BD-BE61-D9D8A61F804E}"="{B3081A06-7281-4961-84EC-574026AD67A6}"
"{261F691F-10F9-48AA-B103-9B3A1855106A}"="{0BFF11BD-EE2E-45EC-A264-E3C05E0B63DD}"
"{C94072CF-DD1C-4B6E-AF31-E6FC9032BD04}"="{0BFF11BD-EE2E-45EC-A264-E3C05E0B63DD}"
"{69BB27D8-9294-41B6-931A-F07D225195C1}"="{0BFF11BD-EE2E-45EC-A264-E3C05E0B63DD}"
"{AB6EE9CE-86CB-43DC-B813-D73C6A972415}"="{072B5447-F66A-4A71-AAD8-DCA57F84A13E}"
"{FED2F2A0-0EF8-49B6-99D5-4ECD953FB003}"="{FC1B7DC1-479B-4CFB-A223-E3A526BE0B98}"
"{E84F06D4-6401-4E76-9350-91829E1E0179}"="{22554C99-7AFF-405C-B423-F28949C577EF}"
"{BDB185A0-08EF-4E63-AFC2-135FF2D4CF50}"="{22554C99-7AFF-405C-B423-F28949C577EF}"
"{7E7988B8-F8DC-44D8-9360-5660D0E6975F}"="{FD5EBC93-8960-485D-A437-B58DA727FD71}"
"{65F8A6B5-2E1D-46DA-9A1E-C7CCBBE23596}"="{22554C99-7AFF-405C-B423-F28949C577EF}"
"{37E3FED3-1F6C-4E52-818B-96C20C906017}"="{4C8BE464-AB7C-4AC0-A6B6-D8433C654E57}"
"{F7AEE13B-62B3-47F7-940A-0AE4B8494A46}"="{4C8BE464-AB7C-4AC0-A6B6-D8433C654E57}"
"{8B849936-6256-4912-9A90-3316B48BEC52}"="{4C8BE464-AB7C-4AC0-A6B6-D8433C654E57}"
"{58F41E7B-EAAD-45C0-8D97-A1D82824FFF6}"="{8F39DA3F-F9EF-413F-8EEB-9F37D8434A97}"
"{F427C0BE-22D0-47C6-8E1D-DFC8F25C60AC}"="{9947C7F7-B09E-4A47-BA40-E7185D7C4687}"
"{D40D7C9D-6FAA-4BD0-8553-67E2DF16C3AA}"="{9947C7F7-B09E-4A47-BA40-E7185D7C4687}"
"{BA31809A-F0D2-48B3-8D95-B7EA0D9D365A}"="{9947C7F7-B09E-4A47-BA40-E7185D7C4687}"
"{5334FECC-3B3E-4485-BB73-69D61AA1A29D}"="{14D1C4F4-FD66-47A9-8715-B828D9E3AD12}"
"{B6D59BEF-D228-4F3B-89CB-238952D9A44A}"="{85E41FA6-2924-4419-9FE4-3A617AB4C411}"
"{D719732E-3130-4E04-BD5E-81BF996AB627}"="{1353AC84-2A68-481C-A87E-1E8A6CE88A4F}"
"{247D57BC-06BC-4B2E-AC15-2933A9704523}"="{1353AC84-2A68-481C-A87E-1E8A6CE88A4F}"
"{92980704-25D7-4672-8273-ACE7A65C4780}"="{613BAABA-E508-4013-8364-036DBDFBF68F}"
"{BDEB6809-4973-4862-80FE-78BBE7F3A0D6}"="{1353AC84-2A68-481C-A87E-1E8A6CE88A4F}"
"{8DD08A5B-9047-45AA-A1D1-5BA1E33EDE36}"="{4970E11E-382A-4D42-95EA-EA7DF757E715}"
"{9F407709-8EEB-40EE-9203-38321B28C608}"="{4970E11E-382A-4D42-95EA-EA7DF757E715}"
"{C3F9B45B-4862-4D40-8AA5-16244C4391E1}"="{350B67D0-A375-41DE-B810-8609B4BF51D0}"
"{098B3FCD-701F-4BCE-B308-3EC1E5417F63}"="{350B67D0-A375-41DE-B810-8609B4BF51D0}"
"{2B83D992-F562-47B0-A7D3-51F3F1073086}"="{350B67D0-A375-41DE-B810-8609B4BF51D0}"
"{2693BE88-ECA4-4840-A8FC-A4A628513293}"="{56039A1B-D1EC-4775-9464-0F5166DAD315}"
"{CD69B33E-1FB9-417D-9F60-F94ACB376112}"="{5542F186-0514-4619-BEFA-DA4E570701C8}"
"{3E9BA070-F031-4C9D-83FD-4B25F379EB72}"="{CE560EC6-2927-4BC3-A6F2-40F53260CFB2}"
"{3BDD39FB-F463-4F61-A2A8-986B8E614527}"="{95F94201-0C04-444B-9337-07D6D08F07F8}"
"{BA481551-E988-4A90-9C5C-BF9B4BC13758}"="{95F94201-0C04-444B-9337-07D6D08F07F8}"
"{7FEA20CC-4276-4655-BF92-D70405E5DF76}"="{95F94201-0C04-444B-9337-07D6D08F07F8}"
"{23C7432C-563C-4673-A509-B7FA3520057C}"="{42410D1D-7338-489A-9E0A-EAB880616BDC}"
"{DF671CA8-5C75-4CA5-B7C1-73D1CB0A056A}"="{0AAE9809-AF7E-48E3-9E97-8F17CB5AD1E7}"
"{B427446D-A6AE-4F62-926A-9E5A2C539983}"="{8B62D7B8-DF05-4B02-ACA8-3A7E1F0FF75F}"
"{3AE1527F-924A-483F-B8CF-E581AE1D5BB1}"="{8B62D7B8-DF05-4B02-ACA8-3A7E1F0FF75F}"
"{CFCA6507-AB92-4B2A-B20F-F07A302BD9B6}"="{8B62D7B8-DF05-4B02-ACA8-3A7E1F0FF75F}"
"{F42898C6-1B15-4BD0-B56E-72F07F773C6D}"="{E7AC5D55-220B-4703-9E46-3F7B9F94B965}"
"{BD74BD45-D90F-4936-8B93-76D6CCCDD17B}"="{67CD0F8F-BDD9-476B-8908-D02CF206DB8C}"
"{3C1A74DE-3610-43FB-88EC-BCC09123955E}"="{67CD0F8F-BDD9-476B-8908-D02CF206DB8C}"
"{5F9EF52C-7A8C-4B01-938F-545F0792368D}"="{67CD0F8F-BDD9-476B-8908-D02CF206DB8C}"
"{5C5E744A-6DCB-4116-8A9E-A64808ACE123}"="{037ACB13-19AF-44E1-AD44-51440D756569}"
"{EAADE180-84DA-4D25-A7D2-93D05968DCC4}"="{4A1DD14E-3F37-4E40-AF2C-2168DC905729}"
"{88FFC971-D5D7-4581-8FE5-11C8CD1162C8}"="{6BD039B4-F1EC-4DB2-B3F2-99A7CFBCB69E}"
"{3D09C0B3-A102-439B-AE08-60350A2197F6}"="{6BD039B4-F1EC-4DB2-B3F2-99A7CFBCB69E}"
"{B77089ED-0B9B-4DF1-86C1-CFF504F71DCF}"="{DAC45190-B82D-487C-A08E-91F97DA52450}"
"{BAC0B371-391E-409F-B40E-9B9228577FC3}"="{6BD039B4-F1EC-4DB2-B3F2-99A7CFBCB69E}"
"{E36B7530-4D35-4F1B-B205-701FD7B8EDD8}"="{AB4BAA84-4622-40A2-AF92-9A75067B3916}"
"{B010E46E-C9D2-42D4-8C61-430667C00550}"="{1EFE5AD4-AADC-4FA0-AF60-E882BC538835}"
"{F7E93C59-04AC-4D94-AF4B-411CB4E38562}"="{1EFE5AD4-AADC-4FA0-AF60-E882BC538835}"
"{D2F32E01-20A3-437A-9D6F-801D701932AD}"="{1EFE5AD4-AADC-4FA0-AF60-E882BC538835}"
"{A07E2228-E399-4776-97C0-DD72D6962BE6}"="{A8752DE5-7FAB-4219-A795-54963B17E272}"
"{6D72A1E3-B038-4F9D-A737-9002A2314878}"="{56E2AEDA-701A-41BE-BDD5-753A20DF9386}"
"{764A1A08-87A2-4997-8ADE-578210722FE7}"="{56E2AEDA-701A-41BE-BDD5-753A20DF9386}"
"{34E16860-20E5-41F6-8344-3B91D848017C}"="{850C56E1-0C55-41FE-8497-981081232554}"
"{8466992C-A0A1-4AF9-8DDB-F6E314D9140E}"="{F03D2242-C5DE-4D6F-BA1D-2AEF85DF16D8}"
"{968D9771-D1C4-49D0-B257-2579F25EE3FE}"="{ED664323-78AE-44AF-8374-8616BADA4A2B}"
"{4FBB7EDF-67FC-400D-9B34-C569D1D6EC59}"="{70C5A266-DD2D-4CED-9AF0-D92FD61A87BB}"
"{33FA41B7-8A90-442E-868C-4B3CC64906B9}"="{58403674-BE11-498B-A47D-9550AEAE034B}"
"{DC5D1B63-955B-40A0-A13C-E3E636056C05}"="{58403674-BE11-498B-A47D-9550AEAE034B}"
"{481FAAE9-0698-46BC-ADC0-116B00B2C24E}"="{58403674-BE11-498B-A47D-9550AEAE034B}"
"{F96BA243-3488-4D2C-8582-C0A31D2A049D}"="{5132FF6A-2486-4CB6-895B-F4814B94C377}"
"{7055958B-0104-424B-A390-EA1875C9DAF8}"="{C9858534-ABB2-43E1-9925-2B2B7518167B}"
"{A0137ECC-614B-432A-AF16-BBB85FC9B6F8}"="{C9858534-ABB2-43E1-9925-2B2B7518167B}"
"{5BEBB08A-A9C0-4163-BBB0-8C510AB8F567}"="{C9858534-ABB2-43E1-9925-2B2B7518167B}"
"{FEAB3494-BB7D-4BC2-A22C-1A6A7D532411}"="{9ADD70C7-02C8-40DF-B7F1-292E667D1CFF}"
"{E39AE0FF-B6FD-49C4-A172-009E369C6E99}"="{DFAA6040-0F6B-4261-BFA2-1B69F98D1C9F}"
"{38B5D847-5AFE-418A-A0F8-D8BF006249A3}"="{DFAA6040-0F6B-4261-BFA2-1B69F98D1C9F}"
"{5D645409-9677-40CF-867C-0601FE2E1A61}"="{DFAA6040-0F6B-4261-BFA2-1B69F98D1C9F}"
"{C6F4598A-C105-4E5D-88CE-5C15A695DB3A}"="{21FA1DB7-DA84-478B-A307-A639A5BBA53A}"
"{1AB8E472-99E5-467F-9245-5AFC3F76CC6B}"="{241B7603-F3EA-4071-A0B4-9E13D3089D19}"
"{EB860E85-209A-4E25-BDAC-898C02081FCE}"="{862587A9-3BF4-487E-BF83-1136006B75A4}"
"{E8AA1CA5-F840-4C16-9611-530E73148F0B}"="{11D0294A-F600-46E2-A14A-D444A589BA2D}"
"{703AAC8B-448C-41BB-8E1A-1A2079DBFD17}"="{11D0294A-F600-46E2-A14A-D444A589BA2D}"
"{18F280AA-FF06-4CA7-86CC-D8731A3F4249}"="{11D0294A-F600-46E2-A14A-D444A589BA2D}"
"{39DB1197-7C30-4B5E-9E53-89F21467CA3B}"="{72B99F5A-EADF-48CC-B0B1-E839CA4FAE61}"
"{9C6B5CE4-932F-43C7-B261-20AD43EA1A73}"="{1F175968-5393-4D7C-8319-0DDDE2050AF0}"
"{0E1A20A1-5C29-4994-BCD9-4FF6671058F3}"="{1F175968-5393-4D7C-8319-0DDDE2050AF0}"
"{3CDB7E9F-73E2-4F0E-A821-AE65B06C2ACA}"="{1F175968-5393-4D7C-8319-0DDDE2050AF0}"
"{FAF77B7C-398D-4450-AF8E-796CD11A1633}"="{E1DCDB16-E684-4697-BDDD-5C659F88FBAF}"
"{4F8242CF-62C3-44FC-A103-3DC5C6AA4FEB}"="{E6A3E405-3B8A-4ABF-ABCE-A723A9076942}"
"{3939B967-862A-4FD4-9BF4-F606BAC5BAAB}"="{E6A3E405-3B8A-4ABF-ABCE-A723A9076942}"
"{3295C1C4-8DAE-46B8-9E07-D65B42314F68}"="{F6DCB8FF-38C7-4976-B8E8-0B934305EF44}"
"{89F13A97-7712-4A48-8673-271770B05309}"="{877ADF7F-BA9C-4B3F-A78F-DCF04024E1FB}"
"{671354CB-87ED-4B0C-8591-2F1F4195D7FA}"="{1CC5267E-D046-41E9-B133-A9FC76CE0803}"
"{9DD0EF35-45B2-4F6E-A4D1-3428302AF73F}"="{34191811-93F0-4F6F-A92F-6DA3A31DB9D1}"
"{56F2255C-77FA-4CAA-9A13-E3BF633F97FF}"="{34191811-93F0-4F6F-A92F-6DA3A31DB9D1}"
"{72BC94C4-20C3-453F-91A6-221CF6D60E3F}"="{2671602A-A8A2-4481-8537-0D17AB7025D3}"
"{67FBF23B-A4D7-49F7-A911-CAFF232EADB5}"="{34191811-93F0-4F6F-A92F-6DA3A31DB9D1}"
"{7A9397B2-1CF6-4AA0-99D7-D252FC59AC9B}"="{403D221E-E59A-4A73-9F12-190A2D1F4262}"
"{254249D3-EB41-4410-A53E-339A31934BF5}"="{2AA64094-8ED7-453F-AF06-C1C3FA24EA77}"
"{7415611A-1012-4149-93BC-6623E7A3AAD3}"="{2AA64094-8ED7-453F-AF06-C1C3FA24EA77}"
"{0037CE0A-6A1A-43EE-99D5-E41C21599B82}"="{2AA64094-8ED7-453F-AF06-C1C3FA24EA77}"
"{23EA714B-3DA5-4112-8D1E-511EFAECDB5F}"="{27F12EA8-B309-4639-A101-AD4A1F8AE53C}"
"{D8966D97-AD80-4BE2-AA4A-9B8F91F2CBA5}"="{A5C09F3E-F391-452E-A887-9EBDCE48291D}"
"{55D291BD-649B-4F9B-82C0-2D63504E7987}"="{B1B846EA-2E1D-442A-BC31-51ED9BE49AA4}"
"{F3D366DD-1F61-4AA0-A774-08834DF8D297}"="{B1B846EA-2E1D-442A-BC31-51ED9BE49AA4}"
"{EEF16D5B-01F5-4EB1-880F-9214D0A9E202}"="{68B56D75-2274-45E0-9DDA-0BE7DEF8E53F}"
"{827AFEBB-3D03-4E8C-9945-AC8427BCA5E4}"="{B1B846EA-2E1D-442A-BC31-51ED9BE49AA4}"
"{529962CD-5F89-4A64-9822-85830368EA06}"="{73C49443-4ED6-4AC3-89B2-6B846BE2617A}"
"{29CA1990-CAB0-44D5-80EE-21CFE17B2CC5}"="{FADFAFC4-7D33-4767-8248-86D91F50013C}"
"{1F123730-1275-4D07-9312-C9C18B823F4E}"="{FADFAFC4-7D33-4767-8248-86D91F50013C}"
"{99C96ECF-150D-45C5-B5EF-54263F9C82A8}"="{FADFAFC4-7D33-4767-8248-86D91F50013C}"
"{7ED416F2-59B4-4610-A2EC-58173B7115FE}"="{F15A1C37-54E7-4268-92CE-96F68C508F17}"
"{879FE0E6-076C-4BF2-AFCF-28BA32334EB5}"="{9E7223DE-F278-43D4-A2CD-B57E32142469}"
"{A44C98B2-945D-4279-9420-13EE52D538D5}"="{F7AE699D-E989-497F-B912-9781146093A1}"
"{4EE95D17-366F-485F-9555-E4CE9D6043CC}"="{F7AE699D-E989-497F-B912-9781146093A1}"
"{16448952-0110-4A35-8F9C-526D7500B467}"="{F7AE699D-E989-497F-B912-9781146093A1}"
"{E27105D5-A373-4EC6-B3EE-B62B6D74E027}"="{6EF687A3-38FD-4136-B204-E4EFE0CFA1CF}"
"{986C7217-4583-45F5-9010-AD47410C8D5C}"="{5BAF1A44-9FDA-41D5-9980-403A6EE87681}"
"{0AFF8EBB-5336-415E-B292-2D731DD60127}"="{D4EDF1F7-BBCE-4188-BC77-57D8AFE541E1}"
"{10078DF0-6741-4562-971D-668C36F330F2}"="{D7142D8B-AD4F-48C7-B36B-57541B952565}"
"{68E188C1-849A-48F7-9D08-7174EC765100}"="{D7142D8B-AD4F-48C7-B36B-57541B952565}"
"{CE7FB372-15E4-4B32-B353-5C9E10E88B76}"="{50DEF92E-71F0-4EA7-83BC-B7E5D344497F}"
"{E4A6E61F-2135-4E9D-9CDA-3EECF1B156BD}"="{D7142D8B-AD4F-48C7-B36B-57541B952565}"
"{AE5EED40-C2F6-4755-BAE7-8BB22B2DEA7D}"="{DC268EE1-05DE-40A7-A0AF-6229CC81C355}"
"{A7D969F4-D011-412D-9EC2-72C0BFD134F5}"="{EDA3886E-9B10-4727-953A-6A534124BCB5}"
"{7D1C83A6-6757-49FC-B2AA-9837C1A6F1EE}"="{EDA3886E-9B10-4727-953A-6A534124BCB5}"
"{2E37CD39-F648-459D-BDAA-5AC9139FA584}"="{EDA3886E-9B10-4727-953A-6A534124BCB5}"
"{5C7EB893-3578-452D-9058-1FEA9711CECB}"="{300011B0-38BC-49D0-B7AC-DFDF071364FF}"
"{ACE4889A-ACE8-4CEE-99D6-4AE3A3D60CA6}"="{DF349C6E-2944-4DE4-859E-5B6DF6077EB1}"
"{7B378BA9-FBB2-45F6-94C4-A56EE207E2EC}"="{8B4DF465-93F8-4FE1-81AD-A7914A2524A2}"
"{CB1CDA3E-72DD-428D-81E5-85C99E2397E0}"="{8B4DF465-93F8-4FE1-81AD-A7914A2524A2}"
"{281F291C-060A-455F-9128-AFA8DDEA780C}"="{8B4DF465-93F8-4FE1-81AD-A7914A2524A2}"
"{5F854C14-B1B2-4A93-8708-F1F6E38536A9}"="{649FAE31-8F53-460D-8032-ED9E2D7FEDC4}"
"{2579E905-C3DE-4764-9E51-36793C3D19CC}"="{5633687D-133C-47AA-AEE6-FAFA70311251}"
"{C5717287-5594-4849-814A-5375185FA16C}"="{62088AA2-4783-4141-B60C-12D017D43692}"
"{67741C13-029E-4A1D-9EF9-775D8A2C3C78}"="{62088AA2-4783-4141-B60C-12D017D43692}"
"{298B7500-327A-4439-A48C-6BCA6AD482B9}"="{62088AA2-4783-4141-B60C-12D017D43692}"
"{EF61D548-98F1-447A-AB54-BA784CA57651}"="{8446AAC0-6B8D-4FE8-8E38-74B5F8CE3487}"
"{3817BD83-6C5C-4386-8F40-1B344B6C818D}"="{C3281CBC-2614-41DA-AD86-03409DD3CD5D}"
"{C0789ACB-5A3A-4300-960F-BB3F9796D035}"="{2E34CC68-99E8-4FBC-B2F7-0DB5A1E86278}"
"{CE061587-6253-4149-A177-5C07FF8C4A60}"="{2E34CC68-99E8-4FBC-B2F7-0DB5A1E86278}"
"{73BED6F7-8A44-4C3D-97C7-10B2A8A959A3}"="{03CB2C58-20F6-4941-BE5A-A798A8103366}"
"{6CFC1B61-2063-47F8-A79B-9721A0DCBA43}"="{2E34CC68-99E8-4FBC-B2F7-0DB5A1E86278}"
"{61C2C219-DCAF-4B99-9E8F-EE615DD5A55A}"="{49832415-6961-4181-ACB1-73B26DB3731F}"
"{4E92CDE0-E4F9-4256-8552-5387819F0C68}"="{D490CA98-CF75-4542-92BC-20F141F9B45F}"
"{17ECC48C-F69D-4819-9A1F-4543A639C39E}"="{D490CA98-CF75-4542-92BC-20F141F9B45F}"
"{2A630FFB-5EE8-43B1-A782-D7DBA6255000}"="{D490CA98-CF75-4542-92BC-20F141F9B45F}"
"{BF537350-93F6-4631-9E3E-A036237F150C}"="{1EEAE11D-293D-447C-8B6F-27C89CCE1625}"
"{48019F9E-710C-435C-8B4B-52F248810CA5}"="{B3992D96-F667-4B87-A512-418ECDF31042}"
"{4E98DD1F-133E-411E-822E-FEBC1B97A4E8}"="{0DE62583-6DBD-4F9D-A1DB-C47EF67A3C7E}"
"{A1AA9F13-6991-4705-B3E3-A0DA89F70114}"="{32DFA85C-9D90-4F6D-90CC-A7C1F8669803}"
"{E3787AF0-C963-467F-B878-705A959DD2E4}"="{AF47CCF4-7E27-453F-9B23-726526AE3296}"
"{459F51E6-5F58-4D5F-A0D1-C7A4A9A328AA}"="{942A699A-F26F-457D-84FF-7507A7624DD1}"
"{5C9D6C32-31D0-421E-9C89-7E2A7C28CE66}"="{07CADB0B-79D9-441B-89ED-8AC7D792E88A}"
"{827DE3A7-B4EA-469A-B1CD-15902A872BAD}"="{07CADB0B-79D9-441B-89ED-8AC7D792E88A}"
"{C161069C-CBFF-4135-81D1-3AC30E250DEB}"="{F8F9EBA8-4433-4AA9-8C3B-4995852826B6}"
"{C83347F5-B78B-429A-8B4B-4E356CD5BCE0}"="{2E896382-C076-43AD-B415-B2B5C4B02F2E}"
"{3D30D841-2043-42F2-9C5C-C17A4C5CAE27}"="{267A7767-DE7C-47A2-B687-CFE516F66E41}"
"{091EF5CF-9630-4451-ADC8-B071B856D8B3}"="{267A7767-DE7C-47A2-B687-CFE516F66E41}"
"{B2DB79ED-7C98-4EE8-8754-AA79049208E8}"="{F0DFD234-2E9F-442B-94D3-5D99637D2B72}"
"{397F8A5C-A029-4AC8-8CBF-F4A655C72294}"="{503B49E1-CFFD-4D53-8206-7D460394301D}"
"{AB9375C4-9644-45C8-9619-DA9F67A47565}"="{0F115376-31C8-4D46-B120-E61139D7DE69}"
"{04FD785E-BAAC-42F0-90EF-CAE6CFD0B1EC}"="{0F115376-31C8-4D46-B120-E61139D7DE69}"
"{AF8CDEB1-F290-4F28-B73E-87023D297A34}"="{07EED6EC-EF9F-46BF-97A6-3C8365030831}"
"{048DC755-44D1-43F8-AC7D-423AD5119DAC}"="{1C8CB083-6651-47F7-87E1-3818EC45231D}"
"{F203DD9F-C8F2-4F89-958D-E8F337EEBB39}"="{BDA44D4A-53A0-42B2-9BEC-834E56824D64}"
"{8D21839B-2CFC-4A66-82B1-8F29E10F637D}"="{BDA44D4A-53A0-42B2-9BEC-834E56824D64}"
"{6A15E4CF-43FC-489A-A2C2-33F5CC5A188F}"="{BDA44D4A-53A0-42B2-9BEC-834E56824D64}"
"{83AC23AA-216C-4B35-B0DA-9E63596DA5DF}"="{DC384845-B14A-431F-ACBF-A7D36DB66809}"
"{548E4120-B589-4A5E-97D1-867EEE79832F}"="{7DB2FF86-E24F-4108-95D8-FC42D3C0E05D}"
"{DD3073C3-EA1D-4CE2-9092-3A2E07173922}"="{90DF532B-5F98-426E-9CF5-29ACB9505E4E}"
"{3FFEFE06-3459-49CF-AFD4-0B3C8E0C8CE5}"="{90DF532B-5F98-426E-9CF5-29ACB9505E4E}"
"{FFA6CE0F-D2CB-4E5E-84AF-25C46BFA9DDC}"="{90DF532B-5F98-426E-9CF5-29ACB9505E4E}"
"{EF2B3600-3737-4A17-A692-A038B20646B7}"="{ABF290FE-9D6D-4F2C-8D52-3A9787A0078F}"
"{898BBF6D-7AE5-4A0E-949E-0B01811EA751}"="{69A6CDDD-115C-4F0C-B72D-FB2C7F787560}"
"{DE59FA05-D257-452B-9DB5-D9B8604A1582}"="{69A6CDDD-115C-4F0C-B72D-FB2C7F787560}"
"{67679ED0-9DD8-40E8-A029-29287732B336}"="{8035A7E0-5B68-413C-98BE-D7446D9BAF32}"
"{4A9B8A74-0996-4E5C-868B-FAF3F234EB9A}"="{69A6CDDD-115C-4F0C-B72D-FB2C7F787560}"
"{72B81DAF-EF4D-429A-AD8F-276334DAD876}"="{308D42DA-4A3C-438F-A568-286D8862E415}"
"{7011BE77-1B73-4A05-B0D9-BF275AEC5F1B}"="{78FA32A7-5E6E-48F7-9DFB-FC9BFCD1BDE0}"
"{2CCC8E3F-E710-47C9-BBC6-D7771D679E02}"="{B87AC2E5-9240-4EF0-8AAE-3BB666DAA314}"
"{BB867AC5-8492-48A7-B3EC-E6374A37B4AD}"="{B87AC2E5-9240-4EF0-8AAE-3BB666DAA314}"
"{E62CECD2-DAA0-4729-BE6E-CD88E57CAE7F}"="{B87AC2E5-9240-4EF0-8AAE-3BB666DAA314}"
"{B8D38EF5-8E28-4D1C-B70F-902382A6DC97}"="{E233B82E-19BD-47F1-8F6F-4BCA9DDE6DE7}"
"{3C26A8F7-5A40-487C-91A0-84C90231ADEE}"="{246D178F-8016-44DE-817A-D5305F34B302}"
"{FD0D5AB3-447E-4CDC-81D5-F6418D2E5B76}"="{246D178F-8016-44DE-817A-D5305F34B302}"
"{D4F7C3F0-D368-4CD4-812B-A7B7F4050B97}"="{246D178F-8016-44DE-817A-D5305F34B302}"
"{935E35FA-674F-4FF8-9028-2AEC02B6EC5B}"="{D21FFE28-C32F-4FBB-8A7E-77D3F15F69C6}"
"{CCAD794D-E27C-4CCF-9440-2B3EDCD69D20}"="{F2FE7383-D0BB-4BED-B568-C9B1CD4C6CFF}"
"{16333AC8-6905-431D-A7B5-1B6AEF716E8C}"="{C170E76F-3613-4CD6-BD2B-FDA6085A4A5E}"
"{AC7CE9FC-9916-49BA-ABA2-D3D774F83A27}"="{C170E76F-3613-4CD6-BD2B-FDA6085A4A5E}"
"{558CDC7D-1089-4D6A-9BEA-31DA0D606077}"="{C170E76F-3613-4CD6-BD2B-FDA6085A4A5E}"
"{D026B94B-6CF2-42BE-8E73-4FBC92CCBE97}"="{114E911E-486D-4A01-8EC1-AC7A1110E5A1}"
"{8EFEBCC8-95BF-467F-9EDB-FD24AB5A771A}"="{1ADE345C-2059-4370-A622-5D8EC5E21C5B}"
"{CFB6942C-AD10-4BFF-8D6D-266BBB79614C}"="{E825DB1F-57EF-4118-95EB-01F99048D11C}"
"{F3DC79A8-B609-490A-98A5-E91E370EED3B}"="{E825DB1F-57EF-4118-95EB-01F99048D11C}"
"{8879962E-F988-44BB-BE4A-B2F618A2B943}"="{6D722DD6-0065-4657-8689-7A43DA2E0971}"
"{580C88C4-602B-444D-9ECF-F50470EACF61}"="{E825DB1F-57EF-4118-95EB-01F99048D11C}"
"{9598FBE4-9AB2-4B62-86E2-25FC9E0B5566}"="{D13D85F3-481C-4288-BF46-E4C197CFB71F}"
"{C1D6C26F-644D-4520-8F34-4DF43BA72272}"="{CC5329FD-3D5F-42E4-99C4-7D47FCBBEA3D}"
"{AEF74306-5117-4644-975B-CA3F5D520A1A}"="{762B8DD9-9E6B-4393-8ABA-8E9C8330A865}"
"{4454B168-EB9B-48F1-A185-A7B9C68C738D}"="{0824EE9E-6F09-432F-9DE0-E5B251DA7129}"
"{D5BDBA58-6565-404E-99C6-4B37644C31F8}"="{4CC1729B-5DEA-463A-ACE2-E640CC5A2CE8}"
"{B2B0AA4B-7E46-43EA-B388-ADA24CEB8A07}"="{990A7C8A-BFD0-4325-991B-01D7591A93ED}"
"{27780BE1-F219-4C55-90EB-CDA338208463}"="{4C7C92C7-0743-42E9-8AA2-E1472A147D7E}"
"{E7E62B8E-5ACC-4B91-8D6A-43CBC6D9BDC4}"="{EC5537C6-646A-430B-AE01-B912AE72C3B0}"
"{CAFB542C-3569-4794-A6D4-1D52FB0321C5}"="{678F8A77-907A-4080-B294-04C435F76B0B}"
"{07E07BD2-6A5A-4AFB-ABC3-F42C3C431449}"="{678F8A77-907A-4080-B294-04C435F76B0B}"
"{12600089-1FC9-4D9B-A34D-2EB521C4E2E0}"="{B909B8B6-B3E4-424F-9480-C1725B81D947}"
"{A2C1E0D1-BB8B-4311-BA23-8B618A189077}"="{1E60D4E9-0F81-4608-A566-12DD8D015EE6}"
"{E91407B1-23CC-46BF-881E-7B79B5339BC3}"="{A9C7C76D-7227-44C3-B6CF-2E8243D9013D}"
"{D3B836BE-767A-4782-87F5-C941D32595E3}"="{D8DE94BF-70CB-431E-A55B-57BEEF2381FC}"
"{090B4B4A-9726-44A9-94AC-F49A577CF62C}"="{67E30DDA-72EC-4038-AB9A-C7A6049C9BDF}"
"{0AB82FD1-8ABD-4A2E-82CF-4B681467786D}"="{67E30DDA-72EC-4038-AB9A-C7A6049C9BDF}"
"{1673CB78-C8CF-4411-84B3-D71855E27D9A}"="{E8CD960E-1439-4316-B877-1A5D10A4A17B}"
"{80324346-B95B-4F33-B460-74F6EE39C4C8}"="{67E30DDA-72EC-4038-AB9A-C7A6049C9BDF}"
"{423D9B9D-927B-437A-952B-8D1F96E11BF1}"="{78FF323B-4190-48CA-8812-9CE779839A7B}"
"{8093C499-F813-4A76-AC80-0E50DE715027}"="{78FF323B-4190-48CA-8812-9CE779839A7B}"
"{17FD33C9-F3B4-4B6D-A153-7BBD599CC309}"="{049076D7-B862-4E25-A323-A7A188BB349F}"
"{D2A2AABE-F617-409C-8CCD-FF4F86C64921}"="{78FF323B-4190-48CA-8812-9CE779839A7B}"
"{DF473D7B-D00A-4526-B470-EF11FB370AAA}"="{B982D04F-F707-43B4-B6C7-2038B9A86FF3}"
"{A65AF8C9-E9EA-485D-A265-256C81B2BD28}"="{9A4176CA-CB3B-4931-8551-8EDF936E39F7}"
"{CC406D07-AC9A-47C5-B499-69C14864C5C6}"="{B5543744-A64E-4334-9BCC-BD206B381BE4}"
"{AB6A2DD8-4E4A-4B92-980D-163A7E99D0B9}"="{C72AFEAB-91F8-4496-97DC-A3E8454FE1F4}"
"{3D9E68B2-E7F4-4AE6-8DD9-A4FA65769218}"="{FA039348-1401-4830-88C2-138AC3CF1237}"
"{D6953608-EDE5-42A9-8F17-987795AE9DA2}"="{B4DD8496-10FE-48EC-B77F-83DE4DF4AA95}"
"{75D92266-559B-4DC2-925F-17940074CE5B}"="{B4DD8496-10FE-48EC-B77F-83DE4DF4AA95}"
"{A91A82EF-597B-475E-A2D1-EDFE7B66EE84}"="{B4DD8496-10FE-48EC-B77F-83DE4DF4AA95}"
"{C84FECD9-F024-4055-8D91-7D5FB29A2F6E}"="{53DA2B76-CBCE-4DDC-9DE7-C1AC1CECD0A0}"
"{0F30C9B3-D773-41E4-8C02-702DD9827B40}"="{A5FA2BF3-791A-4DCE-BB41-6BC3CAAA6C8A}"
"{21ADFDE2-5DDC-458B-9038-DF3ABAD24E87}"="{CF102832-2529-48D4-9A81-4156DCD50B04}"
"ccSvcHst_ccSetMgr"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"ccSvcHst_ccEvtMgr"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"ccSettingsService"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"ccEvtCli"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"{2A3D5851-1937-4583-B13D-E95810E185C9}"="{67A85DC6-C577-4473-8727-02231234105C}"
"SAVSubmissionEngineIPC"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"SAVSubmissionEngineCallbackIPC"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"{F849259A-3060-4A31-B64B-0B6EBCE817FF}"="{E1CC2BFD-F3C7-4D01-9DF5-51ECACCD7315}"
"{BFADC982-75E5-497A-A114-95856CCE9A33}"="{9F4641A8-6161-4CD1-AEE2-CD664A700A65}"
"{C43C29B9-3CE6-4F59-845D-042111E51FE9}"="{E1CC2BFD-F3C7-4D01-9DF5-51ECACCD7315}"
"{B09AC88E-FF83-4ED7-B60F-23ED9378C700}"="{E1CC2BFD-F3C7-4D01-9DF5-51ECACCD7315}"
"{F23BE0F4-3FD5-462B-A469-339406B4036E}"="{39702B85-9C94-4D11-B431-5B4D99EC6B96}"
"{C7CA602E-1196-45BC-8AD3-3D8E284C16E6}"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"{93D00B83-2908-4545-A970-B1A912460A3E}"="{9F4641A8-6161-4CD1-AEE2-CD664A700A65}"
"{89D0717D-EA5E-4420-BC33-54CAA71AD7BE}"="{9F4641A8-6161-4CD1-AEE2-CD664A700A65}"
"{89FEC435-9CB4-453E-9D92-ACFF806A057E}"="{9F4641A8-6161-4CD1-AEE2-CD664A700A65}"
"{5222B459-8D85-4C3B-A25E-4D8AAD2A63DE}"="{FFCC247A-6E09-438A-82B4-0B733F8B150D}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-05-16 20:06:53
ComboFix-quarantined-files.txt 2011-05-17 03:06
.
Pre-Run: 175,011,442,688 bytes free
Post-Run: 175,764,180,992 bytes free
.
- - End Of File - - 3D9D4E94506F80D5C643C919EC1331D3
 
How is redirection?

Uninstall IObit Security 360.
It may be interfering with Norton.

=====================================================================

Unless you installed Viewpoint Manager knowledgeably...
Go Start>Control Panel>Add\Remove (Programs and Features in Vista), and...
Uninstall any of the following programs associated with Viewpoint:
* Viewpoint Manager
* Viewpoint Media Player
* Viewpoint Toolbar
This program does not do anything bad such as deliver ads or spy on you, but it is considered foistware ("drive-by-install") as it is installed without your consent through programs like AOL, AIM, Compuserve, etc.

====================================================================

1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box
  • Click OK
Windows Vista/7 users: click Start, in "Start search" type notepad and press Enter.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code: 
File::
c:\users\Femi\AppData\Local\Vsilupiseriyo.bin
c:\users\Femi\AppData\Local\iyalabefoguf.dll

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=-


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
combofix again

ComboFix 11-05-16.02 - Femi 05/16/2011 20:42:36.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3933.2047 [GMT -7:00]
Running from: c:\users\Femi\Desktop\ComboFix.exe
Command switches used :: c:\users\Femi\Desktop\CFScript.txt
AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Femi\AppData\Local\iyalabefoguf.dll"
"c:\users\Femi\AppData\Local\Vsilupiseriyo.bin"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Femi\AppData\Local\iyalabefoguf.dll
c:\users\Femi\AppData\Local\Vsilupiseriyo.bin
.
.
((((((((((((((((((((((((( Files Created from 2011-04-17 to 2011-05-17 )))))))))))))))))))))))))))))))
.
.
2011-05-17 03:47 . 2011-05-17 03:47 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2011-05-17 03:47 . 2011-05-17 03:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 03:47 . 2011-05-17 03:47 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-05-17 02:27 . 2011-05-17 02:27 -------- d-----w- c:\program files (x86)\7-Zip
2011-05-15 09:45 . 2011-04-18 16:15 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABBA7758-E8B7-4971-9BB5-BC4049E3A80A}\mpengine.dll
2011-05-13 04:17 . 2011-05-13 04:17 -------- d-----w- c:\users\Femi\AppData\Roaming\Malwarebytes
2011-05-13 04:17 . 2010-12-21 01:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-13 04:17 . 2011-05-13 04:17 -------- d-----w- c:\programdata\Malwarebytes
2011-05-13 04:17 . 2010-12-21 01:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-13 04:17 . 2011-05-13 04:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-12 15:26 . 2011-04-14 16:26 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-05-11 18:27 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 18:26 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 18:26 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 18:25 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 18:25 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 18:24 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 18:24 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 18:24 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 18:24 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 18:24 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-10 23:50 . 2011-05-10 23:50 -------- d-----w- c:\programdata\Research In Motion
2011-04-29 10:45 . 2011-04-29 10:45 -------- d-----w- c:\program files\iPod
2011-04-29 10:45 . 2011-04-29 10:46 -------- d-----w- c:\program files\iTunes
2011-04-29 10:45 . 2011-04-29 10:46 -------- d-----w- c:\program files (x86)\iTunes
2011-04-29 10:42 . 2011-04-29 10:42 -------- d-----w- c:\program files\Bonjour
2011-04-29 10:42 . 2011-04-29 10:42 -------- d-----w- c:\program files (x86)\Bonjour
2011-04-28 01:13 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer.exe
2011-04-28 01:13 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-28 01:13 . 2011-03-12 11:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-28 01:13 . 2011-03-12 12:03 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-19 02:03 . 2009-11-08 09:41 708168 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2011-04-19 02:03 . 2009-11-08 09:41 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-04-19 02:03 . 2011-04-21 10:05 -------- d-----w- c:\program files (x86)\PdaNet for Android
2011-04-19 02:03 . 2010-09-03 00:49 15360 ----a-w- c:\windows\system32\drivers\pneteth.sys
2011-04-19 01:57 . 2011-04-19 02:39 -------- d-----w- C:\superboot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-06 23:26 . 2011-04-06 23:26 96544 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 23:26 . 2011-04-06 23:26 119584 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 23:20 . 2011-04-06 23:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-04-06 23:20 . 2011-04-06 23:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-03-11 06:19 . 2011-04-13 02:53 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:19 . 2011-04-13 02:53 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:40 . 2011-04-13 02:53 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:40 . 2011-04-13 02:53 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-09 15:47 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-08 06:14 . 2011-04-13 02:51 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:38 . 2011-04-13 02:51 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:17 . 2011-04-28 01:13 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-04-28 01:13 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17 . 2011-04-13 02:51 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:14 . 2011-04-13 02:51 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:27 . 2011-04-13 02:51 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58 . 2011-04-13 02:53 3133440 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:30 . 2011-04-13 02:53 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:32 . 2011-04-13 02:53 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-23 05:16 . 2011-04-13 02:53 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 05:16 . 2011-04-13 02:53 401920 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 05:15 . 2011-04-13 02:53 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 05:15 . 2011-04-13 02:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 05:15 . 2011-04-13 02:51 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 05:15 . 2011-04-13 02:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 05:15 . 2011-04-13 02:51 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 06:37 . 2011-03-09 10:03 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 10:03 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 10:03 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:36 . 2011-04-13 02:53 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 05:32 . 2011-03-09 10:03 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 10:03 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-19 05:32 . 2011-04-13 02:53 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-19 04:13 . 2011-04-13 02:53 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 03:37 . 2011-04-13 02:53 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-02-19 00:36 . 2011-02-19 00:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-19 00:36 . 2011-02-19 00:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-17 01:23 . 2011-02-17 01:23 74240 ----a-w- c:\windows\system32\drivers\RimUsb_AMD64.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 163328]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-05-19 432640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-12-03 115560]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-03 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2006-11-07 34352]
"PCMAgent"="c:\program files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" [2009-04-11 143360]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"CLMLServer"="c:\program files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [2009-04-11 200704]
"Camera Assistant Software"="c:\program files (x86)\Camera Assistant Software for Toshiba\traybar.exe" [2009-04-11 417792]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-01-31 38840]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-06-19 640440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate1ca0e6acd6067d0;Google Update Service (gupdate1ca0e6acd6067d0);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-07-27 133104]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-01-26 1038088]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-07-27 133104]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 KR10I64;KR10I64;c:\windows\system32\drivers\kr10i64.sys [x]
R4 KR10N64;KR10N64;c:\windows\system32\drivers\kr10n64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-09 136824]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-08-25 89600]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-07-27 03:31]
.
2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-07-27 03:31]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3042896104-2401317275-119532014-1000Core.job
- c:\users\Femi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28 12:00]
.
2011-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3042896104-2401317275-119532014-1000UA.job
- c:\users\Femi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28 12:00]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-12-15 237056]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-24 8081952]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592]
"LXCGCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXCGtime.dll" [2007-02-22 28672]
"lxcgmon.exe"="c:\program files (x86)\Lexmark 2300 Series\lxcgmon.exe" [2007-04-30 205744]
"EzPrint"="c:\program files (x86)\Lexmark 2300 Series\ezprint.exe" [2007-04-30 103344]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.nfl.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - hxxp://www.cooliris.com/shared/plinstll.cab
FF - ProfilePath - c:\users\Femi\AppData\Roaming\Mozilla\Firefox\Profiles\25u6p1tl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nfl.com/
FF - prefs.js: keyword.URL - hxxp://urlseek40.vmn.net/search.php?lg=en&type=dns&tbn=oovoo2_0dn&q=
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:9d,05,b9,60,1a,14,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,db,aa,61,01,6e,cf,4c,ab,81,27,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,db,aa,61,01,6e,cf,4c,ab,81,27,\
.
[HKEY_USERS\S-1-5-21-3042896104-2401317275-119532014-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3042896104-2401317275-119532014-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3042896104-2401317275-119532014-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:78,7e,bd,4b,d4,8d,2a,3b,e9,e9,44,ab,cb,8d,23,c0,6e,b3,15,35,49,fb,ac,
aa,3b,2f,7e,9b,b6,fd,b8,d5,67,9b,36,f6,8d,4e,7a,14,68,30,c8,45,89,2f,30,22,\
"??"=hex:81,07,ea,d1,9b,2d,4f,51,43,f6,f4,a7,bc,67,57,a3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
 
combofix again cont.

.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Common Client\ccService\Channels]
@Denied: (C D) (Everyone)
"{0E37BD6E-EA54-4EE8-8F5F-BCE28BF9A867}"="{005DC0D6-81B7-4D48-A6B0-0AE6456505A6}"
"{30262754-0B79-45BD-9450-ACD8513B4927}"="{005DC0D6-81B7-4D48-A6B0-0AE6456505A6}"
"{3DB93A2B-50A8-4C26-9568-7F0264901AE5}"="{005DC0D6-81B7-4D48-A6B0-0AE6456505A6}"
"{DE0AEFB9-1820-4DB1-9702-425D4BC4CF2D}"="{37C4EF1C-0B77-4641-BEA6-3FA88D87E4E3}"
"{4E8C1BCB-7AE4-4AC5-BFD5-55BD6273C45D}"="{C4692B12-B263-4CE5-899E-C40D28DD2395}"
"{54AE348C-476A-4BFB-9D8B-72F94B2C1A0F}"="{64F1CC74-90CE-42F9-9D8A-98D39640D060}"
"{61912ACB-68E3-47A2-8C75-6CBA26252738}"="{64F1CC74-90CE-42F9-9D8A-98D39640D060}"
"{DDCD2DAB-1461-4896-B73D-41D7B618C07A}"="{242869A7-9454-4C2A-AD07-2D5FBC099B5B}"
"{13A9C41A-7548-4272-804D-B06B760A2E82}"="{F4B0602D-89FC-4DC6-AFD8-18A2BC09556F}"
"{2AB9485B-718A-4C54-AB2B-E8E8A0E068A1}"="{07F6E904-20C9-4DE7-BBA6-CC27960136D2}"
"{6CF2B975-A780-4719-90E0-8901CE19F261}"="{73B82685-4BAE-4C1F-984E-C01D5BEBED8F}"
"{1FBCE52B-E9E3-4400-9096-2E93A7F1F1E0}"="{A019B004-93CD-4D0C-ABA8-CDEBA2ED7419}"
"{0EC51F64-1D8E-48ED-8B50-3ADDA0847DA5}"="{34881677-8407-4C66-A3E1-245F1DFE2A6D}"
"{0C540367-9A77-4DF8-ADE1-10DA585ADCA5}"="{7FB31398-1DA6-4926-AB59-47FCD5A3B8F0}"
"{88B3397B-6DAE-4764-B9DE-CB47F1AEA4DA}"="{5E098FE4-5384-48EF-B9F1-7EEA57B6002D}"
"{68155822-B5B5-43DE-B826-DEF15D07B3EE}"="{C0787688-D71D-4C26-8456-AD679D21E995}"
"{F169FC67-7DC0-4BF3-A3EA-3DB16D6E24E5}"="{C0787688-D71D-4C26-8456-AD679D21E995}"
"{52D02FA9-C835-414E-89D5-FF7CBFCBF643}"="{C0787688-D71D-4C26-8456-AD679D21E995}"
"{1CCE122A-AA83-4F93-8C28-820853D3D40F}"="{90DF15BC-EEA0-46CA-A334-90EACE84F35F}"
"{01517E35-45C8-4D90-B026-978F152C63E7}"="{14480E76-6AB5-4F2F-AE52-C5ED8B25B47A}"
"{A832D9AB-25C2-4C56-8ECF-FC1952092BB6}"="{CA88AE62-8A6E-4A6B-8C33-0BFFB6F3E54E}"
"{A83EBEF9-9149-4C6A-B906-9C817F4BBBC5}"="{740C0474-37D2-45A1-BB1F-1A7162DD6A6A}"
"{647A2154-1B4E-4437-88E0-8BC8486E4931}"="{950D8888-FAA2-469D-A3D8-390E46F776ED}"
"{E9F98231-08CD-400D-96B9-B7FEA66E170D}"="{47560D74-38B0-4810-8229-2F1E7F60618E}"
"{064E36D7-5B27-4630-B778-D2474FFB3E58}"="{44310B0E-CB1B-4C8F-B85C-8BEED267EF8E}"
"{7464BAEC-91CB-4EA7-8391-344455B0A832}"="{BBB096A2-F33A-4DA1-837F-3012B8918593}"
"{2FF8C4D7-7F3C-4FCE-BDB6-60117AD33806}"="{1D8E4720-C28B-4EC3-9C62-28FCF0E91C3F}"
"{8C98E782-493B-4626-9453-F3B8B8129A43}"="{154354D1-F82E-4DC8-B62F-C8A3D9CA5078}"
"{065A2508-1028-452C-AC91-BC40E7E2F7FC}"="{9EF5699B-7B28-49B9-94A3-3647626630F5}"
"{72581FB7-AE8C-4DAC-A7DD-1934951C2E31}"="{C6270277-0323-4FDE-9EC8-7F60AA91921D}"
"{F3851220-A26D-45E3-9B35-29FF0798A572}"="{343FFCCE-62BB-4991-B80C-AC14D113935E}"
"{D1BD7F4C-F057-4955-99A6-C94BB8656F48}"="{9AFBF9E6-18F8-4AC3-AE97-1624D5ACC0E4}"
"{633D6DB0-83A2-4A88-82E0-187D53D5CBF1}"="{750CA668-7330-4559-8B3F-704E5BC46C9E}"
"{23C32548-2959-41FE-8BFA-E3B91C127682}"="{717AD521-83EB-40D0-A0B3-9719E1820BCA}"
"{28CA6DAC-7E78-412C-A209-43E9DA18EAC3}"="{649C2BC6-94A6-4C4E-BC41-A80290D5FA90}"
"{B185EE29-06BC-4FBB-B9DA-1ECE135EA978}"="{6F02CE39-93AB-4AFA-AAB1-016E18E2423B}"
"{CEB6F4C9-C6E0-4D59-B02A-DC28CB6D9D8E}"="{E3DD16E8-5C91-446F-947C-388C020D4FB1}"
"{92A24F55-1A50-4AA8-836D-F25D59767D13}"="{E3DD16E8-5C91-446F-947C-388C020D4FB1}"
"{E7FF4972-0650-43B4-81BC-38D4E58E4E32}"="{E3DD16E8-5C91-446F-947C-388C020D4FB1}"
"{B1B7FB5F-A2CE-43E8-BEAF-337346BE4B3E}"="{A177A956-5C43-47DE-8169-C4806F0A7099}"
"{6E3BDD1D-4D41-4D76-83DC-EF68727556EB}"="{16A7DC81-04F4-40E6-B5C2-F271518B0D8F}"
"{39772760-67CD-43F4-AC0B-401D3D1AE6C3}"="{BE2228F0-E14E-4600-B259-C29F4D407E73}"
"{EDD45594-BDCE-4808-9AA9-E9F3414F9B64}"="{4CD8081C-FE0E-4F0D-9C3C-652558DB2B70}"
"{CB36750C-EED7-49E3-A44C-95444881629A}"="{D3CF2887-4CB1-4BE8-98B8-0E11C60D42AC}"
"{2E303CF5-64B4-4D20-8141-972672643108}"="{8A14E30E-8D95-477C-A4E7-4F8458E31973}"
"{D60984CA-FC29-47EA-8C9A-71A8B6094C86}"="{698996C8-F057-440A-945B-AE74CB6345BB}"
"{5146CBB7-0010-4C6B-9D2A-6F6DE0C86A60}"="{F429CE8D-F46B-4D0E-9728-8B1E328941C5}"
"{16790119-47B8-4D83-9D73-B05ACAB8D899}"="{EF161BC9-AB14-4945-B721-7B21C3A6ED74}"
"{8ADE2E4D-6B2B-4E4C-B8AD-068ADB48E224}"="{EF161BC9-AB14-4945-B721-7B21C3A6ED74}"
"{8859462C-2FBE-4186-BB53-F3450D3E1042}"="{EF161BC9-AB14-4945-B721-7B21C3A6ED74}"
"{5D373F65-05CE-4617-8326-E5B29E50A1D3}"="{ADA352F3-891A-429C-A1E9-6B1893A0995E}"
"{B1658452-0C20-4991-91E7-27BE068EFD7D}"="{E11EED57-20A2-4D49-9717-D10C17ED2314}"
"{1BBD1EEA-137F-4481-8D27-9CEE8EEE607B}"="{E11EED57-20A2-4D49-9717-D10C17ED2314}"
"{DD20F2ED-5BD2-4CBB-A7F7-C4D521CBDC18}"="{E11EED57-20A2-4D49-9717-D10C17ED2314}"
"{F45C8F84-AF5E-45B6-841E-902A4A364C08}"="{96809BD1-1607-4FF1-955D-673582B19BFC}"
"{912F5AA2-091B-422D-A972-F89F8B4EA6A0}"="{8189AB98-382F-4F9C-A1C4-5BC74F29E23A}"
"{9F1B9E5E-9DBF-47AE-9163-BE62400298D8}"="{F2FBF9B6-572C-4B22-9552-00FA81FF9D64}"
"{B5535647-62D9-4721-8D47-91613C1BC38B}"="{F2FBF9B6-572C-4B22-9552-00FA81FF9D64}"
"{C2929B69-274F-4E1D-A062-99E8BB056B45}"="{7871EC43-4415-435E-A75C-B22290FBD787}"
"{176F3337-C333-4611-B02E-34E591DA2209}"="{F2FBF9B6-572C-4B22-9552-00FA81FF9D64}"
"{8E883711-4557-4F59-B057-777A3E11B8C8}"="{E36A814C-E670-4B71-BEEF-70E696A1F93A}"
"{27C0BC5F-3243-4036-BE44-B8818AFB56F9}"="{C34EFF02-1CD6-41B8-82EE-D2F6C6A0A7C3}"
"{0A76E64F-EF62-403D-BFBA-29EFD00C098D}"="{98873009-6C9A-4D78-98C4-B03DF95505F8}"
"{8BE53E71-9F6A-43DA-8FDB-E6674ACF0B8C}"="{98873009-6C9A-4D78-98C4-B03DF95505F8}"
"{7D543457-4D3D-4CDC-B2F4-D874C665AF7E}"="{98873009-6C9A-4D78-98C4-B03DF95505F8}"
"{7BBF763C-2EDA-449C-8F89-5340B3E7CCC8}"="{A6C41ECB-F472-40BA-8AE7-685C87D1898E}"
"{24347213-6E6B-4EDA-9948-FF6AA737D44E}"="{CDBE6199-06AB-48C9-89BA-3D75DF83BA71}"
"{1E02BF89-91C6-40BD-8819-AB53C6FBDDEF}"="{91E8AE52-6D5B-450F-BADC-76BB9ABE2127}"
"{B2DE19B5-B722-41EF-AD80-5D78A52462C9}"="{91E8AE52-6D5B-450F-BADC-76BB9ABE2127}"
"{D4D98381-391A-4810-B2DD-048B30E582E1}"="{91E8AE52-6D5B-450F-BADC-76BB9ABE2127}"
"{564E5615-996A-47A9-A431-D7E273B35B0B}"="{B4D1F0AB-7366-4660-8A71-38F2468A9B51}"
"{3BEF3B3C-AAD9-4315-AB5D-6E5AE67D4F7C}"="{CF8F1FB1-4A5B-43C0-9DF6-DD6E381C992E}"
"{BD71B104-0ABB-4F06-8963-08208591FDD4}"="{1AB58CC6-3A7D-49D9-A072-6DA4052261DE}"
"{B5F73455-F72A-4E1A-A770-5A42DB2CBE03}"="{99EE2B92-B9E0-462F-B108-9FC922A20BF5}"
"{7E1DEBE6-386D-4E9F-BCC3-2B5058A0CEB0}"="{99EE2B92-B9E0-462F-B108-9FC922A20BF5}"
"{65161BF0-3D08-4352-ABAA-52C6D6B41FA1}"="{82723E45-7492-433D-885E-9B7EDCA24F0D}"
"{EA2D3278-B195-4336-8FA1-75E382A54C22}"="{99EE2B92-B9E0-462F-B108-9FC922A20BF5}"
"{64ECE86E-6361-4218-8860-A1CDC7B1E8A4}"="{FBB712BA-6C88-4E97-BC76-DD90326A9E41}"
"{19B2C387-511E-4FE8-8E47-FA54E16CFDAB}"="{0DE4A1DD-F398-4B7F-A7A6-EA69A7BB2B41}"
"{2CF072D1-E579-4EB7-BB1C-A78E4BE82BF6}"="{0DE4A1DD-F398-4B7F-A7A6-EA69A7BB2B41}"
"{1C64722E-4086-4220-939C-27C2DD8669C5}"="{34D5F6F7-5A44-4C96-9814-8F1582DA2B95}"
"{5A5E20A5-3531-49E7-9BC6-4826F11AF139}"="{0DE4A1DD-F398-4B7F-A7A6-EA69A7BB2B41}"
"{6252046C-ADF8-4565-9CB4-A15E7A03087B}"="{E76EE05F-9F54-405F-ABA2-DAB137496C30}"
"{CAFD779D-1124-43BA-87C2-29585C4D1AA9}"="{E76EE05F-9F54-405F-ABA2-DAB137496C30}"
"{97BD0864-11BA-40C8-80A1-CD123BD197DF}"="{00A7D917-28EB-4126-BE05-884918527A4A}"
"{65862E89-2D55-4567-8FF0-4A06F947BCCB}"="{E76EE05F-9F54-405F-ABA2-DAB137496C30}"
"{0BED1FFC-177D-4EBB-A732-E1BC9C441379}"="{17211B53-839B-41E5-BB25-230C1AD90533}"
"{2EE57D18-F837-40EE-919B-406612D34432}"="{1F602863-199F-42E4-AE19-E87CDAE67A2B}"
"{31BD2B7B-0A51-4890-825F-1F4D65D8090A}"="{2EADD2EB-91C0-4D59-BF20-A7526CD76FE8}"
"{BD55F5FF-BF86-4596-ABF4-54AB33D5BA31}"="{2EADD2EB-91C0-4D59-BF20-A7526CD76FE8}"
"{04A86643-52D9-46B1-BA4D-8FACA1BB2AF5}"="{2EADD2EB-91C0-4D59-BF20-A7526CD76FE8}"
"{4D63605C-E812-4B4A-B845-59FEC4B64B57}"="{687964F0-3EC1-4BD8-993D-A1F298ACB0A7}"
"{23A7FFBE-2AE5-49A6-9A9B-2B3D2708AC01}"="{0039359A-A713-4376-A5AD-451B90F799BC}"
"{EE67D386-F39B-4AC4-94A4-C6FECB8B09A1}"="{0039359A-A713-4376-A5AD-451B90F799BC}"
"{65C263C7-F9ED-4980-94FF-76C7301B3E95}"="{0039359A-A713-4376-A5AD-451B90F799BC}"
"{5BF53824-A032-46D8-B6F2-F64481A59415}"="{AB458B27-3831-4B8B-8244-402F63D03995}"
"{15131067-532F-4065-A9F6-67D03D0809F1}"="{147315CA-496D-4CEA-BE0D-163FB7635323}"
"{88C20679-A582-4AA5-BD95-A62161D04C95}"="{67AC7A09-C541-4BFD-A6F1-9A3AFFFDC564}"
"{5A3648C9-0BE3-4625-B4B4-83542A7B17B6}"="{67AC7A09-C541-4BFD-A6F1-9A3AFFFDC564}"
"{67CBFAE4-8316-4D31-9F87-401385250610}"="{2709C8E1-8002-4C35-B6AF-EE1C4B608BDB}"
"{91B993CF-8BE1-46EB-82A9-FB107E9CA2D9}"="{67AC7A09-C541-4BFD-A6F1-9A3AFFFDC564}"
"{CE34235E-F1FD-43D3-904B-CA3ED7ECA91E}"="{2E885055-9773-4F4C-8416-0B88F9C454E5}"
"{54B4F8D2-4D0F-459F-8F86-0941022F7060}"="{91ED3C07-8F78-4C06-BF6B-59C80D8D4831}"
"{D0959D10-F03E-4734-AD61-277C44565C6B}"="{91ED3C07-8F78-4C06-BF6B-59C80D8D4831}"
"{A7EF929B-43E9-4D63-9EEF-7720881993DC}"="{35290637-E89F-4406-A4D0-6754AD232FED}"
"{6057E5FD-D757-4B3C-982C-E51CD4DD656E}"="{91ED3C07-8F78-4C06-BF6B-59C80D8D4831}"
"{C360C6B1-46D9-491C-A2C3-A18E1A44698E}"="{83BAAE7C-03C4-4F05-A7E4-D7BA9DA38BFA}"
"{9404DFFA-0745-4BDA-8AA0-65118922FD70}"="{17D33373-3BE1-42F1-826C-31BA758F494C}"
"{AC804472-15ED-4808-998E-BAAD2327EA45}"="{17D33373-3BE1-42F1-826C-31BA758F494C}"
"{F0183F48-3D16-4A2B-82C3-74E3B2A3D2F7}"="{ED525E0A-88BB-4159-B340-5BEB582732DF}"
"{96EC65D6-D0FF-4DB2-A7CC-1BF3F3A8EDC2}"="{17D33373-3BE1-42F1-826C-31BA758F494C}"
"{07895220-E3E5-40CF-A41A-47333B867A9F}"="{20641B40-1F04-4B43-8C8F-9A1A5FF41481}"
"{77C9E9A8-6483-405D-9BB9-574D46709AC3}"="{6F992272-6825-4F5B-AB8D-844086BE341E}"
"{D4707617-CC1B-4DFE-972E-E430D638B256}"="{EFE9882D-F1C3-419D-8471-60840A57FDF7}"
"{B8E7E447-1B08-437B-81DE-A691AB009369}"="{EFE9882D-F1C3-419D-8471-60840A57FDF7}"
"{219CAE48-1171-4DB8-BC23-E10BA779D523}"="{EFE9882D-F1C3-419D-8471-60840A57FDF7}"
"{0A302F41-D208-4184-9855-BFC825C19CC6}"="{5092CE48-6950-406D-8E9C-06066119E22E}"
"{438C2BD9-CE95-4920-863E-1AA30C98DDF4}"="{150F1784-0EBC-4568-B755-D92098B5177D}"
"{C91D3CD4-3170-42E5-952D-1A1E918E4A0F}"="{8C4FAC60-EC9B-464A-8E9B-EC591277EC44}"
"{32E4370D-1AE4-412C-AB68-AF71DC19270F}"="{A592B956-B1AD-4BCC-B896-8C427F27767A}"
"{04EB1D93-A13E-4AD2-AA0D-B323C09EA4D4}"="{A592B956-B1AD-4BCC-B896-8C427F27767A}"
"{CB9D704E-407F-4738-800D-FB3FA358AB74}"="{A592B956-B1AD-4BCC-B896-8C427F27767A}"
"{9288890D-64B3-4A23-9CC4-9F7B1A4D633C}"="{577526F1-CA91-4BB8-95FC-652846E0B7DA}"
"{FC09DD44-50BA-42FD-BE71-6682F0139E05}"="{93F2B5C5-EB8D-491D-90BE-7CA999698216}"
"{8F887EFA-2BBA-4054-8FCE-FE8455BB642A}"="{9B43C7D0-B82D-4ED6-8E78-0ACA042D3328}"
"{42DF8D75-8B66-4AD7-8C60-F0ACB1E8008D}"="{CE44A9BD-CD22-4772-BC94-8A624DE12D1A}"
"{52DB5C8D-B62A-4FF2-88EB-9129F92A9EF2}"="{CE44A9BD-CD22-4772-BC94-8A624DE12D1A}"
"{CD31EB2D-01F1-4ACC-BD8A-AF7751060BD7}"="{CE44A9BD-CD22-4772-BC94-8A624DE12D1A}"
"{B1802C90-5793-4ECB-ADDE-3A9D679F7F2F}"="{235DC956-32BC-4F1D-A060-6590F8FBD253}"
"{0EDE518F-7FCA-4DD8-B6D9-0B9C671E7E01}"="{02AEC1EF-B66A-418E-A95B-22FF01B123B0}"
"{2B9446EF-CE4F-4166-9DCD-C02AA38F7406}"="{02AEC1EF-B66A-418E-A95B-22FF01B123B0}"
"{783FFF1E-3A20-41D3-B50D-8573D2CF6CA4}"="{B7290867-2CEC-444C-B96A-0594E111FC4A}"
"{0E116D5D-B557-4977-A66A-0646563D67FA}"="{02AEC1EF-B66A-418E-A95B-22FF01B123B0}"
"{36050894-3A55-45BC-AD24-3F3717560BCC}"="{0CD85666-91AC-408B-8685-8A2F40D0BF65}"
"{636E660E-324D-4E8C-B4F0-1C35615592B8}"="{9C33C82B-54B3-4EAB-A088-E4490C4BCE50}"
"{9970EF82-020F-4973-8CE2-BB6FA7BB67D7}"="{9C33C82B-54B3-4EAB-A088-E4490C4BCE50}"
"{C8BEEE37-70C2-425C-AD6F-87B65ED3F76A}"="{0224FBB0-E768-4B66-9705-D70980BAA53A}"
"{71DF9D4F-07D1-4BF6-95C3-738978E2D49F}"="{9C33C82B-54B3-4EAB-A088-E4490C4BCE50}"
"{4918FCE2-1B81-4EF7-A241-D638A65EFC19}"="{6996B5BB-D014-4940-AD49-E1299920342A}"
"{543F533D-C82B-4696-A14F-15A326F4426D}"="{7BC5E0BB-2E7D-4520-8318-A9B590947AE8}"
"{67252FB3-6B15-4FA2-8CDB-99FBC25FCDB8}"="{7BC5E0BB-2E7D-4520-8318-A9B590947AE8}"
"{2B3BED59-8BE4-46FA-8D97-98953DBF37E8}"="{7BC5E0BB-2E7D-4520-8318-A9B590947AE8}"
"{E6D558D9-9A25-4332-9C40-4E784634DC05}"="{D3BDD2B3-3B6D-4CD0-99D0-BD51CFED8451}"
"{1C12BA96-1596-4284-8D9A-1E010C6025E8}"="{12705F8C-324F-4EEC-B40F-A642E6FE5AF6}"
"{5FD9691F-6426-4382-B2CD-29D74D0F482C}"="{8545912D-7279-4B36-88E2-3F0A7A6C0450}"
"{4494C3F5-83CB-413C-87CB-CD5E65B3B55A}"="{8545912D-7279-4B36-88E2-3F0A7A6C0450}"
"{5EEA225A-E48F-4562-8F2B-88802358F8FE}"="{8545912D-7279-4B36-88E2-3F0A7A6C0450}"
"{705B91EF-FEA0-43CE-8DD6-E2C45ED2267E}"="{FD021C1F-E236-4053-A07C-1128CCE17B0D}"
"{7A24075E-9BE5-424E-8D0B-A39119698E32}"="{7ECE0AC8-96D4-4521-803E-3BF36698C452}"
"{36819C92-2151-47C6-9A22-2A9D11F32CBC}"="{7ECE0AC8-96D4-4521-803E-3BF36698C452}"
"{BAF29A60-36E0-4A21-A490-0A7DDB9A03A6}"="{681AC54C-ABE1-4530-94FC-F15D30B52F82}"
"{BAEE8C81-3A92-4178-9860-9298F2C8207F}"="{7ECE0AC8-96D4-4521-803E-3BF36698C452}"
"{7B164DD9-45FB-43B2-A026-D2741C4C3B2E}"="{45F64063-9738-4A05-8B5F-29D9B09B27F2}"
"{3F13C268-AC66-474C-A87F-CD50E2B6BF54}"="{45F64063-9738-4A05-8B5F-29D9B09B27F2}"
"{F386AAA7-4DD1-4104-AC3F-B5357243A19E}"="{B6D3B0F5-6EED-4DB2-92B3-01E751D70811}"
"{955EEB17-35E7-4C14-8286-D79ED36E9CCC}"="{45F64063-9738-4A05-8B5F-29D9B09B27F2}"
"{5BD2D5D7-0033-4BE6-A4FC-3A64A8E2A8D7}"="{4F424FDC-9AFB-475E-9E2E-7213D96DC7C1}"
"{DB9F6F98-14A8-465E-A224-8163449E271C}"="{4F424FDC-9AFB-475E-9E2E-7213D96DC7C1}"
"{1657585C-7352-4BE3-9752-37B01DAB5FE5}"="{4F424FDC-9AFB-475E-9E2E-7213D96DC7C1}"
"{9839C015-654C-4887-B02A-676D80065EF1}"="{83456500-E69A-43EF-A80F-F9859CF45DAD}"
"{730B4930-6EE1-4E27-995F-8DF006D6B97B}"="{6A592539-4361-4EC3-8989-BAC13786BFDD}"
"{F6BEDF63-719B-487E-8393-0C53645DFD55}"="{84C4C862-D2C4-4CF5-8FFF-AF07CBD3077E}"
"{AEDDBFD4-126C-4F6E-BA41-0F2032118A6E}"="{84C4C862-D2C4-4CF5-8FFF-AF07CBD3077E}"
"{8B1700B1-7B52-4BF7-89FF-515E7D254619}"="{BC3C3036-BA99-4A34-B987-A9F0E3ABF88A}"
"{3E446E5F-A204-4332-BC3C-F254222EFF86}"="{84C4C862-D2C4-4CF5-8FFF-AF07CBD3077E}"
"{2E06EAC0-6FD9-4647-9338-A129A47393C3}"="{D7627AC2-F7C9-4E2F-A57A-80C2F24EA56F}"
"{00C2FC1E-2AF9-4CCD-9FE7-D70F4F83CA7D}"="{E889617A-6CD8-4E64-84FD-3E2D05FE6ECB}"
"{AB70B1BC-C415-4BC9-88B3-08D7BD11991D}"="{57F2B53F-28A6-4032-B38F-9FF7AA0E5609}"
"{FFD80365-CBF4-4D00-9843-66948274CAB4}"="{57F2B53F-28A6-4032-B38F-9FF7AA0E5609}"
"{C42DB0EB-14A8-4CC1-BAF4-592714810AE7}"="{57F2B53F-28A6-4032-B38F-9FF7AA0E5609}"
"{90197A16-CD8B-40A7-BF0B-A6848A37B6C8}"="{609D6606-41B3-4374-8CBB-8AAA7E974804}"
"{FEF185B9-635F-4E5E-971F-4C4092C69D38}"="{91732AEB-D359-4D44-A73E-BC01B6276D17}"
"{C486E4A6-F31F-4491-B4CF-ABFF298BB83F}"="{FBDBAB54-4535-4A37-9FC2-AAC2D2E902D3}"
"{9F217EE1-A14D-4840-B66B-7F55D21856BB}"="{FBDBAB54-4535-4A37-9FC2-AAC2D2E902D3}"
"{5BDF815D-2CB9-4A84-AA99-D305FC8862BA}"="{FBDBAB54-4535-4A37-9FC2-AAC2D2E902D3}"
"{B8EAF8E5-B032-4256-B82B-57A11DC8C1DA}"="{1C557B29-84F6-4AA0-B59D-BE6DF1DFCFA1}"
"{B78735D8-FFCF-452F-B70F-3B6467E640C5}"="{9873DF44-B5A9-4F82-ACAD-DBE50138CD90}"
"{77B05FA4-DFF7-481C-917C-575EA031F678}"="{9DFC5E45-1D24-4BC0-AF5C-2558E3A973E8}"
"{43D773F0-371A-459F-8349-15313734A18D}"="{4C011F16-B489-4865-BBDB-286DF47B745F}"
"{C06E7BAA-40FB-4E7D-A9FB-93B10853224A}"="{9026E6AC-8933-451A-A2D2-7242986FC8D3}"
"{E8F18DED-0619-4F88-A30B-4C0D7F2E73D7}"="{9026E6AC-8933-451A-A2D2-7242986FC8D3}"
"{2FD1D1EB-B5A8-4707-BFCC-C5E08051A9FA}"="{9026E6AC-8933-451A-A2D2-7242986FC8D3}"
"{9BDDE402-C443-4414-85BD-FC3DD08454AF}"="{E813B6CB-F75D-45BE-B14E-84058FBD1520}"
"{59CE1EBF-DD9C-4612-8AAB-B41144B7EFB8}"="{E813B6CB-F75D-45BE-B14E-84058FBD1520}"
"{EF69635C-D195-4267-A957-97A08E343BAD}"="{E813B6CB-F75D-45BE-B14E-84058FBD1520}"
"{E0DDE443-F292-4FE9-82A9-42DDF06C78EB}"="{1767B2F8-72E1-4004-9B36-42FB7DAE45D5}"
"{83424B45-F748-4F65-B6E9-9ED732C1FFE5}"="{6C591817-1EF2-436B-A116-82BFDF58F88F}"
"{83C71C08-CDCE-4E98-ADA6-6DF208E2CB06}"="{6C591817-1EF2-436B-A116-82BFDF58F88F}"
"{CFF93695-C755-41CA-9794-C9128EB00343}"="{6C591817-1EF2-436B-A116-82BFDF58F88F}"
"{EB51F794-7765-4C90-952D-7B95CA1070C2}"="{22ED4EC4-0867-4467-9979-B25EDBDB9D78}"
"{B995FA64-7B6D-4C46-B57C-129F53ED8CD3}"="{E44146A8-EF9C-40E8-BBEC-3087AAB0AEE1}"
"{7A10ECB2-1456-4C88-9E15-93BA1564FC2C}"="{766955ED-F058-436F-AC0A-D73884CD4358}"
"{50434ED6-2C53-4DE3-80E1-49CEE2C8FEDC}"="{F75E16D8-CE50-40AC-BF2E-440F9A2B2194}"
"{0914A2C0-0ABE-4785-BB95-1A2A43512DA3}"="{F75E16D8-CE50-40AC-BF2E-440F9A2B2194}"
"{9CADDDDF-20D4-446F-A19C-1FD849806B68}"="{F75E16D8-CE50-40AC-BF2E-440F9A2B2194}"
"{6CDCB215-FE77-47BF-A263-E91B31AC0DEE}"="{5849CCB4-2029-4C32-9252-08D44E50BCFC}"
"{855F18EE-929D-44B2-BBEC-473F07869CE6}"="{5BB1925F-1A0A-47F0-ABB6-429A7C1564FB}"
"{BA03CD96-3104-43AC-85D6-AFE1CC76148E}"="{95DF2D68-A79F-48FF-8412-1D565A94ADAA}"
"{45D569D5-7A10-4F31-BA31-E5F05EB4FC91}"="{95DF2D68-A79F-48FF-8412-1D565A94ADAA}"
"{1E10AE5B-0C84-4CEA-A8CC-FF897B6E2FA4}"="{95DF2D68-A79F-48FF-8412-1D565A94ADAA}"
"{9AC1D8D8-31CF-493F-AE44-1772985B45A7}"="{7D7E67AB-7469-43FA-AED4-60B29C0F6758}"
"{75F53219-F316-42AB-9A93-C02F88D5FC8C}"="{24C9FFD4-A717-4563-B1B8-015CE325BDF3}"
"{2E122443-0DD7-4ED5-A861-18CAFDBD927E}"="{00BBED4E-A1E6-4C22-9896-8C69E7E480C3}"
"{CC4F3F43-0273-4236-8E95-59EFEBB30462}"="{49699B73-6F9E-4F46-8905-883F7B66B7DF}"
"{F2D13B1C-60C2-40D8-AAD8-89A8ADDCF064}"="{476D059E-A2FC-41F4-9156-677A375C9408}"
"{23FB798E-08BB-498B-A1E9-8F222DC63983}"="{476D059E-A2FC-41F4-9156-677A375C9408}"
"{AD91A0F0-2B4C-4CDB-B3EF-F9D208BC9867}"="{9BEFDFB8-0415-4F42-89CD-877DE46E5568}"
"{F467CBEA-44DF-40A8-84AC-B3662B84BE4A}"="{476D059E-A2FC-41F4-9156-677A375C9408}"
"{EEBD02C7-DB4D-4BBC-8918-4692A58AB3FB}"="{F3A4EEDD-CD23-4A24-9A74-D8757949F5AF}"
"{D06A918E-79B5-4BAA-8C37-ECD68FEA4810}"="{5E034CB6-4958-4BE9-B446-48EF395262B6}"
"{3FA15FE8-BA17-4C0A-9D94-01BCA2B5DEC6}"="{5E034CB6-4958-4BE9-B446-48EF395262B6}"
"{5B0FF268-66BE-4F28-9B7E-A49CBB24F700}"="{5E034CB6-4958-4BE9-B446-48EF395262B6}"
"{7CFA626A-9B5B-47CB-BE65-90B5FCE3E849}"="{6A22A6BD-8D82-467B-87C3-4B076E929F71}"
"{C4E2A297-4A6B-4DB3-8533-B1172FBA4952}"="{147CE042-0CD9-406A-A702-232285316558}"
"{D0E12BC9-A3EB-460A-A3AA-56BE575EB05B}"="{D58B843C-C6EA-4042-A4A6-062A1ECE69E4}"
"{1163D095-D7DF-4CF6-B0DB-1FCB0A5D5756}"="{16B6AB42-A438-45D3-AA66-B32E3D16AF3F}"
"{859C247D-D1EE-4E09-9692-0EE166CB3E09}"="{16B6AB42-A438-45D3-AA66-B32E3D16AF3F}"
"{6CA69184-08E7-47D2-8C94-19F303BEAD35}"="{16B6AB42-A438-45D3-AA66-B32E3D16AF3F}"
"{49191CB1-1815-41DB-911D-37BF97964542}"="{FF2905E2-A4C2-4FF5-A2E1-93C9A37A0730}"
"{FC028E1B-C9E6-46BC-BF8F-974361009227}"="{5AFE0C87-88A2-43BC-9C44-D066A108209F}"
"{CE33C849-8DA3-4E3E-A1B9-AD8F0F7B4288}"="{46B64A72-4F9A-461D-98F6-1DD4A6461AB7}"
"{B89CBE54-205D-4527-B538-8B48163983D4}"="{C0880876-CD78-4429-91C2-438BA7C8647A}"
"{7D303819-E16F-4D2A-BEF3-AA8E7D353B23}"="{180113F8-C7E3-4147-B380-C61772EE30B0}"
"{3DA65099-C401-4A7D-8470-DE1416106DDA}"="{ED5AF431-B33F-4234-AE3E-48349F4AA1DD}"
"{1DA6E307-50CD-4CA6-803B-B0495DD6651F}"="{ED5AF431-B33F-4234-AE3E-48349F4AA1DD}"
"{AB39881E-2792-4CE5-A071-0D6298FD63BF}"="{B4529803-353C-4EBD-8A8C-68A857389531}"
"{34EC91E7-AAF8-49DD-911D-F31054A13439}"="{ED5AF431-B33F-4234-AE3E-48349F4AA1DD}"
"{C834C831-5D23-4863-897B-6C1AA2EF2CBE}"="{C73E27BD-D2C9-44FB-B224-B96C2F4AA706}"
"{F91CFEB8-601B-475F-A1C9-60880AB901B5}"="{116157E6-26C2-422B-BA9C-2FC12C53A78C}"
"{619030B9-CC42-4470-B8BB-4B534417DEB9}"="{63ABA866-C82A-44B3-BA29-13D349362D97}"
"{DE1EDEFD-9823-44FE-997C-C190A2752F20}"="{63ABA866-C82A-44B3-BA29-13D349362D97}"
"{FACF9554-39C8-4FA6-A2E9-B031A8EC75D1}"="{9BDB0EE8-694D-4265-8F94-295BDFF7770A}"
"{5B0F85A0-8475-4D38-B968-6A04C33FF41E}"="{63ABA866-C82A-44B3-BA29-13D349362D97}"
"{1FA5EF95-672B-4D0C-87F6-D3C0AFA0F171}"="{C872E73A-114F-4817-9345-F07AABD1514C}"
"{403BBBE2-C7AA-4BE0-A509-F8CE0095FEC8}"="{F92F4918-F335-4546-AF5F-49C4B900C5CA}"
"{9F1BA168-9CBF-480E-8F98-3B2CE5350B9A}"="{51CA5580-E0A3-4A10-A169-BD514461A160}"
"{C9B42C3B-BB97-4B50-961C-0341FC5C1635}"="{51CA5580-E0A3-4A10-A169-BD514461A160}"
"{051B1B0D-B71A-4D57-A402-8975E5909310}"="{EE7F58BC-7A00-4F61-9924-85C4AFE378E0}"
"{C1BF2E99-DE99-4ABB-97B2-314041918BDB}"="{F42E3DDD-0140-45B4-B791-723AD792A20C}"
"{C2389733-4C05-416A-ABB5-FC2E72AF5834}"="{89B4EBF6-FC8B-457C-94C4-C3C98D8AE8F2}"
"{5D9E27E1-C22A-4689-AAEF-FFBFD71D4F85}"="{89B4EBF6-FC8B-457C-94C4-C3C98D8AE8F2}"
"{8196E3EF-1CDC-4D45-B7FA-53305604B841}"="{89B4EBF6-FC8B-457C-94C4-C3C98D8AE8F2}"
"{1409F548-4D56-4A67-9047-ACED20F58A9B}"="{2368A4B4-8A9D-49C1-B8CD-DBDA88CC8B61}"
"{DD75D685-BD01-4B6D-BA29-1B3A99EE9745}"="{7F6FFC27-BFC8-4128-8A43-D773EDCA07AD}"
"{F95EAF72-F581-4729-9576-51A6A2A024E0}"="{E3267339-3265-47AF-B4C3-3904DA9D0095}"
"{AA34CDFC-B86F-48D7-94AA-DF8EF23583E1}"="{E3267339-3265-47AF-B4C3-3904DA9D0095}"
"{0D0FD366-CCC2-4740-B646-14627B7344BE}"="{E3267339-3265-47AF-B4C3-3904DA9D0095}"
"{E8D5F4B5-15E7-4D7B-928C-CE96C0B39313}"="{E74EF5BA-F97F-4806-B2CE-59ED3AF37E63}"
"{6EDD0511-9FAB-4566-AE48-457B3649B71F}"="{4DEF7B9E-EE92-4F07-8B98-6A8A60CC8CB5}"
"{271D67C4-66A9-42C2-B014-8CDAC7C0E68D}"="{B8ED7981-57D8-4181-91DD-7A8413D67E34}"
"{0C88EB4D-6FE1-498B-B163-A179A055AA8E}"="{38BD63DF-F878-4BB4-9FD8-266F52E4F2DE}"
"{4CB009CD-2131-417E-A385-C0FDBB531501}"="{38BD63DF-F878-4BB4-9FD8-266F52E4F2DE}"
"{E45E9663-48B8-49DC-9DA8-4AD9C0AF7965}"="{38BD63DF-F878-4BB4-9FD8-266F52E4F2DE}"
"{16CEE666-8AE3-4EB1-BDDB-8AD8236A7A2E}"="{1F03C474-A279-48C0-90A7-785E55ACBD5F}"
"{96B8E4C8-38D2-431C-BFE9-2FBED8631F7C}"="{9552ED60-658F-4C00-BC08-9CDEA37DFFB4}"
"{42F076B6-DB11-48FD-9ECC-B29EE42C961B}"="{F9CFCA5E-FD00-40E7-9825-A675093493D2}"
"{2D337865-00C6-4871-8DF8-68CF03B85A20}"="{CB019CB4-8E82-4AD4-A419-4BDB7AE0DECF}"
"{AD99EB96-85E3-40EB-AEA7-A073BBAB4DC3}"="{CB019CB4-8E82-4AD4-A419-4BDB7AE0DECF}"
"{7BBD1D95-CD76-484D-A7C3-F037416CD687}"="{5561069E-24CB-437C-9B4B-E8FE3FC830DE}"
"{55B9CEF1-C5A5-4690-BDA4-81E028B7D992}"="{CB019CB4-8E82-4AD4-A419-4BDB7AE0DECF}"
"{3A0C86DF-F660-4477-8AD7-0CD500222321}"="{FAF600FD-0949-4753-BDFB-E6ACA3F37743}"
"{21C04F79-FEE1-4DF5-B8E4-A3DF2E5CF338}"="{707945E0-9133-4585-9837-46287AC4B572}"
"{5FF1F333-68B2-465C-9B10-A218943E2C05}"="{707945E0-9133-4585-9837-46287AC4B572}"
"{8461F7E5-47C4-42BC-8BB6-83BCB34BAFF0}"="{707945E0-9133-4585-9837-46287AC4B572}"
"{93CE42B0-6B4C-45F9-A8D4-C5BA913D2D8A}"="{E6979E11-07B6-47B7-BCE5-0743AE89F54C}"
"{3D02CCB7-FD18-4418-8897-B5DD3596ADC4}"="{460B92A4-3277-4EA0-A8C5-EF5E603D5BA4}"
"{CBC9B96B-D928-418A-AC1B-7C38CB021AAB}"="{A1B3065A-7124-41DA-A7D0-3930D285EB44}"
"{EE710F37-8631-4A42-A45B-2E6B7CB95053}"="{3A4CECA8-7C09-4CEC-93A7-BC13E3A79441}"
"{E9F89D1C-E1B7-42C5-8474-C7A58FE78444}"="{3A4CECA8-7C09-4CEC-93A7-BC13E3A79441}"
"{E069F014-B030-45C8-A8C2-3EEBF8F23212}"="{3A4CECA8-7C09-4CEC-93A7-BC13E3A79441}"
"{4A0CEE21-1F79-46C4-B8FE-38B9386C3177}"="{BB42D6DE-8649-4764-B811-4EE4A58F2DE1}"
"{EA4081D4-EB16-418E-AB8C-D5CD538383D4}"="{47A3B029-DC44-4B31-A832-8845E36A1C33}"
"{9C3913D9-3DD5-4C08-9B0F-293F7870C6C7}"="{D0E40F7E-EDB3-4E81-82FB-58B8331692D4}"
"{4827457F-912C-4247-B7D7-948BC3C7CF89}"="{D1D943FB-8E95-42FC-ABD8-3022A46E2AE3}"
"{AFB6D5CC-215A-4CB5-A6E5-858D2A666AA7}"="{B1293E2E-17B3-48B7-AB2C-74DEC67A7552}"
"{1D389E2E-FE3D-4097-BCA5-FD34BCC7BCB5}"="{9E53EC6E-5C00-4548-9854-CB4E49EAC305}"
"{C8630F92-6E08-4C29-8026-CD2D0F7A13E7}"="{9E53EC6E-5C00-4548-9854-CB4E49EAC305}"
"{F0DA639D-5FF9-4EDA-AF54-D2B8E67CAEF8}"="{9E53EC6E-5C00-4548-9854-CB4E49EAC305}"
"{08FD1346-996C-4AC1-8AC7-8475390CA5C5}"="{88813642-590D-44D3-A4E2-65049A3713BF}"
"{329BEC2D-EA80-430D-9C21-A799F6591A81}"="{2D223589-50A6-4259-8590-D9DBD8535C0B}"
"{FB2535ED-E9D1-4163-BDAA-6E017CC20EA8}"="{E19AF676-18B5-4D87-8818-0A367B0A83EA}"
"{F038264A-F010-4337-A1B8-8F34AD32984F}"="{E19AF676-18B5-4D87-8818-0A367B0A83EA}"
"{639F4507-3AF9-4316-8D4C-2942AB2EAF59}"="{E19AF676-18B5-4D87-8818-0A367B0A83EA}"
"{12F778D6-C114-446E-997C-ADEEF4A1B57F}"="{43FC04E2-542C-40ED-9AB8-AF2DEFF91E9E}"
"{7FDC1966-4697-4CBE-96CE-99CF8003A4DC}"="{819FE30C-B8EA-40E2-AB9F-D9731F8D34C0}"
"{EC577128-039D-443F-88BC-2A37D752D92D}"="{BE2C79A2-0EE3-4B3A-8828-50DFA4D35062}"
"{DE79FE4C-CE1E-4200-9BC4-03E5A495ECFC}"="{C6384373-781E-41E2-801A-FFD937ACADC8}"
"{E1EE483D-1ABC-4927-9717-5D8E0AA1B2F6}"="{D0E20EBE-8498-47BF-A57C-AD6B99D2F4D1}"
"{4DBEBEBC-799B-4EA7-A2AA-C8E7B5E6E8A9}"="{9A84028D-1652-4770-A8CF-8AC07A468F8D}"
"{0DB37596-060F-4BFE-8591-FADE29B3BCCC}"="{9A84028D-1652-4770-A8CF-8AC07A468F8D}"
"{1393BFD7-0B98-444E-8C03-A5699F7DF5E1}"="{8DB2AD5E-3251-42D5-BC7C-1914D016EC7C}"
"{B0C1AEF0-4EBA-4638-806E-D72C21815D62}"="{9A84028D-1652-4770-A8CF-8AC07A468F8D}"
"{49FE23C6-9DE0-4E64-8F88-A1071E379721}"="{AED3EA29-067C-494F-83E9-03E46E83F31E}"
"{1407B0EA-6505-44B7-9091-E2169FA52D08}"="{32AE1E90-64F3-4282-8415-1396C889682A}"
"{7D4064A5-EE17-4281-92D6-0469D0B30EA4}"="{32AE1E90-64F3-4282-8415-1396C889682A}"
"{8F9310D3-F74D-482D-BB6B-3FE95F7A6830}"="{32AE1E90-64F3-4282-8415-1396C889682A}"
"{B507E2B7-BA2C-46DA-8FF4-ABF938C8895C}"="{5E4122B2-32DD-4DB0-84C8-04AE39A19AFA}"
"{49681157-7DA5-4D42-96A6-A28B26ABAA99}"="{8366B13B-369E-419A-9CE2-F4A8B24C15CC}"
"{68E98670-4112-4991-8F7C-0910686F6F91}"="{76E05A87-F57F-4B74-B861-1801CE12083F}"
"{D37B258C-608D-417C-AAA2-F7B302833213}"="{106469E2-28BE-4360-A593-D32F9CFDC620}"
"{A8DC0213-4586-4B14-83FE-E7B672B5899A}"="{106469E2-28BE-4360-A593-D32F9CFDC620}"
"{C62D2148-DE1D-4C30-8C3D-D233D1C1B22D}"="{106469E2-28BE-4360-A593-D32F9CFDC620}"
"{33814654-0113-43A0-9897-CF7C185E25D0}"="{4EFDF1BD-9CDA-46D8-BA0E-3EDF2342212B}"
"{81BB20E6-FF01-47D1-A8AE-9FB82C2E1315}"="{A7445572-14F5-4DFA-BF06-E6C82043CF39}"
"{82AF0BCB-07CB-4F54-8A91-B6CBE84B3E0F}"="{A7445572-14F5-4DFA-BF06-E6C82043CF39}"
"{FF75EDA2-A7F0-497A-A666-39092E57AE54}"="{A7445572-14F5-4DFA-BF06-E6C82043CF39}"
"{2CF5D742-B1F0-40FE-A164-B2259D3D3956}"="{FD79F2A6-B75C-4367-85CE-B8DB04F3C51A}"
"{9691D742-3AF9-47F6-9387-AD2791D56C89}"="{DABB5980-8923-4BF3-B1FD-DD38F50C623D}"
"{D666F3FD-BC60-4D0D-A72D-BFC353D184DA}"="{DABB5980-8923-4BF3-B1FD-DD38F50C623D}"
"{0A439652-16EE-4932-92BD-DD7BF5FA439D}"="{AD3F5C31-F405-46FD-BF52-48A223DF8F85}"
"{35C157B4-2F1F-4299-A543-7E7AAB8FA6C4}"="{809A1315-CF00-4AEF-9C65-584AAAD407E6}"
"{2377C9F7-0673-4010-BB13-084463DCD138}"="{3D47BC96-691E-43D2-B71D-5A07469FC940}"
"{31F4DA0F-8AE2-4E54-A936-E728293EB344}"="{3ED4B86B-1B00-4298-B0AB-1ECCF29689EC}"
"{66592852-BA00-4C0D-B206-1420FE27A32B}"="{3ED4B86B-1B00-4298-B0AB-1ECCF29689EC}"
"{191A35C8-E15F-4C06-8986-4A61A53AD8AE}"="{BA7B1AB7-A40A-41D3-B655-FD4B0E5DB38F}"
"{CA0DF13F-1956-4DBD-87C9-89D56348896D}"="{3ED4B86B-1B00-4298-B0AB-1ECCF29689EC}"
"{2B26E88E-1376-4C3A-A87E-BF9D694AD246}"="{D689862D-7BB5-419F-9BE7-94283403FFBE}"
"{624BB1A3-1E2A-4CF2-9F54-0B30BEDC0576}"="{4DD53085-E5B1-4775-8FFC-ACA6ABA01CB4}"
"{534506D2-62BD-46F3-8D1C-984B7BE92D14}"="{4DD53085-E5B1-4775-8FFC-ACA6ABA01CB4}"
"{F354B295-6AE2-412D-9113-326BCCC2AC1B}"="{4DD53085-E5B1-4775-8FFC-ACA6ABA01CB4}"
"{96A47A1B-6EF8-4551-97B4-285246E09887}"="{840DCA96-0693-4412-9F8A-22E63E8E5DAD}"
"{AE1C45F8-6FBF-4AC5-99DC-155739E405E7}"="{0201BEEA-880E-4E33-A81A-44C1B120CE23}"
"{D484CE18-3D44-400F-A469-4C1B9871493E}"="{37727028-B3E7-4235-A9B3-F6241A1F4231}"
"{62247818-B2BA-4C15-8F7E-3FD9BD6306E8}"="{37727028-B3E7-4235-A9B3-F6241A1F4231}"
"{3EA37D02-4492-41D8-8480-786580EDE758}"="{37727028-B3E7-4235-A9B3-F6241A1F4231}"
"{F28A57B0-0AFE-4E7A-966E-812362E5A9F3}"="{798595D2-BF09-49BB-8F69-3C86089EA056}"
"{9759671D-F502-42B8-8095-1F51D6465438}"="{DEB19FFC-CFEB-4203-8900-818F271B3388}"
"{B97BD548-739C-473E-9411-BD1FEA4CD1E3}"="{DEB19FFC-CFEB-4203-8900-818F271B3388}"
"{C34E3DB6-F4C2-4321-9893-782A135DCA60}"="{DEB19FFC-CFEB-4203-8900-818F271B3388}"
"{A245C252-60D4-4F04-AEA5-E36A27C9DF48}"="{3322C7AB-C8DA-4293-9681-BA96D37ECFFE}"
"{61830355-7C08-42EE-B020-8E1BCE96BDA7}"="{317E60F2-5BBD-4812-B9DA-EAB7CE596DD9}"
"{8BE7E27E-FD4B-4868-A2E1-807DF9CEE482}"="{4B2FC871-6BCB-47BE-BD25-7D4336522FF9}"
"{946638C4-F53F-4A8B-8C94-E2572E9CD434}"="{4B2FC871-6BCB-47BE-BD25-7D4336522FF9}"
"{F9D4B13A-D9B4-48BD-BE61-D9D8A61F804E}"="{B3081A06-7281-4961-84EC-574026AD67A6}"
"{261F691F-10F9-48AA-B103-9B3A1855106A}"="{0BFF11BD-EE2E-45EC-A264-E3C05E0B63DD}"
"{C94072CF-DD1C-4B6E-AF31-E6FC9032BD04}"="{0BFF11BD-EE2E-45EC-A264-E3C05E0B63DD}"
"{69BB27D8-9294-41B6-931A-F07D225195C1}"="{0BFF11BD-EE2E-45EC-A264-E3C05E0B63DD}"
"{AB6EE9CE-86CB-43DC-B813-D73C6A972415}"="{072B5447-F66A-4A71-AAD8-DCA57F84A13E}"
"{FED2F2A0-0EF8-49B6-99D5-4ECD953FB003}"="{FC1B7DC1-479B-4CFB-A223-E3A526BE0B98}"
"{E84F06D4-6401-4E76-9350-91829E1E0179}"="{22554C99-7AFF-405C-B423-F28949C577EF}"
"{BDB185A0-08EF-4E63-AFC2-135FF2D4CF50}"="{22554C99-7AFF-405C-B423-F28949C577EF}"
"{7E7988B8-F8DC-44D8-9360-5660D0E6975F}"="{FD5EBC93-8960-485D-A437-B58DA727FD71}"
"{65F8A6B5-2E1D-46DA-9A1E-C7CCBBE23596}"="{22554C99-7AFF-405C-B423-F28949C577EF}"
"{37E3FED3-1F6C-4E52-818B-96C20C906017}"="{4C8BE464-AB7C-4AC0-A6B6-D8433C654E57}"
"{F7AEE13B-62B3-47F7-940A-0AE4B8494A46}"="{4C8BE464-AB7C-4AC0-A6B6-D8433C654E57}"
"{8B849936-6256-4912-9A90-3316B48BEC52}"="{4C8BE464-AB7C-4AC0-A6B6-D8433C654E57}"
"{58F41E7B-EAAD-45C0-8D97-A1D82824FFF6}"="{8F39DA3F-F9EF-413F-8EEB-9F37D8434A97}"
"{F427C0BE-22D0-47C6-8E1D-DFC8F25C60AC}"="{9947C7F7-B09E-4A47-BA40-E7185D7C4687}"
"{D40D7C9D-6FAA-4BD0-8553-67E2DF16C3AA}"="{9947C7F7-B09E-4A47-BA40-E7185D7C4687}"
"{BA31809A-F0D2-48B3-8D95-B7EA0D9D365A}"="{9947C7F7-B09E-4A47-BA40-E7185D7C4687}"
"{5334FECC-3B3E-4485-BB73-69D61AA1A29D}"="{14D1C4F4-FD66-47A9-8715-B828D9E3AD12}"
"{B6D59BEF-D228-4F3B-89CB-238952D9A44A}"="{85E41FA6-2924-4419-9FE4-3A617AB4C411}"
"{D719732E-3130-4E04-BD5E-81BF996AB627}"="{1353AC84-2A68-481C-A87E-1E8A6CE88A4F}"
"{247D57BC-06BC-4B2E-AC15-2933A9704523}"="{1353AC84-2A68-481C-A87E-1E8A6CE88A4F}"
"{92980704-25D7-4672-8273-ACE7A65C4780}"="{613BAABA-E508-4013-8364-036DBDFBF68F}"
"{BDEB6809-4973-4862-80FE-78BBE7F3A0D6}"="{1353AC84-2A68-481C-A87E-1E8A6CE88A4F}"
"{8DD08A5B-9047-45AA-A1D1-5BA1E33EDE36}"="{4970E11E-382A-4D42-95EA-EA7DF757E715}"
"{9F407709-8EEB-40EE-9203-38321B28C608}"="{4970E11E-382A-4D42-95EA-EA7DF757E715}"
"{C3F9B45B-4862-4D40-8AA5-16244C4391E1}"="{350B67D0-A375-41DE-B810-8609B4BF51D0}"
"{098B3FCD-701F-4BCE-B308-3EC1E5417F63}"="{350B67D0-A375-41DE-B810-8609B4BF51D0}"
"{2B83D992-F562-47B0-A7D3-51F3F1073086}"="{350B67D0-A375-41DE-B810-8609B4BF51D0}"
"{2693BE88-ECA4-4840-A8FC-A4A628513293}"="{56039A1B-D1EC-4775-9464-0F5166DAD315}"
"{CD69B33E-1FB9-417D-9F60-F94ACB376112}"="{5542F186-0514-4619-BEFA-DA4E570701C8}"
"{3E9BA070-F031-4C9D-83FD-4B25F379EB72}"="{CE560EC6-2927-4BC3-A6F2-40F53260CFB2}"
"{3BDD39FB-F463-4F61-A2A8-986B8E614527}"="{95F94201-0C04-444B-9337-07D6D08F07F8}"
"{BA481551-E988-4A90-9C5C-BF9B4BC13758}"="{95F94201-0C04-444B-9337-07D6D08F07F8}"
"{7FEA20CC-4276-4655-BF92-D70405E5DF76}"="{95F94201-0C04-444B-9337-07D6D08F07F8}"
"{23C7432C-563C-4673-A509-B7FA3520057C}"="{42410D1D-7338-489A-9E0A-EAB880616BDC}"
"{DF671CA8-5C75-4CA5-B7C1-73D1CB0A056A}"="{0AAE9809-AF7E-48E3-9E97-8F17CB5AD1E7}"
"{B427446D-A6AE-4F62-926A-9E5A2C539983}"="{8B62D7B8-DF05-4B02-ACA8-3A7E1F0FF75F}"
"{3AE1527F-924A-483F-B8CF-E581AE1D5BB1}"="{8B62D7B8-DF05-4B02-ACA8-3A7E1F0FF75F}"
"{CFCA6507-AB92-4B2A-B20F-F07A302BD9B6}"="{8B62D7B8-DF05-4B02-ACA8-3A7E1F0FF75F}"
"{F42898C6-1B15-4BD0-B56E-72F07F773C6D}"="{E7AC5D55-220B-4703-9E46-3F7B9F94B965}"
"{BD74BD45-D90F-4936-8B93-76D6CCCDD17B}"="{67CD0F8F-BDD9-476B-8908-D02CF206DB8C}"
"{3C1A74DE-3610-43FB-88EC-BCC09123955E}"="{67CD0F8F-BDD9-476B-8908-D02CF206DB8C}"
"{5F9EF52C-7A8C-4B01-938F-545F0792368D}"="{67CD0F8F-BDD9-476B-8908-D02CF206DB8C}"
"{5C5E744A-6DCB-4116-8A9E-A64808ACE123}"="{037ACB13-19AF-44E1-AD44-51440D756569}"
"{EAADE180-84DA-4D25-A7D2-93D05968DCC4}"="{4A1DD14E-3F37-4E40-AF2C-2168DC905729}"
"{88FFC971-D5D7-4581-8FE5-11C8CD1162C8}"="{6BD039B4-F1EC-4DB2-B3F2-99A7CFBCB69E}"
"{3D09C0B3-A102-439B-AE08-60350A2197F6}"="{6BD039B4-F1EC-4DB2-B3F2-99A7CFBCB69E}"
"{B77089ED-0B9B-4DF1-86C1-CFF504F71DCF}"="{DAC45190-B82D-487C-A08E-91F97DA52450}"
"{BAC0B371-391E-409F-B40E-9B9228577FC3}"="{6BD039B4-F1EC-4DB2-B3F2-99A7CFBCB69E}"
"{E36B7530-4D35-4F1B-B205-701FD7B8EDD8}"="{AB4BAA84-4622-40A2-AF92-9A75067B3916}"
"{B010E46E-C9D2-42D4-8C61-430667C00550}"="{1EFE5AD4-AADC-4FA0-AF60-E882BC538835}"
"{F7E93C59-04AC-4D94-AF4B-411CB4E38562}"="{1EFE5AD4-AADC-4FA0-AF60-E882BC538835}"
"{D2F32E01-20A3-437A-9D6F-801D701932AD}"="{1EFE5AD4-AADC-4FA0-AF60-E882BC538835}"
"{A07E2228-E399-4776-97C0-DD72D6962BE6}"="{A8752DE5-7FAB-4219-A795-54963B17E272}"
"{6D72A1E3-B038-4F9D-A737-9002A2314878}"="{56E2AEDA-701A-41BE-BDD5-753A20DF9386}"
"{764A1A08-87A2-4997-8ADE-578210722FE7}"="{56E2AEDA-701A-41BE-BDD5-753A20DF9386}"
"{34E16860-20E5-41F6-8344-3B91D848017C}"="{850C56E1-0C55-41FE-8497-981081232554}"
"{8466992C-A0A1-4AF9-8DDB-F6E314D9140E}"="{F03D2242-C5DE-4D6F-BA1D-2AEF85DF16D8}"
"{968D9771-D1C4-49D0-B257-2579F25EE3FE}"="{ED664323-78AE-44AF-8374-8616BADA4A2B}"
"{4FBB7EDF-67FC-400D-9B34-C569D1D6EC59}"="{70C5A266-DD2D-4CED-9AF0-D92FD61A87BB}"
"{33FA41B7-8A90-442E-868C-4B3CC64906B9}"="{58403674-BE11-498B-A47D-9550AEAE034B}"
"{DC5D1B63-955B-40A0-A13C-E3E636056C05}"="{58403674-BE11-498B-A47D-9550AEAE034B}"
"{481FAAE9-0698-46BC-ADC0-116B00B2C24E}"="{58403674-BE11-498B-A47D-9550AEAE034B}"
"{F96BA243-3488-4D2C-8582-C0A31D2A049D}"="{5132FF6A-2486-4CB6-895B-F4814B94C377}"
"{7055958B-0104-424B-A390-EA1875C9DAF8}"="{C9858534-ABB2-43E1-9925-2B2B7518167B}"
"{A0137ECC-614B-432A-AF16-BBB85FC9B6F8}"="{C9858534-ABB2-43E1-9925-2B2B7518167B}"
"{5BEBB08A-A9C0-4163-BBB0-8C510AB8F567}"="{C9858534-ABB2-43E1-9925-2B2B7518167B}"
"{FEAB3494-BB7D-4BC2-A22C-1A6A7D532411}"="{9ADD70C7-02C8-40DF-B7F1-292E667D1CFF}"
"{E39AE0FF-B6FD-49C4-A172-009E369C6E99}"="{DFAA6040-0F6B-4261-BFA2-1B69F98D1C9F}"
"{38B5D847-5AFE-418A-A0F8-D8BF006249A3}"="{DFAA6040-0F6B-4261-BFA2-1B69F98D1C9F}"
"{5D645409-9677-40CF-867C-0601FE2E1A61}"="{DFAA6040-0F6B-4261-BFA2-1B69F98D1C9F}"
"{C6F4598A-C105-4E5D-88CE-5C15A695DB3A}"="{21FA1DB7-DA84-478B-A307-A639A5BBA53A}"
"{1AB8E472-99E5-467F-9245-5AFC3F76CC6B}"="{241B7603-F3EA-4071-A0B4-9E13D3089D19}"
"{EB860E85-209A-4E25-BDAC-898C02081FCE}"="{862587A9-3BF4-487E-BF83-1136006B75A4}"
"{E8AA1CA5-F840-4C16-9611-530E73148F0B}"="{11D0294A-F600-46E2-A14A-D444A589BA2D}"
"{703AAC8B-448C-41BB-8E1A-1A2079DBFD17}"="{11D0294A-F600-46E2-A14A-D444A589BA2D}"
"{18F280AA-FF06-4CA7-86CC-D8731A3F4249}"="{11D0294A-F600-46E2-A14A-D444A589BA2D}"
"{39DB1197-7C30-4B5E-9E53-89F21467CA3B}"="{72B99F5A-EADF-48CC-B0B1-E839CA4FAE61}"
"{9C6B5CE4-932F-43C7-B261-20AD43EA1A73}"="{1F175968-5393-4D7C-8319-0DDDE2050AF0}"
"{0E1A20A1-5C29-4994-BCD9-4FF6671058F3}"="{1F175968-5393-4D7C-8319-0DDDE2050AF0}"
"{3CDB7E9F-73E2-4F0E-A821-AE65B06C2ACA}"="{1F175968-5393-4D7C-8319-0DDDE2050AF0}"
"{FAF77B7C-398D-4450-AF8E-796CD11A1633}"="{E1DCDB16-E684-4697-BDDD-5C659F88FBAF}"
"{4F8242CF-62C3-44FC-A103-3DC5C6AA4FEB}"="{E6A3E405-3B8A-4ABF-ABCE-A723A9076942}"
"{3939B967-862A-4FD4-9BF4-F606BAC5BAAB}"="{E6A3E405-3B8A-4ABF-ABCE-A723A9076942}"
"{3295C1C4-8DAE-46B8-9E07-D65B42314F68}"="{F6DCB8FF-38C7-4976-B8E8-0B934305EF44}"
"{89F13A97-7712-4A48-8673-271770B05309}"="{877ADF7F-BA9C-4B3F-A78F-DCF04024E1FB}"
"{671354CB-87ED-4B0C-8591-2F1F4195D7FA}"="{1CC5267E-D046-41E9-B133-A9FC76CE0803}"
"{9DD0EF35-45B2-4F6E-A4D1-3428302AF73F}"="{34191811-93F0-4F6F-A92F-6DA3A31DB9D1}"
"{56F2255C-77FA-4CAA-9A13-E3BF633F97FF}"="{34191811-93F0-4F6F-A92F-6DA3A31DB9D1}"
"{72BC94C4-20C3-453F-91A6-221CF6D60E3F}"="{2671602A-A8A2-4481-8537-0D17AB7025D3}"
"{67FBF23B-A4D7-49F7-A911-CAFF232EADB5}"="{34191811-93F0-4F6F-A92F-6DA3A31DB9D1}"
"{7A9397B2-1CF6-4AA0-99D7-D252FC59AC9B}"="{403D221E-E59A-4A73-9F12-190A2D1F4262}"
"{254249D3-EB41-4410-A53E-339A31934BF5}"="{2AA64094-8ED7-453F-AF06-C1C3FA24EA77}"
"{7415611A-1012-4149-93BC-6623E7A3AAD3}"="{2AA64094-8ED7-453F-AF06-C1C3FA24EA77}"
"{0037CE0A-6A1A-43EE-99D5-E41C21599B82}"="{2AA64094-8ED7-453F-AF06-C1C3FA24EA77}"
"{23EA714B-3DA5-4112-8D1E-511EFAECDB5F}"="{27F12EA8-B309-4639-A101-AD4A1F8AE53C}"
"{D8966D97-AD80-4BE2-AA4A-9B8F91F2CBA5}"="{A5C09F3E-F391-452E-A887-9EBDCE48291D}"
"{55D291BD-649B-4F9B-82C0-2D63504E7987}"="{B1B846EA-2E1D-442A-BC31-51ED9BE49AA4}"
"{F3D366DD-1F61-4AA0-A774-08834DF8D297}"="{B1B846EA-2E1D-442A-BC31-51ED9BE49AA4}"
"{EEF16D5B-01F5-4EB1-880F-9214D0A9E202}"="{68B56D75-2274-45E0-9DDA-0BE7DEF8E53F}"
"{827AFEBB-3D03-4E8C-9945-AC8427BCA5E4}"="{B1B846EA-2E1D-442A-BC31-51ED9BE49AA4}"
"{529962CD-5F89-4A64-9822-85830368EA06}"="{73C49443-4ED6-4AC3-89B2-6B846BE2617A}"
"{29CA1990-CAB0-44D5-80EE-21CFE17B2CC5}"="{FADFAFC4-7D33-4767-8248-86D91F50013C}"
"{1F123730-1275-4D07-9312-C9C18B823F4E}"="{FADFAFC4-7D33-4767-8248-86D91F50013C}"
"{99C96ECF-150D-45C5-B5EF-54263F9C82A8}"="{FADFAFC4-7D33-4767-8248-86D91F50013C}"
"{7ED416F2-59B4-4610-A2EC-58173B7115FE}"="{F15A1C37-54E7-4268-92CE-96F68C508F17}"
"{879FE0E6-076C-4BF2-AFCF-28BA32334EB5}"="{9E7223DE-F278-43D4-A2CD-B57E32142469}"
"{A44C98B2-945D-4279-9420-13EE52D538D5}"="{F7AE699D-E989-497F-B912-9781146093A1}"
"{4EE95D17-366F-485F-9555-E4CE9D6043CC}"="{F7AE699D-E989-497F-B912-9781146093A1}"
"{16448952-0110-4A35-8F9C-526D7500B467}"="{F7AE699D-E989-497F-B912-9781146093A1}"
"{E27105D5-A373-4EC6-B3EE-B62B6D74E027}"="{6EF687A3-38FD-4136-B204-E4EFE0CFA1CF}"
"{986C7217-4583-45F5-9010-AD47410C8D5C}"="{5BAF1A44-9FDA-41D5-9980-403A6EE87681}"
"{0AFF8EBB-5336-415E-B292-2D731DD60127}"="{D4EDF1F7-BBCE-4188-BC77-57D8AFE541E1}"
"{10078DF0-6741-4562-971D-668C36F330F2}"="{D7142D8B-AD4F-48C7-B36B-57541B952565}"
"{68E188C1-849A-48F7-9D08-7174EC765100}"="{D7142D8B-AD4F-48C7-B36B-57541B952565}"
"{CE7FB372-15E4-4B32-B353-5C9E10E88B76}"="{50DEF92E-71F0-4EA7-83BC-B7E5D344497F}"
"{E4A6E61F-2135-4E9D-9CDA-3EECF1B156BD}"="{D7142D8B-AD4F-48C7-B36B-57541B952565}"
"{AE5EED40-C2F6-4755-BAE7-8BB22B2DEA7D}"="{DC268EE1-05DE-40A7-A0AF-6229CC81C355}"
"{A7D969F4-D011-412D-9EC2-72C0BFD134F5}"="{EDA3886E-9B10-4727-953A-6A534124BCB5}"
"{7D1C83A6-6757-49FC-B2AA-9837C1A6F1EE}"="{EDA3886E-9B10-4727-953A-6A534124BCB5}"
"{2E37CD39-F648-459D-BDAA-5AC9139FA584}"="{EDA3886E-9B10-4727-953A-6A534124BCB5}"
"{5C7EB893-3578-452D-9058-1FEA9711CECB}"="{300011B0-38BC-49D0-B7AC-DFDF071364FF}"
"{ACE4889A-ACE8-4CEE-99D6-4AE3A3D60CA6}"="{DF349C6E-2944-4DE4-859E-5B6DF6077EB1}"
"{7B378BA9-FBB2-45F6-94C4-A56EE207E2EC}"="{8B4DF465-93F8-4FE1-81AD-A7914A2524A2}"
"{CB1CDA3E-72DD-428D-81E5-85C99E2397E0}"="{8B4DF465-93F8-4FE1-81AD-A7914A2524A2}"
"{281F291C-060A-455F-9128-AFA8DDEA780C}"="{8B4DF465-93F8-4FE1-81AD-A7914A2524A2}"
"{5F854C14-B1B2-4A93-8708-F1F6E38536A9}"="{649FAE31-8F53-460D-8032-ED9E2D7FEDC4}"
"{2579E905-C3DE-4764-9E51-36793C3D19CC}"="{5633687D-133C-47AA-AEE6-FAFA70311251}"
"{C5717287-5594-4849-814A-5375185FA16C}"="{62088AA2-4783-4141-B60C-12D017D43692}"
"{67741C13-029E-4A1D-9EF9-775D8A2C3C78}"="{62088AA2-4783-4141-B60C-12D017D43692}"
"{298B7500-327A-4439-A48C-6BCA6AD482B9}"="{62088AA2-4783-4141-B60C-12D017D43692}"
"{EF61D548-98F1-447A-AB54-BA784CA57651}"="{8446AAC0-6B8D-4FE8-8E38-74B5F8CE3487}"
"{3817BD83-6C5C-4386-8F40-1B344B6C818D}"="{C3281CBC-2614-41DA-AD86-03409DD3CD5D}"
"{C0789ACB-5A3A-4300-960F-BB3F9796D035}"="{2E34CC68-99E8-4FBC-B2F7-0DB5A1E86278}"
"{CE061587-6253-4149-A177-5C07FF8C4A60}"="{2E34CC68-99E8-4FBC-B2F7-0DB5A1E86278}"
"{73BED6F7-8A44-4C3D-97C7-10B2A8A959A3}"="{03CB2C58-20F6-4941-BE5A-A798A8103366}"
"{6CFC1B61-2063-47F8-A79B-9721A0DCBA43}"="{2E34CC68-99E8-4FBC-B2F7-0DB5A1E86278}"
"{61C2C219-DCAF-4B99-9E8F-EE615DD5A55A}"="{49832415-6961-4181-ACB1-73B26DB3731F}"
"{4E92CDE0-E4F9-4256-8552-5387819F0C68}"="{D490CA98-CF75-4542-92BC-20F141F9B45F}"
"{17ECC48C-F69D-4819-9A1F-4543A639C39E}"="{D490CA98-CF75-4542-92BC-20F141F9B45F}"
"{2A630FFB-5EE8-43B1-A782-D7DBA6255000}"="{D490CA98-CF75-4542-92BC-20F141F9B45F}"
"{BF537350-93F6-4631-9E3E-A036237F150C}"="{1EEAE11D-293D-447C-8B6F-27C89CCE1625}"
"{48019F9E-710C-435C-8B4B-52F248810CA5}"="{B3992D96-F667-4B87-A512-418ECDF31042}"
"{4E98DD1F-133E-411E-822E-FEBC1B97A4E8}"="{0DE62583-6DBD-4F9D-A1DB-C47EF67A3C7E}"
"{A1AA9F13-6991-4705-B3E3-A0DA89F70114}"="{32DFA85C-9D90-4F6D-90CC-A7C1F8669803}"
"{E3787AF0-C963-467F-B878-705A959DD2E4}"="{AF47CCF4-7E27-453F-9B23-726526AE3296}"
"{459F51E6-5F58-4D5F-A0D1-C7A4A9A328AA}"="{942A699A-F26F-457D-84FF-7507A7624DD1}"
"{5C9D6C32-31D0-421E-9C89-7E2A7C28CE66}"="{07CADB0B-79D9-441B-89ED-8AC7D792E88A}"
"{827DE3A7-B4EA-469A-B1CD-15902A872BAD}"="{07CADB0B-79D9-441B-89ED-8AC7D792E88A}"
"{C161069C-CBFF-4135-81D1-3AC30E250DEB}"="{F8F9EBA8-4433-4AA9-8C3B-4995852826B6}"
"{C83347F5-B78B-429A-8B4B-4E356CD5BCE0}"="{2E896382-C076-43AD-B415-B2B5C4B02F2E}"
"{3D30D841-2043-42F2-9C5C-C17A4C5CAE27}"="{267A7767-DE7C-47A2-B687-CFE516F66E41}"
"{091EF5CF-9630-4451-ADC8-B071B856D8B3}"="{267A7767-DE7C-47A2-B687-CFE516F66E41}"
"{B2DB79ED-7C98-4EE8-8754-AA79049208E8}"="{F0DFD234-2E9F-442B-94D3-5D99637D2B72}"
"{397F8A5C-A029-4AC8-8CBF-F4A655C72294}"="{503B49E1-CFFD-4D53-8206-7D460394301D}"
"{AB9375C4-9644-45C8-9619-DA9F67A47565}"="{0F115376-31C8-4D46-B120-E61139D7DE69}"
"{04FD785E-BAAC-42F0-90EF-CAE6CFD0B1EC}"="{0F115376-31C8-4D46-B120-E61139D7DE69}"
"{AF8CDEB1-F290-4F28-B73E-87023D297A34}"="{07EED6EC-EF9F-46BF-97A6-3C8365030831}"
"{048DC755-44D1-43F8-AC7D-423AD5119DAC}"="{1C8CB083-6651-47F7-87E1-3818EC45231D}"
"{F203DD9F-C8F2-4F89-958D-E8F337EEBB39}"="{BDA44D4A-53A0-42B2-9BEC-834E56824D64}"
"{8D21839B-2CFC-4A66-82B1-8F29E10F637D}"="{BDA44D4A-53A0-42B2-9BEC-834E56824D64}"
"{6A15E4CF-43FC-489A-A2C2-33F5CC5A188F}"="{BDA44D4A-53A0-42B2-9BEC-834E56824D64}"
"{83AC23AA-216C-4B35-B0DA-9E63596DA5DF}"="{DC384845-B14A-431F-ACBF-A7D36DB66809}"
"{548E4120-B589-4A5E-97D1-867EEE79832F}"="{7DB2FF86-E24F-4108-95D8-FC42D3C0E05D}"
"{DD3073C3-EA1D-4CE2-9092-3A2E07173922}"="{90DF532B-5F98-426E-9CF5-29ACB9505E4E}"
"{3FFEFE06-3459-49CF-AFD4-0B3C8E0C8CE5}"="{90DF532B-5F98-426E-9CF5-29ACB9505E4E}"
"{FFA6CE0F-D2CB-4E5E-84AF-25C46BFA9DDC}"="{90DF532B-5F98-426E-9CF5-29ACB9505E4E}"
"{EF2B3600-3737-4A17-A692-A038B20646B7}"="{ABF290FE-9D6D-4F2C-8D52-3A9787A0078F}"
"{898BBF6D-7AE5-4A0E-949E-0B01811EA751}"="{69A6CDDD-115C-4F0C-B72D-FB2C7F787560}"
"{DE59FA05-D257-452B-9DB5-D9B8604A1582}"="{69A6CDDD-115C-4F0C-B72D-FB2C7F787560}"
"{67679ED0-9DD8-40E8-A029-29287732B336}"="{8035A7E0-5B68-413C-98BE-D7446D9BAF32}"
"{4A9B8A74-0996-4E5C-868B-FAF3F234EB9A}"="{69A6CDDD-115C-4F0C-B72D-FB2C7F787560}"
"{72B81DAF-EF4D-429A-AD8F-276334DAD876}"="{308D42DA-4A3C-438F-A568-286D8862E415}"
"{7011BE77-1B73-4A05-B0D9-BF275AEC5F1B}"="{78FA32A7-5E6E-48F7-9DFB-FC9BFCD1BDE0}"
"{2CCC8E3F-E710-47C9-BBC6-D7771D679E02}"="{B87AC2E5-9240-4EF0-8AAE-3BB666DAA314}"
"{BB867AC5-8492-48A7-B3EC-E6374A37B4AD}"="{B87AC2E5-9240-4EF0-8AAE-3BB666DAA314}"
"{E62CECD2-DAA0-4729-BE6E-CD88E57CAE7F}"="{B87AC2E5-9240-4EF0-8AAE-3BB666DAA314}"
"{B8D38EF5-8E28-4D1C-B70F-902382A6DC97}"="{E233B82E-19BD-47F1-8F6F-4BCA9DDE6DE7}"
"{3C26A8F7-5A40-487C-91A0-84C90231ADEE}"="{246D178F-8016-44DE-817A-D5305F34B302}"
"{FD0D5AB3-447E-4CDC-81D5-F6418D2E5B76}"="{246D178F-8016-44DE-817A-D5305F34B302}"
"{D4F7C3F0-D368-4CD4-812B-A7B7F4050B97}"="{246D178F-8016-44DE-817A-D5305F34B302}"
"{935E35FA-674F-4FF8-9028-2AEC02B6EC5B}"="{D21FFE28-C32F-4FBB-8A7E-77D3F15F69C6}"
"{CCAD794D-E27C-4CCF-9440-2B3EDCD69D20}"="{F2FE7383-D0BB-4BED-B568-C9B1CD4C6CFF}"
"{16333AC8-6905-431D-A7B5-1B6AEF716E8C}"="{C170E76F-3613-4CD6-BD2B-FDA6085A4A5E}"
"{AC7CE9FC-9916-49BA-ABA2-D3D774F83A27}"="{C170E76F-3613-4CD6-BD2B-FDA6085A4A5E}"
"{558CDC7D-1089-4D6A-9BEA-31DA0D606077}"="{C170E76F-3613-4CD6-BD2B-FDA6085A4A5E}"
"{D026B94B-6CF2-42BE-8E73-4FBC92CCBE97}"="{114E911E-486D-4A01-8EC1-AC7A1110E5A1}"
"{8EFEBCC8-95BF-467F-9EDB-FD24AB5A771A}"="{1ADE345C-2059-4370-A622-5D8EC5E21C5B}"
"{CFB6942C-AD10-4BFF-8D6D-266BBB79614C}"="{E825DB1F-57EF-4118-95EB-01F99048D11C}"
"{F3DC79A8-B609-490A-98A5-E91E370EED3B}"="{E825DB1F-57EF-4118-95EB-01F99048D11C}"
"{8879962E-F988-44BB-BE4A-B2F618A2B943}"="{6D722DD6-0065-4657-8689-7A43DA2E0971}"
"{580C88C4-602B-444D-9ECF-F50470EACF61}"="{E825DB1F-57EF-4118-95EB-01F99048D11C}"
"{9598FBE4-9AB2-4B62-86E2-25FC9E0B5566}"="{D13D85F3-481C-4288-BF46-E4C197CFB71F}"
"{C1D6C26F-644D-4520-8F34-4DF43BA72272}"="{CC5329FD-3D5F-42E4-99C4-7D47FCBBEA3D}"
"{AEF74306-5117-4644-975B-CA3F5D520A1A}"="{762B8DD9-9E6B-4393-8ABA-8E9C8330A865}"
"{4454B168-EB9B-48F1-A185-A7B9C68C738D}"="{0824EE9E-6F09-432F-9DE0-E5B251DA7129}"
"{D5BDBA58-6565-404E-99C6-4B37644C31F8}"="{4CC1729B-5DEA-463A-ACE2-E640CC5A2CE8}"
"{B2B0AA4B-7E46-43EA-B388-ADA24CEB8A07}"="{990A7C8A-BFD0-4325-991B-01D7591A93ED}"
"{27780BE1-F219-4C55-90EB-CDA338208463}"="{4C7C92C7-0743-42E9-8AA2-E1472A147D7E}"
"{E7E62B8E-5ACC-4B91-8D6A-43CBC6D9BDC4}"="{EC5537C6-646A-430B-AE01-B912AE72C3B0}"
"{CAFB542C-3569-4794-A6D4-1D52FB0321C5}"="{678F8A77-907A-4080-B294-04C435F76B0B}"
"{07E07BD2-6A5A-4AFB-ABC3-F42C3C431449}"="{678F8A77-907A-4080-B294-04C435F76B0B}"
"{12600089-1FC9-4D9B-A34D-2EB521C4E2E0}"="{B909B8B6-B3E4-424F-9480-C1725B81D947}"
"{A2C1E0D1-BB8B-4311-BA23-8B618A189077}"="{1E60D4E9-0F81-4608-A566-12DD8D015EE6}"
"{E91407B1-23CC-46BF-881E-7B79B5339BC3}"="{A9C7C76D-7227-44C3-B6CF-2E8243D9013D}"
"{D3B836BE-767A-4782-87F5-C941D32595E3}"="{D8DE94BF-70CB-431E-A55B-57BEEF2381FC}"
"{090B4B4A-9726-44A9-94AC-F49A577CF62C}"="{67E30DDA-72EC-4038-AB9A-C7A6049C9BDF}"
"{0AB82FD1-8ABD-4A2E-82CF-4B681467786D}"="{67E30DDA-72EC-4038-AB9A-C7A6049C9BDF}"
"{1673CB78-C8CF-4411-84B3-D71855E27D9A}"="{E8CD960E-1439-4316-B877-1A5D10A4A17B}"
"{80324346-B95B-4F33-B460-74F6EE39C4C8}"="{67E30DDA-72EC-4038-AB9A-C7A6049C9BDF}"
"{423D9B9D-927B-437A-952B-8D1F96E11BF1}"="{78FF323B-4190-48CA-8812-9CE779839A7B}"
"{8093C499-F813-4A76-AC80-0E50DE715027}"="{78FF323B-4190-48CA-8812-9CE779839A7B}"
"{17FD33C9-F3B4-4B6D-A153-7BBD599CC309}"="{049076D7-B862-4E25-A323-A7A188BB349F}"
"{D2A2AABE-F617-409C-8CCD-FF4F86C64921}"="{78FF323B-4190-48CA-8812-9CE779839A7B}"
"{DF473D7B-D00A-4526-B470-EF11FB370AAA}"="{B982D04F-F707-43B4-B6C7-2038B9A86FF3}"
"{A65AF8C9-E9EA-485D-A265-256C81B2BD28}"="{9A4176CA-CB3B-4931-8551-8EDF936E39F7}"
"{CC406D07-AC9A-47C5-B499-69C14864C5C6}"="{B5543744-A64E-4334-9BCC-BD206B381BE4}"
"{AB6A2DD8-4E4A-4B92-980D-163A7E99D0B9}"="{C72AFEAB-91F8-4496-97DC-A3E8454FE1F4}"
"{3D9E68B2-E7F4-4AE6-8DD9-A4FA65769218}"="{FA039348-1401-4830-88C2-138AC3CF1237}"
"{D6953608-EDE5-42A9-8F17-987795AE9DA2}"="{B4DD8496-10FE-48EC-B77F-83DE4DF4AA95}"
"{75D92266-559B-4DC2-925F-17940074CE5B}"="{B4DD8496-10FE-48EC-B77F-83DE4DF4AA95}"
"{A91A82EF-597B-475E-A2D1-EDFE7B66EE84}"="{B4DD8496-10FE-48EC-B77F-83DE4DF4AA95}"
"{C84FECD9-F024-4055-8D91-7D5FB29A2F6E}"="{53DA2B76-CBCE-4DDC-9DE7-C1AC1CECD0A0}"
"{0F30C9B3-D773-41E4-8C02-702DD9827B40}"="{A5FA2BF3-791A-4DCE-BB41-6BC3CAAA6C8A}"
"{21ADFDE2-5DDC-458B-9038-DF3ABAD24E87}"="{CF102832-2529-48D4-9A81-4156DCD50B04}"
"ccSvcHst_ccSetMgr"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"ccSvcHst_ccEvtMgr"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"ccSettingsService"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"ccEvtCli"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"{2A3D5851-1937-4583-B13D-E95810E185C9}"="{67A85DC6-C577-4473-8727-02231234105C}"
"SAVSubmissionEngineIPC"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"SAVSubmissionEngineCallbackIPC"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"{F849259A-3060-4A31-B64B-0B6EBCE817FF}"="{E1CC2BFD-F3C7-4D01-9DF5-51ECACCD7315}"
"{BFADC982-75E5-497A-A114-95856CCE9A33}"="{9F4641A8-6161-4CD1-AEE2-CD664A700A65}"
"{C43C29B9-3CE6-4F59-845D-042111E51FE9}"="{E1CC2BFD-F3C7-4D01-9DF5-51ECACCD7315}"
"{B09AC88E-FF83-4ED7-B60F-23ED9378C700}"="{E1CC2BFD-F3C7-4D01-9DF5-51ECACCD7315}"
"{F23BE0F4-3FD5-462B-A469-339406B4036E}"="{39702B85-9C94-4D11-B431-5B4D99EC6B96}"
"{C7CA602E-1196-45BC-8AD3-3D8E284C16E6}"="{32D61777-81A9-42F2-8A88-D0447D933EAD}"
"{93D00B83-2908-4545-A970-B1A912460A3E}"="{9F4641A8-6161-4CD1-AEE2-CD664A700A65}"
"{89D0717D-EA5E-4420-BC33-54CAA71AD7BE}"="{9F4641A8-6161-4CD1-AEE2-CD664A700A65}"
"{89FEC435-9CB4-453E-9D92-ACFF806A057E}"="{9F4641A8-6161-4CD1-AEE2-CD664A700A65}"
"{5222B459-8D85-4C3B-A25E-4D8AAD2A63DE}"="{FFCC247A-6E09-438A-82B4-0B733F8B150D}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-05-16 20:50:07
ComboFix-quarantined-files.txt 2011-05-17 03:50
ComboFix2.txt 2011-05-17 03:06
.
Pre-Run: 175,857,176,576 bytes free
Post-Run: 175,796,211,712 bytes free
.
- - End Of File - - 8EE389EA2E1FC180D1C308DFB0B80DE6
 
Very good :)

Combofix log looks clean as well.

Couple more checks....

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
otl log

OTL logfile created on: 5/16/2011 9:34:34 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Femi\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
10.00 Gb Paging File | 8.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): c:\pagefile.sys 5898 11520 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.93 Gb Total Space | 163.81 Gb Free Space | 56.89% Space Free | Partition Type: NTFS

Computer Name: FEMI-PC | User Name: Femi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/16 21:32:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Femi\Desktop\OTL.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/12/03 05:15:19 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010/12/03 05:15:17 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
PRC - [2010/12/03 05:15:03 | 001,839,776 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010/12/03 05:15:02 | 000,050,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
PRC - [2010/06/19 12:36:46 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2009/09/03 16:06:32 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
PRC - [2009/07/28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2009/07/14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe
PRC - [2009/04/10 18:54:28 | 000,200,704 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
PRC - [2009/04/10 18:54:22 | 000,143,360 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
PRC - [2009/04/10 18:09:38 | 000,417,792 | ---- | M] (Chicony) -- C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2007/04/29 22:55:32 | 000,205,744 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe
PRC - [2006/11/06 17:14:44 | 000,034,352 | ---- | M] () -- C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2011/05/16 21:32:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Femi\Desktop\OTL.exe
MOD - [2010/08/20 22:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/26 16:43:10 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009/08/21 10:31:06 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/27 19:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2008/08/25 09:58:12 | 000,089,600 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV:64bit: - [2007/11/21 16:53:16 | 000,135,168 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2007/04/29 22:55:08 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxcgcoms.exe -- (lxcg_device)
SRV - [2010/12/03 05:15:19 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/12/03 05:15:19 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010/12/03 05:15:05 | 003,249,768 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/12/03 05:15:04 | 000,428,912 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE -- (SNAC)
SRV - [2010/12/03 05:15:03 | 001,839,776 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010/11/29 14:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/09/07 17:05:51 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/26 16:40:12 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/08/10 20:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/07/14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009/06/17 11:18:42 | 006,582,912 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- (wampmysqld)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/12/10 01:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe -- (wampapache)
SRV - [2008/08/15 06:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/04/29 22:54:44 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxcgcoms.exe -- (lxcg_device)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/02/16 18:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2010/12/03 05:18:47 | 000,173,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/12/03 05:15:21 | 000,482,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srtspl64.sys -- (SRTSPL)
DRV:64bit: - [2010/12/03 05:15:21 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2010/12/03 05:15:20 | 000,449,072 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/02 17:49:46 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2010/04/29 06:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010/01/13 16:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009/08/27 09:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/30 22:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/29 16:22:08 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/24 16:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/07/21 15:03:34 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/13 17:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/13 16:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/06/15 07:07:56 | 000,139,616 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 13:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/06/26 16:24:18 | 000,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/03/13 00:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV:64bit: - [2008/02/07 00:29:08 | 000,195,632 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2007/12/11 14:03:36 | 000,027,272 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2006/11/08 23:34:00 | 000,237,568 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\KR10N64.sys -- (KR10N64)
DRV:64bit: - [2006/11/08 23:33:00 | 000,248,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\KR10I64.sys -- (KR10I64)
DRV:64bit: - [2006/10/23 16:33:08 | 000,018,944 | ---- | M] (TOSHIBA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV - [2011/05/09 01:00:00 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/05/09 01:00:00 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/04/10 07:41:44 | 001,828,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110516.022\EX64.SYS -- (NAVEX15)
DRV - [2011/04/10 07:41:44 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110516.022\ENG64.SYS -- (NAVENG)
DRV - [2010/12/03 05:15:21 | 000,482,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\srtspl64.sys -- (SRTSPL)
DRV - [2010/12/03 05:15:21 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\srtspx64.sys -- (SRTSPX)
DRV - [2010/12/03 05:15:20 | 000,449,072 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\srtsp64.sys -- (SRTSP)
DRV - [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nfl.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0C 50 D5 47 9B 98 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.nfl.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://urlseek40.vmn.net/search.php?lg=en&type=dns&tbn=oovoo2_0dn&q="

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/12 08:26:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/03/23 17:16:09 | 000,000,000 | ---D | M]

[2010/01/14 19:27:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Femi\AppData\Roaming\Mozilla\Extensions
[2009/08/28 18:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Femi\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/03/23 17:16:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Femi\AppData\Roaming\Mozilla\Firefox\Profiles\25u6p1tl.default\extensions
[2010/09/12 18:06:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Femi\AppData\Roaming\Mozilla\Firefox\Profiles\25u6p1tl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/08 18:24:28 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\Femi\AppData\Roaming\Mozilla\Firefox\Profiles\25u6p1tl.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/05/12 08:26:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/24 15:12:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/25 17:32:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/02/01 00:58:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\FEMI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\25U6P1TL.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2011/04/14 09:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/02/01 00:57:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/05/16 20:47:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LXCGCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCGtime.DLL ()
O4:64bit: - HKLM..\Run: [lxcgmon.exe] C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe (Lexmark International, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [PCMAgent] C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/53.13/uploader2.cab (UploadListView Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} http://www.cooliris.com/shared/plinstll.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Femi\Pictures\Kawasaki Ninja\2009 Kawasaki Ninja 250r Red.jpg
O24 - Desktop BackupWallPaper: C:\Users\Femi\Pictures\Kawasaki Ninja\2009 Kawasaki Ninja 250r Red.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/05/16 21:32:18 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Femi\Desktop\OTL.exe
[2011/05/16 20:35:26 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/16 19:54:21 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/16 19:54:21 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/16 19:54:21 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/16 19:54:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/16 19:50:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/16 19:28:10 | 000,083,968 | ---- | C] (eSage Lab) -- C:\Users\Femi\Desktop\remover.exe
[2011/05/16 19:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/05/16 19:27:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2011/05/15 15:56:52 | 000,000,000 | ---D | C] -- C:\Users\Femi\Desktop\New folder
[2011/05/12 21:17:19 | 000,000,000 | ---D | C] -- C:\Users\Femi\AppData\Roaming\Malwarebytes
[2011/05/12 21:17:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/12 21:17:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/12 21:17:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/12 21:17:04 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/12 21:17:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/05/12 21:10:11 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Femi\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/10 16:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
[2011/04/29 03:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/29 03:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/29 03:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/29 03:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/04/29 03:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/04/29 03:42:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/04/28 13:24:59 | 000,000,000 | ---D | C] -- C:\Users\Femi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/04/18 19:03:07 | 000,015,360 | ---- | C] (June Fabrics Technology Inc.) -- C:\Windows\SysNative\drivers\pneteth.sys
[2011/04/18 19:03:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PdaNet for Android
[2011/04/18 18:57:33 | 000,000,000 | ---D | C] -- C:\superboot
[2011/04/17 19:01:37 | 000,000,000 | ---D | C] -- C:\Users\Femi\Documents\Droid Stuff
[2010/09/08 19:22:30 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgpmui.dll
[2010/09/08 19:22:30 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcginpa.dll
[2010/09/08 19:22:30 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgiesc.dll
[2010/09/08 19:22:29 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgserv.dll
[2010/09/08 19:22:29 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgusb1.dll
[2010/09/08 19:22:29 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgppls.exe
[2010/09/08 19:22:29 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgprox.dll
[2010/09/08 19:22:29 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgpplc.dll
[2010/09/08 19:22:28 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcghbn3.dll
[2010/09/08 19:22:28 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcomc.dll
[2010/09/08 19:22:28 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcglmpm.dll
[2010/09/08 19:22:28 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcoms.exe
[2010/09/08 19:22:28 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcomm.dll
[2010/09/08 19:22:28 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgih.exe
[2010/09/08 19:22:28 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcfg.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/16 21:32:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Femi\Desktop\OTL.exe
[2011/05/16 21:29:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3042896104-2401317275-119532014-1000UA.job
[2011/05/16 21:10:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/16 21:05:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/16 20:47:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/05/16 19:48:07 | 004,349,551 | R--- | M] () -- C:\Users\Femi\Desktop\ComboFix.exe
[2011/05/16 19:04:57 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/16 19:04:57 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/16 19:04:57 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/16 18:47:39 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/16 18:47:39 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/16 18:44:32 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/16 18:39:51 | 3092,951,040 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/16 13:29:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3042896104-2401317275-119532014-1000Core.job
[2011/05/15 13:00:23 | 000,237,189 | ---- | M] () -- C:\Users\Femi\Desktop\lasummer2.jpg
[2011/05/15 13:00:14 | 000,050,885 | ---- | M] () -- C:\Users\Femi\Desktop\lasummer1.jpg
[2011/05/14 02:56:46 | 000,002,403 | ---- | M] () -- C:\Users\Femi\Desktop\Google Chrome.lnk
[2011/05/13 05:38:30 | 000,625,664 | ---- | M] () -- C:\Users\Femi\Desktop\dds.scr
[2011/05/13 05:32:02 | 000,302,080 | ---- | M] () -- C:\Users\Femi\Desktop\yh0tt6nk.exe
[2011/05/13 03:11:53 | 000,000,120 | ---- | M] () -- C:\Users\Femi\AppData\Local\Krosedi.dat
[2011/05/12 21:17:09 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/12 21:15:38 | 001,554,284 | ---- | M] () -- C:\Users\Femi\Desktop\Untitled-2.psd
[2011/05/12 21:10:30 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Femi\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/12 08:26:26 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/12 08:26:25 | 000,001,914 | ---- | M] () -- C:\Users\Femi\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/11 19:14:35 | 000,000,000 | ---- | M] () -- C:\Users\Femi\2gweorjqjutp92vjy9gake
[2011/05/10 16:50:56 | 000,002,242 | ---- | M] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
[2011/05/08 21:16:30 | 456,536,235 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/06 03:06:44 | 000,001,448 | ---- | M] () -- C:\Users\Femi\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/06 02:45:18 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/05/06 02:45:14 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/04/29 03:47:44 | 000,002,515 | ---- | M] () -- C:\Users\Femi\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/04/29 03:47:44 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/04/29 03:46:36 | 000,001,794 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/26 11:49:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2011/04/18 19:10:10 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2011/04/18 19:01:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_androidusb_01009.Wdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
otl log cont.

========== Files Created - No Company Name ==========

[2011/05/16 19:54:21 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/16 19:54:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/16 19:54:21 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/16 19:54:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/16 19:54:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/16 19:47:26 | 004,349,551 | R--- | C] () -- C:\Users\Femi\Desktop\ComboFix.exe
[2011/05/15 13:00:20 | 000,237,189 | ---- | C] () -- C:\Users\Femi\Desktop\lasummer2.jpg
[2011/05/15 13:00:08 | 000,050,885 | ---- | C] () -- C:\Users\Femi\Desktop\lasummer1.jpg
[2011/05/13 05:38:29 | 000,625,664 | ---- | C] () -- C:\Users\Femi\Desktop\dds.scr
[2011/05/13 05:32:00 | 000,302,080 | ---- | C] () -- C:\Users\Femi\Desktop\yh0tt6nk.exe
[2011/05/12 21:17:09 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/12 21:15:28 | 001,554,284 | ---- | C] () -- C:\Users\Femi\Desktop\Untitled-2.psd
[2011/05/12 08:24:28 | 000,000,120 | ---- | C] () -- C:\Users\Femi\AppData\Local\Krosedi.dat
[2011/05/11 19:14:35 | 000,000,000 | ---- | C] () -- C:\Users\Femi\2gweorjqjutp92vjy9gake
[2011/05/06 02:45:18 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/05/06 02:45:14 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/04/29 03:46:36 | 000,001,794 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/28 13:25:04 | 000,002,403 | ---- | C] () -- C:\Users\Femi\Desktop\Google Chrome.lnk
[2011/04/28 13:24:22 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3042896104-2401317275-119532014-1000UA.job
[2011/04/28 13:24:21 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3042896104-2401317275-119532014-1000Core.job
[2011/04/26 11:49:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2011/04/26 11:24:18 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2011/04/18 19:10:10 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2011/04/18 19:01:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_androidusb_01009.Wdf
[2010/09/08 19:22:31 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxcginst.dll
[2010/09/08 19:22:30 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxcgcomx.dll
[2010/06/03 03:44:02 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/03/29 15:46:34 | 000,009,216 | ---- | C] () -- C:\Users\Femi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/02 19:23:07 | 000,731,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/01/26 00:33:51 | 000,000,600 | ---- | C] () -- C:\Users\Femi\AppData\Local\PUTTY.RND
[2010/01/18 20:20:38 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/14 21:24:40 | 000,015,108 | ---- | C] () -- C:\Program Files\results.xml
[2009/09/16 17:51:32 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/07 10:14:25 | 000,941,784 | ---- | C] () -- C:\Windows\SysWow64\drivers\CAMTHWDM.sys
[2009/08/27 09:05:12 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/08/27 09:05:12 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/08/27 09:05:12 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/08/27 09:05:12 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/08/19 20:17:37 | 000,023,888 | ---- | C] () -- C:\Users\Femi\AppData\Roaming\UserTile.png
[2009/07/25 14:01:07 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2009/07/25 14:00:03 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009/07/25 13:59:51 | 000,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/07/15 18:40:20 | 000,000,520 | ---- | C] () -- C:\Windows\netdet.ini
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:21:36 | 000,000,013 | RHS- | C] () -- C:\Windows\SysWow64\drivers\fbd.sys
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/05/08 03:46:09 | 000,128,113 | ---- | C] () -- C:\Windows\SysWow64\csellang.ini
[2009/05/08 03:46:09 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\csellang.dll
[2009/05/08 03:46:09 | 000,007,671 | ---- | C] () -- C:\Windows\SysWow64\cseltbl.ini
[2008/09/01 14:50:08 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2008/09/01 14:50:08 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2008/09/01 14:50:08 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2008/09/01 14:50:08 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2008/09/01 14:50:08 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2008/09/01 14:50:08 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2008/09/01 13:21:34 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/09/01 12:36:16 | 000,257,053 | ---- | C] () -- C:\Windows\WOLSET.exe
[2004/01/30 06:37:50 | 000,000,092 | R--- | C] () -- C:\Windows\SysWow64\FTDIUN2K.INI
[2002/03/01 11:43:34 | 000,028,008 | ---- | C] () -- C:\Windows\SysWow64\SUSUSB.SYS

========== LOP Check ==========

[2010/01/14 19:26:53 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\acccore
[2010/01/14 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Any Video Converter
[2010/01/14 19:26:57 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Blitware
[2010/01/14 19:26:57 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\CiscoCAA
[2010/01/26 18:07:20 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/01/14 19:26:57 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011/05/15 15:42:09 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\FileZilla
[2010/04/19 18:09:49 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Genie-Soft
[2010/03/31 03:00:10 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\gretl
[2010/03/21 19:40:50 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\gtk-2.0
[2010/01/14 19:26:58 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\JCreator
[2010/06/15 04:38:42 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\MAGIX
[2010/04/26 01:32:21 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\ManyCam
[2010/10/28 05:24:55 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Notepad++
[2010/01/14 19:27:36 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\ooVoo Details
[2010/04/30 17:25:03 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\PowerCinema
[2009/07/22 05:47:10 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Publish Providers
[2011/03/28 16:49:38 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Research In Motion
[2010/01/14 19:27:42 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Sony
[2010/01/14 21:03:32 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\TOSHIBA
[2010/01/14 19:27:42 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Ulead Systems
[2010/01/14 19:27:44 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Webcammax
[2010/01/14 19:27:44 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\WinBatch
[2010/11/24 06:19:20 | 000,000,000 | ---D | M] -- C:\Users\Femi\AppData\Roaming\Windows Live Writer
[2010/10/24 03:05:28 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/07/13 18:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/01/14 18:54:26 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/07/07 02:40:52 | 000,001,641 | ---- | M] () -- C:\CDFE.log
[2011/05/16 20:50:08 | 000,071,444 | ---- | M] () -- C:\ComboFix.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2011/05/16 18:39:51 | 3092,951,040 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2009/07/13 21:23:34 | 000,000,367 | -H-- | M] () -- C:\IPH.PH
[2010/09/08 18:59:32 | 000,000,736 | ---- | M] () -- C:\lxcg.log
[2009/08/08 14:40:20 | 000,000,000 | ---- | M] () -- C:\lxcgfire.000
[2009/08/23 11:20:55 | 000,000,000 | ---- | M] () -- C:\lxcgfire.001
[2009/08/23 11:29:01 | 000,000,000 | ---- | M] () -- C:\lxcgfire.002
[2009/08/23 11:33:00 | 000,000,000 | ---- | M] () -- C:\lxcgfire.003
[2010/01/19 01:27:48 | 000,000,000 | ---- | M] () -- C:\lxcgfire.004
[2010/07/07 02:40:44 | 000,000,000 | ---- | M] () -- C:\lxcgfire.csv
[2009/08/08 14:45:07 | 000,001,103 | ---- | M] () -- C:\LXCGINST.000
[2009/08/23 11:24:22 | 000,001,061 | ---- | M] () -- C:\LXCGINST.001
[2009/08/23 11:31:48 | 000,000,938 | ---- | M] () -- C:\LXCGINST.002
[2009/08/23 11:34:43 | 000,001,348 | ---- | M] () -- C:\LXCGINST.003
[2010/01/19 01:30:52 | 000,000,981 | ---- | M] () -- C:\LXCGINST.004
[2010/07/07 02:48:58 | 000,001,390 | ---- | M] () -- C:\LXCGINST.csv
[2009/08/08 14:45:06 | 000,211,477 | ---- | M] () -- C:\lxcgunst.000
[2010/01/19 00:38:48 | 000,601,047 | ---- | M] () -- C:\lxcgunst.001
[2010/01/19 00:48:38 | 000,401,709 | ---- | M] () -- C:\lxcgUNST.002
[2010/01/19 01:11:36 | 000,807,448 | ---- | M] () -- C:\lxcgUNST.003
[2010/06/03 03:24:55 | 000,895,382 | ---- | M] () -- C:\lxcgUNST.004
[2010/06/03 04:16:28 | 000,898,187 | ---- | M] () -- C:\lxcgUNST.005
[2010/09/08 19:00:59 | 000,898,983 | ---- | M] () -- C:\lxcgUNST.csv
[2011/05/16 18:40:01 | 1889,533,951 | -HS- | M] () -- C:\pagefile.sys
[2010/01/14 21:28:37 | 000,002,996 | ---- | M] () -- C:\RHDSetup.log
[2007/03/30 13:35:38 | 000,266,240 | ---- | M] (Realtek Semiconductor Corp.) -- C:\RtkApoApi.dll
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\Fonts\*.com >
[2009/07/13 22:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 22:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 22:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 22:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 13:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/11/10 02:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010/01/26 17:20:42 | 000,001,670 | -HS- | M] () -- C:\Users\Femi\AppData\Roaming\Microsoft\LastFlashConfig.wfc

< %PROGRAMFILES%\*.* >
[2009/07/13 21:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/08/23 12:46:05 | 000,000,574 | -HS- | M] () -- C:\Users\Femi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2011/05/06 03:06:44 | 000,000,221 | -HS- | M] () -- C:\Users\Femi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/05/16 19:48:07 | 004,349,551 | R--- | M] () -- C:\Users\Femi\Desktop\ComboFix.exe
[2011/05/12 21:10:30 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Femi\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/16 21:32:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Femi\Desktop\OTL.exe
[2010/09/01 15:33:49 | 000,083,968 | ---- | M] (eSage Lab) -- C:\Users\Femi\Desktop\remover.exe
[2011/05/13 05:32:02 | 000,302,080 | ---- | M] () -- C:\Users\Femi\Desktop\yh0tt6nk.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/10 14:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2010/06/03 04:24:38 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2010/06/03 04:24:37 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2010/06/03 04:24:37 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2010/06/03 04:24:37 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2010/06/03 04:24:37 | 000,786,432 | ---- | M] () -- C:\Windows\security\database\edbtmp.log
[2010/06/03 04:24:37 | 001,056,768 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\security\database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/08/03 14:21:21 | 000,000,402 | -HS- | M] () -- C:\Users\Femi\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< >

< End of report >
 
extras log

OTL Extras logfile created on: 5/16/2011 9:34:34 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Femi\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
10.00 Gb Paging File | 8.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): c:\pagefile.sys 5898 11520 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.93 Gb Total Space | 163.81 Gb Free Space | 56.89% Space Free | Partition Type: NTFS

Computer Name: FEMI-PC | User Name: Femi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}" = Dolby Control Center
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{64A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B1FB7D5C-20CE-4CB6-8F39-306EFDA8290C}" = Symantec Endpoint Protection
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"4D0A78D60CE7E81C31D46CB92DBA41CCF993C9BD" = Windows Driver Package - Chicony (usbvideo) Image (05/12/2009 6.3.251.0512)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Lexmark 2300 Series" = Lexmark 2300 Series
"LTMOH" = LSI V92 MOH Application
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"TOSHIBA Software Modem" = TOSHIBA Software Modem

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B561CF4-0C7D-4745-AF53-161E24E44F87}" = Adobe CS4 Italian Speech Analysis Models
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FD653A8-9CFA-4392-B89C-CCDB114DE442}" = Adobe CS4 Spanish Speech Analysis Models
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{21F0CBB8-A158-435A-BBB6-9E2BE6D6D449}" = BlackBerry Device Software v4.6.1 for the BlackBerry 8520 smartphone
"{224821ED-CADA-4A8A-AC8D-3734CC0F0931}" = Amazon Links
"{23C12370-3A82-4558-B727-F345B473AD87}" = BlackBerry Device Software Updater
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema for TOSHIBA
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{32A3A4F4-B792-11D6-A78A-00B0D0160140}" = Java(TM) SE Development Kit 6 Update 14
"{32A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{377FD9B9-8377-49B9-A052-17BEFFEEE4A2}" = Adobe Creative Suite 4 Web Premium
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{41773726-92D0-4265-A0F8-DD980CA1AEC4}" = TOSHIBA Upgrade Assistant
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{48E9A4FB-17C6-4B14-BC9D-D83AF2A4059A}" = Adobe CS4 Korean Speech Analysis Models
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C3F3228-13BE-41D0-A782-3DDE7CB2479A}" = CD/DVD Drive Acoustic Silencer
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4F213D2A-B942-4611-AEE5-49F9D42D0A2F}" = Adobe CS4 International English Speech Analysis Models
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56B116A2-FF34-4923-B1A7-1DFAB0B6E186}" = Utility support driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7AAC4B2B-C3D2-465C-9F2C-B9DCF0D7FDB8}" = Adobe Setup
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{87DF5956-A327-4304-8338-8E2B0AAB843E}" = BlackBerry Desktop Software 6.0.2
"{890EF3F8-742F-46BD-9E8E-084B3A1F4364}" = QuickBooks Financial Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B5309AB-293D-4FFD-A9A7-B861DB4B76D9}" = FileZilla 3.1.2
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7C4EAC-6E38-42E3-85AA-408874A803DE}" = Adobe CS4 German Speech Analysis Models
"{9AACCD0F-2734-4E8C-8C24-2702D4506E93}" = Adobe CS4 French Speech Analysis Models
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_942" = Adobe Acrobat 9.4.2 - CPSID_83708
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.5
"{AC76BA86-7AD7-1033-7B44-A81300000003}_814" = KB408682
"{AC9B7C8C-1211-4B18-BE72-ECEBB4DE543D}" = BlackBerry Device Software v5.0.0 for the BlackBerry 8900 smartphone
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B35FDD04-48FD-4D3D-B0EB-088C5137CD42}" = Adobe CS4 Japanese Speech Analysis Models
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1E56B8A-1AAF-422A-91DB-625059FB9863}" = TOSHIBA Desktop Links
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_4db064343401efd6449f33f8411c14b" = Adobe Creative Suite 4 Web Premium
"Akamai" = Akamai NetSession Interface
"Any Video Converter_is1" = Any Video Converter 2.7.9
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema for TOSHIBA
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"Notepad++" = Notepad++
"WampServer 2_is1" = WampServer 2.0
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
 
1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

======================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} http://www.cooliris.com/shared/plinstll.cab (Reg Error: Value error.)
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

=======================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • IMPORTANT! UN-check Remove found threats
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.


Bed time here :)
 
OTL run fix log

All processes killed
========== OTL ==========
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Starting removal of ActiveX control {EAC139A9-D22D-4C29-8D1C-252BE63750F9}
C:\Windows\Downloaded Program Files\plinstll.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{EAC139A9-D22D-4C29-8D1C-252BE63750F9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAC139A9-D22D-4C29-8D1C-252BE63750F9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{EAC139A9-D22D-4C29-8D1C-252BE63750F9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAC139A9-D22D-4C29-8D1C-252BE63750F9}\ not found.
C:\Windows\msdownld.tmp folder deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 6527648 bytes
->Flash cache emptied: 42054 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Femi
->Temp folder emptied: 4733597 bytes
->Temporary Internet Files folder emptied: 2602870857 bytes
->Java cache emptied: 45348415 bytes
->FireFox cache emptied: 52387815 bytes
->Google Chrome cache emptied: 77586989 bytes
->Apple Safari cache emptied: 198074368 bytes
->Flash cache emptied: 3096681 bytes

User: Public
->Temp folder emptied: 0 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 13743242 bytes
->Flash cache emptied: 42054 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 996 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 245834 bytes
RecycleBin emptied: 160350 bytes

Total Files Cleaned = 2,866.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Femi
->Flash cache emptied: 0 bytes

User: Public

User: TEMP
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05162011_224434

Files\Folders moved on Reboot...
C:\Users\Femi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Femi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZRKFGLHM\sh42[1].htm moved successfully.
C:\Users\Femi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JTNHPF6P\partnersCASCHTZ0.htm moved successfully.
C:\Users\Femi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JTNHPF6P\topic165210-2[1].htm moved successfully.
C:\Users\Femi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Femi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

Registry entries deleted on Reboot...
 
checkup

Results of screen317's Security Check version 0.99.7
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java(TM) 6 Update 25
Java(TM) 6 Update 6
Java(TM) SE Development Kit 6 Update 14
Java(TM) SE Development Kit 6 Update 23
Out of date Java installed!
Adobe Flash Player 10.1.85.3
Adobe Reader 8.1.5
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-US..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Norton ccSvcHst.exe
``````````End of Log````````````




good morning!
 
Good Afternoon :)

Uninstall:
Java(TM) 6 Update 6
Java(TM) SE Development Kit 6 Update 14
Java(TM) SE Development Kit 6 Update 23

=====================================================================

Update Adobe Reader

You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions.
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

=====================================================================

...and Eset...
 
Status
Not open for further replies.

Similar threads

A
Google's IP Protection is a new experiment to fight IP-based tracking
Replies
8
Views
392
Darkmatter
Darkmatter
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
468
eriksnyman1
E
N
Issue with Dark and Light settings in forums mode
Replies
4
Views
652
Neatfeatguy
N

Latest posts

Back