Author: AndyEK
Subject: GMER log pt. I
Posted: 06 April 2013 at 4:00am
Here is the first portion of what resulted after my first scan with GMER 2.1. As you can guess, I'm completely ignorant of how this works but I'm pretty sure I have a rootkit problem and TDSSKiller couldn't solve it. If anyone can advise me as to how to get rid of the issue I would greatly appreciate it.
thanks
GMER 2.1.19163 - http://www.gmer.net
3rd party scan 2013-04-05 21:49:36
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST380011A rev.8.16 74.51GB
Running: 38vun6h0.exe; Driver: C:\DOCUME~1\Andy\LOCALS~1\Temp\pgldqpoc.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS ZwClose [0xEF900CF0]
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\.NETFramework\PendingUpdates\v1.1.4322\NI@ C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen.exe (Microsoft Common Language Runtime native compiler/Microsoft Corporation)(2003-02-21 01:09:46)
Reg HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}@StubPath C:\WINDOWS\system32\ieudinit.exe (IE Per User Active Setup Uninstall Utility/Microsoft Corporation)(2009-03-08 09:32:52)
Reg HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}@KeyFileName C:\Program Files\Java\jre6\bin\regutils.dll (Java(TM) Platform SE binary/Sun Microsystems, Inc.)(2009-03-09 10:46:18)
Reg HKLM\SOFTWARE\Microsoft\ASP.NET\1.1.4322.0@DllFullPath C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll (aspnet_isapi.lib/Microsoft Corporation)(2012-10-10 00:27:00)
---- Kernel code sections - GMER 2.1 ----
init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF7EEBF80]
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{D41E4F1D-A407-11D1-8BC9-00C04FA30A41}@$DLL C:\WINDOWS\system32\corpol.dll (Microsoft COM Runtime Execution Engine/Microsoft Corporation)(2004-08-10 18:50:55)
Reg HKLM\SOFTWARE\Microsoft\Jet\3.5\Engines\Jet 2.x@win32 C:\WINDOWS\system32\msrd2x35.dll (Microsoft (R) Red ISAM/Microsoft Corporation)(2006-02-26 18:39:22)
Reg HKLM\SOFTWARE\Microsoft\Jet\3.5\Engines\Text@win32 C:\WINDOWS\system32\mstext35.dll (Microsoft Jet Text Isam/Microsoft Corporation)(2006-02-26 18:39:22)
Reg HKLM\SOFTWARE\Microsoft\MediaPlayer\Player\Extensions\MUIDescriptions@6 C:\WINDOWS\system32\DivXWMPExtType.dll(2008-09-19 21:54:18)
Reg HKLM\SOFTWARE\Microsoft\MMC\SnapIns\{1270e004-f895-42be-8070-df90d60cbb75}@NameStringIndirect C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscormmc.dll (Microsoft .NET Runtime Execution Engine Starter for MMC/Microsoft Corporation)(2003-02-21 00:43:52)
Reg HKLM\SOFTWARE\Microsoft\MMC\SnapIns\{D524927D-6C08-46BF-86AF-391534D779D3}@NameStringIndirect C:\WINDOWS\system32\ieaksie.dll (Internet Explorer Snap-in Extension to Group Policy/Microsoft Corporation)(2004-08-10 18:51:09)
Reg HKLM\SOFTWARE\Microsoft\Picture It!\11.0\Setup@EXE_PATH C:\Program Files\Microsoft Digital Image 2006\pi.exe (Microsoft Digital Image 2006 Editor/Microsoft Corporation)(2005-04-22 09:14:53)
Reg HKLM\SOFTWARE\Microsoft\Picture It!\Integration\ACQUIREV11APP@EXE Path C:\Program Files\Microsoft Digital Image 2006\imprtwiz.exe (Import Pictures Wizard/Microsoft Corporation)(2005-04-22 09:17:40)
Reg HKLM\SOFTWARE\Microsoft\Picture It!\Integration\PODV11@EXE Path C:\Program Files\Microsoft Digital Image 2006\Pod.exe (Microsoft Digital Image 2006 Library/Microsoft Corporation)(2005-04-22 09:09:45)
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk@command C:\PROGRA~1\DIGITA~1\DLG.exe (Digital Line Detection/BVRP Software)(2005-12-15 21:18:01)
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^dlbcserv.lnk@command C:\PROGRA~1\DELLPH~1\dlbcserv.exe(2006-01-10 03:35:21)
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSupport@command C:\Program Files\Dell Support\DSAgnt.exe (Dell Support/Gteko Ltd.)(2005-05-15 08:04:12)
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DMXLauncher@command C:\Program Files\Dell\Media Experience\DMXLauncher.exe(2005-01-27 07:02:00)
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 0150D2A0 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] kernel32.dll!lstrlenW + 43 7C809AEC 7 Bytes JMP 0185E7E6 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] kernel32.dll!MapViewOfFileEx + 6A 7C80B9A0 7 Bytes JMP 0185E7C3 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] kernel32.dll!ValidateLocale + B1C8 7C8449C8 7 Bytes JMP 01522245 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] GDI32.dll!SetDIBitsToDevice + 20A 77F19E14 7 Bytes JMP 0185E744 C:\Program Files\Mozilla Firefox\xul.dll
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer@command C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (System settings protector/Safer-Networking Ltd.)(2006-01-26 00:18:58)
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\Text Converters\Export\MSWord6RTFExp@Path C:\Program Files\Common Files\Microsoft Shared\Textconv\wrd6er32.cnv (Word 97-2000 & 6.0/95 - RTF Export Converter/Microsoft Corporation)(2003-11-21 23:12:04)
---- User IAT/EAT - GMER 2.1 ----
IAT C:\WINDOWS\system32\services.exe[764] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS\system32\services.exe[764] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Updates\.NETFramework\1.1\M2698023@UninstallCommand C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe(2009-06-25 00:56:06)
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759\Filelist\10@FileName C:\WINDOWS\system32\inseng.dll (Install engine/Microsoft Corporation)(2004-08-10 18:51:09)
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759\Filelist\12@FileName C:\WINDOWS\system32\dxtrans.dll (DirectX Media -- DirectX Transform Core/Microsoft Corporation)(2004-08-10 18:51:06)
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759\Filelist\13@FileName C:\WINDOWS\system32\dxtmsft.dll (DirectX Media -- Image DirectX Transforms/Microsoft Corporation)(2004-08-10 18:51:06)
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759\Filelist\24@FileName C:\WINDOWS\system32\pngfilt.dll (IE PNG plugin image decoder/Microsoft Corporation)(2004-08-10 18:51:20)
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759\Filelist\26@FileName C:\WINDOWS\system32\msrating.dll (Internet Ratings and Local User Management DLL/Microsoft Corporation)(2004-08-10 18:51:15)
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978706\Filelist\0@FileName C:\Documents and Settings\Andy\Desktop\mspaint.exe (Paint/Microsoft Corporation)(2011-02-02 22:54:42)
Reg HKLM\SOFTWARE\Microsoft\WAB\Import\Works@DLL C:\Program Files\Microsoft Works\wkabstub.dll (Microsoft® Works Address Book Addin/Microsoft® Corporation)(2005-08-18 11:44:32)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\CameraLauncher.exe@ C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\CameraLauncher.exe (Canon Utilities CameraWindow/CANON INC.)(2010-03-18 19:18:50)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DLG.exe@ C:\Program Files\Digital Line Detect\DLG.exe (Digital Line Detection/BVRP Software)(2005-12-15 21:18:01)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DMX.exe@ C:\Program Files\Dell\Media Experience\DMX.exe (Dell Multimedia Experience/ )(2005-01-27 07:02:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FLVPlayer.exe@ C:\Program Files\FLV Player\FLVPlayer.exe(2008-10-16 13:50:42)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe@ C:\Program Files\Trend Micro\HijackThis\hijackthis.exe (HijackThis/Trend Micro Inc.)(2010-06-10 18:25:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\iTunes.exe@ C:\Program Files\iTunes\iTunes.exe (iTunes/Apple Inc.)(2012-03-27 10:09:16)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MediaHub.exe@ C:\Program Files\Common Files\Sonic Shared\Sonic Central\Main\Mediahub.exe(2005-02-11 08:00:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MoviePlayer.exe@ C:\PROGRA~1\QUICKT~1\MoviePlayer.exe (MoviePlayer Application/Apple Computer, Inc.)(2009-07-18 03:06:10)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\msworks.exe@ C:\Program Files\Microsoft Works\msworks.exe (Microsoft® Works/Microsoft® Corporation)(2005-08-22 19:36:29)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PictureViewer.exe@ C:\Program Files\QuickTime\PictureViewer.exe (PictureViewer/Apple Inc.)(2011-07-05 23:36:36)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PowerDVD.exe@ C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe (CyberLink PowerDVD Main Program/CyberLink Corp.)(2005-12-15 21:18:14)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\QuickTimePlayer.exe@ C:\Program Files\QuickTime\QuickTimePlayer.exe (QuickTime Player/Apple Inc.)(2011-07-06 00:13:08)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\RealPlay.exe@ c:\program files\real\realplayer\realplay.exe (RealPlayer/RealNetworks, Inc.)(2011-03-22 01:31:13)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\RealUpgrade.exe@ C:\Program Files\Real\RealUpgrade\RealUpgrade.exe (RealUpgrade Launcher/RealNetworks, Inc.)(2011-01-24 19:25:36)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\rnxproc.exe@ c:\program files\real\realplayer\Update\rnxproc.exe (RNX file processor/RealNetworks, Inc.)(2011-03-22 01:31:08)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\sbase.exe@ C:\Program Files\OpenOffice.org 3\program\sbase.exe(2008-09-20 00:32:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\scalc.exe@ C:\Program Files\OpenOffice.org 3\program\scalc.exe(2008-09-20 00:32:32)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\sdraw.exe@ C:\Program Files\OpenOffice.org 3\program\sdraw.exe(2008-09-20 00:32:34)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\simpress.exe@ C:\Program Files\OpenOffice.org 3\program\simpress.exe(2008-09-20 00:32:38)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smath.exe@ C:\Program Files\OpenOffice.org 3\program\smath.exe(2008-09-20 00:32:40)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\soffice.exe@ C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org 3.0/OpenOffice.org)(2008-09-30 23:46:12)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\swriter.exe@ C:\Program Files\OpenOffice.org 3\program\swriter.exe(2008-09-20 00:32:28)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\unopkg.exe@ C:\Program Files\OpenOffice.org 3\program\unopkg.exe(2008-09-20 00:40:46)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe@ C:\Program Files\WinRAR\WinRAR.exe(2007-03-13 04:51:26)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WKPLMSTP.EXE@ C:\Program Files\Microsoft Works\wkplmstp.exe (setup/Microsoft Corporation)(2005-08-18 11:41:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WKSAB.EXE@ C:\Program Files\Microsoft Works\WKSAB.exe (Microsoft® Works Address Book/Microsoft® Corporation)(2005-08-18 11:44:29)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wkscal.exe@ C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkscal.exe (Microsoft® Works Calendar/Microsoft® Corporation)(2005-08-18 11:31:40)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wksdb.exe@ C:\Program Files\Microsoft Works\wksdb.exe (Microsoft® Works Database/Microsoft® Corporation)(2005-08-18 11:44:45)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WKSSB.EXE@ C:\Program Files\Microsoft Works\WKSSB.exe (Microsoft® Works PortFolio/Microsoft® Corporation)(2005-08-18 11:41:58)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wksss.exe@ C:\Program Files\Microsoft Works\wksss.exe (Microsoft® Works Spreadsheet/Microsoft® Corporation)(2005-08-18 11:42:47)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wkswp.exe@ C:\Program Files\Microsoft Works\wkswp.exe (Microsoft® Works Word Processor/Microsoft® Corporation)(2005-08-18 11:13:48)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WKWCESTP.EXE@ C:\Program Files\Microsoft Works\wkwcestp.exe(2005-08-18 11:41:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WKWDSTUB.EXE@ C:\Program Files\Microsoft Works\WKWDSTUB.exe (Microsoft® Works Word Stub/Microsoft® Corporation)(2005-10-07 22:43:12)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls@QuickTime C:\Program Files\QuickTime\QTSystem\QuickTime.cpl (QuickTime Control Panel/Apple Inc.)(2011-07-06 00:08:14)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\SonicSCAudioCDTask@Action C:\Program Files\Common Files\Sonic Shared\Sonic Central\Audio\MainrENU.dll (Language resources - Dynamic Link Library/Sonic Solutions)(2005-01-31 08:00:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\SonicSCCopyCD@DefaultIcon C:\Program Files\Common Files\Sonic Shared\Sonic Central\Copy\MainrENU.dll (Language resources - Dynamic Link Library/Sonic Solutions)(2005-01-31 08:00:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\SonicSCDataProject@Action C:\Program Files\Common Files\Sonic Shared\Sonic Central\Data\MainrENU.dll (Language resources - Dynamic Link Library/Sonic Solutions)(2005-02-04 08:00:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VxDlaCdOnArrival@DefaultIcon C:\Program Files\Sonic\DLA\install\tfswcmd.exe (Drive Letter Access Component/Sonic Solutions)(2004-12-06 07:05:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\WinampMTPHandler@DefaultIcon C:\Program Files\Winamp\winamp.exe (Winamp/Nullsoft)(2006-03-10 17:47:08)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\Files\0@ C:\WINDOWS\system32\msxml4r.dll (MSXML 4.0 SP1 Resources/Microsoft Corporation)(2003-04-18 16:29:26)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PatchedComponents@{7B289966-1196-B7E9-B06B-D6B9ABF34537} c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9839.0_x-ww_ed80bd5c\msxml4.dll (MSXML 4.0 SP 2/Microsoft Corporation)(2006-09-12 22:53:32)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PatchedComponents@{7B2FCEFF-0F22-B7E1-B06B-D6B9ABF34537} c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll (MSXML 4.0 SP 2/Microsoft Corporation)(2006-11-04 20:17:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PatchedComponents@{7B298060-1128-B7E8-B06B-D6B9ABF34537} c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll (MSXML 4.0 SP 2/Microsoft Corporation)(2007-05-08 20:06:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PatchedComponents@{9BFFB8F8-F55F-10B2-B01F-C8B3B9A1E18E} C:\WINDOWS\winsxs\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll (Microsoft® C Runtime Library/Microsoft Corporation)(2007-08-23 05:18:08)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1@UninstallString C:\Program Files\Advanced System Protector\unins000.exe(2013-02-04 19:32:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CAL@DisplayIcon C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Camera Access Library 8/Canon Inc.)(2009-09-08 22:25:52)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CameraWindowDC8@DisplayIcon C:\Program Files\Canon\CameraWindow\CameraWindowDC8\CameraWindowDC8.exe (Canon Utilities CameraWindow DC/CANON INC.)(2010-06-03 19:10:38)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CleanUp!@UninstallString C:\Program Files\CleanUp!\uninstall.exe(2005-04-09 20:03:20)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Companion Plugin@DisplayIcon C:\Program Files\Coupon Companion Plugin\Uninstall.exe (Coupon Companion Plugin Installer/215 Apps)(2013-01-28 17:45:47)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dell Digital Jukebox Driver@UninstallString C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe(2005-12-15 21:27:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dell Digital Jukebox Driver@UnwiseLog C:\WINDOWS\UNWISE.EXE(2005-12-15 21:27:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dell Digital Jukebox Driver@DisplayIcon C:\Program Files\Dell\Digital Jukebox Drivers\CtDrvStp.exe (Creative Driver Setup/Creative Technology Ltd.)(2005-12-15 21:27:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dell Photo Printer 720 Logger@UninstallPath C:\Program Files\Dell Photo Printer 720\dlbcunst.exe(2006-01-10 03:35:21)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player@UninstallString C:\Program Files\FLV Player\uninst.exe(2009-07-20 03:40:38)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Macromedia Shockwave Player@UninstallString C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE(2005-12-15 21:32:25)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MavenAppMgr@DisplayIcon C:\Program Files\Common Files\Maven\Application Manager\appMgrAX.dll (Base service for Maven applications/Maven Networks, Inc.)(2006-06-21 23:51:05)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Interactive Training@UninstallString C:\WINDOWS\IsUninst.exe (InstallShield® unInstaller/InstallShield Software Corporation)(2004-08-10 19:12:03)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService@UninstallString C:\Program Files\Mozilla Maintenance Service\uninstall.exe (Mozilla Maintenance Service Installer/Mozilla Corporation)(2012-05-21 14:54:09)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyCamera@DisplayIcon C:\Program Files\Canon\CameraWindow\MyCamera\MyCamera.exe (Canon Utilities MyCamera/CANON INC.)(2010-04-15 19:05:36)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PictureItPrem_v11@UninstallString C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe (Digital Image Module/Microsoft Corporation)(2005-04-22 09:14:38)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PocketRAR@UninstallString C:\Program Files\PocketRAR\uninstall.exe(2009-07-20 01:50:39)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime 3.0@UninstallString C:\WINDOWS\uninst.exe (InstallShield unInstaller /InstallShield Corporation, Inc.)(2007-06-05 18:33:29)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 12.0@UninstallString c:\program files\real\realplayer\Update\r1puninst.exe (Uninstaller Shell executable/RealNetworks, Inc.)(2011-03-22 01:31:05)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spybot - Search & Destroy_is1@UninstallString C:\Program Files\Spybot - Search & Destroy\unins000.exe(2006-01-26 00:18:58)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebCyberCoach_wtrb@DisplayIcon C:\Program Files\WebCyberCoach\b_Dell\tranplug.exe (GTek Technologies Ltd.)(2005-12-15 21:24:32)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebCyberCoach_wtrb@UninstallString C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe (WebCyberCoach Uninstaller/Gteko Ltd.)(2005-12-15 21:24:32)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp@UninstallString C:\Program Files\Winamp\UninstWA.exe (Winamp Installer/Nullsoft, Inc.)(2006-01-19 21:09:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver@UninstallString C:\Program Files\WinRAR\uninstall.exe(2007-03-13 04:51:26)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Works2006Setup@UninstallString C:\Program Files\Microsoft Works Suite 2006\Setup\Launcher.exe (Microsoft® Works Suite Setup Launcher/Microsoft® Corporation)(2005-12-15 21:29:46)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Extras@UninstallString C:\Program Files\Yahoo!\Common\unin_yextras.exe (Yahoo! Browser Services Setup/Yahoo! Inc.)(2008-02-14 06:04:41)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Messenger@UninstallString C:\Program Files\Yahoo!\Messenger\UNWISE.EXE(2006-01-12 19:13:35)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk@UninstallString C:\Program Files\Google\Google Talk\uninstall.exe(2009-12-28 03:20:42)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}@DisplayIcon C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2006-02-03 03:23:09)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150080}@DisplayIcon C:\Program Files\Java\jre1.5.0_08\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2006-08-25 00:33:03)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}@DisplayIcon C:\Program Files\Java\jre1.5.0_11\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2007-03-29 16:10:15)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}@DisplayIcon C:\Program Files\Java\jre1.6.0_01\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2007-05-31 23:05:50)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}@DisplayIcon C:\Program Files\Java\jre1.6.0_02\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2007-08-03 23:03:51)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}@DisplayIcon C:\Program Files\Java\jre1.6.0_03\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2007-10-27 16:55:49)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}@DisplayIcon C:\Program Files\Java\jre1.6.0_05\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2008-05-03 04:20:52)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160070}@DisplayIcon C:\Program Files\Java\jre1.6.0_07\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2008-11-12 00:26:14)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7585478E9D9B42108671C12F8714CEFE}@DisplayIcon C:\Program Files\DivX\DivX Converter\Converter.exe (DivX Converter Application/DivX, Inc.)(2008-09-19 21:54:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7585478E9D9B42108671C12F8714CEFE}@UninstallString C:\Program Files\DivX\DivXConverterUninstall.exe (DivX for Windows Installer, L:EN;ES;DE;FR;JA, DivX Codec 6.8.5, DivX Converter 6.6.1, DivX Player 6.8.2, DivX Web Player 1.4.2/DivX, Inc.)(2008-11-22 10:12:36)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}@DisplayIcon C:\Program Files\DivX\DivX Codec\config.exe (config/DivXNetworks Inc.)(2008-09-19 21:54:18)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7F142D56-3326-11D5-B229-002078017FBF}@DisplayIcon C:\Program Files\Modem Helper\MDM_Util.exe(2005-12-15 21:17:54)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8ADFC4160D694100B5B8A22DE9DCABD9}@DisplayIcon C:\Program Files\DivX\DivX Player\DivX Player.exe (DivX Player/DivX, Inc)(2008-09-19 21:55:18)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8ADFC4160D694100B5B8A22DE9DCABD9}@UninstallString C:\Program Files\DivX\DivXPlayerUninstall.exe (DivX for Windows Installer, L:EN;ES;DE;FR;JA, DivX Codec 6.8.5, DivX Converter 6.6.1, DivX Player 6.8.2, DivX Web Player 1.4.2/DivX, Inc.)(2008-11-22 10:12:52)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7050CBDB2504B34BC2A9CA0A692CC29}@DisplayIcon C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX Web Player version 1.4.2.7/DivX,Inc.)(2008-10-17 18:29:52)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7050CBDB2504B34BC2A9CA0A692CC29}@UninstallString C:\Program Files\DivX\DivXWebPlayerUninstall.exe (DivX for Windows Installer, L:EN;ES;DE;FR;JA, DivX Codec 6.8.5, DivX Converter 6.6.1, DivX Player 6.8.2, DivX Web Player 1.4.2/DivX, Inc.)(2008-11-22 10:12:56)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}@DisplayIcon C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware Application/SUPERAntiSpyware.com)(2010-05-18 17:26:23)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}@UninstallString C:\Program Files\SUPERAntiSpyware\SASUNINST.EXE (SUPERAntiSpyware Application UnInstaller/SUPERAntiSpyware.com)(2010-04-13 18:05:15)
Reg HKLM\SOFTWARE\Microsoft\Windows CE Services\Services\Synchronization\Objects\WorksAppointments@DefaultIcon C:\Program Files\Microsoft Works\wkwcecal.dll(2005-08-18 11:42:12)
Reg HKLM\SOFTWARE\Microsoft\Windows CE Services\Services\Synchronization\Objects\WorksContacts@DefaultIcon C:\Program Files\Microsoft Works\wkwcewab.dll(2005-01-06 01:37:46)
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32@vidc.DIVX C:\WINDOWS\system32\DivX.dll (DivX/DivX, Inc.)(2008-10-28 22:35:56)
Reg HKLM\SOFTWARE\Classes\*\Shell\sdfiles\command@ C:\Program Files\Spybot - Search & Destroy\SDFiles.exe (Single file on-demand scanner/Safer Networking Limited)(2008-08-12 21:06:14)
Reg HKLM\SOFTWARE\Classes\CLSID\{00192F1E-2D33-4239-B00F-5DD54EBE3A7B}\InprocServer32@ C:\Program Files\Microsoft Works\sbox11.dll (Shoebox Module/Microsoft Corporation)(2005-07-12 10:13:36)
Reg HKLM\SOFTWARE\Classes\CLSID\{007474E7-1A02-46e1-AF4C-FD819A1E8D15}\InprocServer32@ C:\Program Files\DivX\DivX Common Filters\gzHF330.ddc (QuickTime Audio Decoder Filter/DivX, Inc.)(2008-09-19 21:57:38)
Reg HKLM\SOFTWARE\Classes\CLSID\{00CEDC01-864D-11D3-908D-00C0F03B3EDC}\InprocServer32@ c:\program files\real\realplayer\ierjplug.dll (ierjplug Module/RealNetworks, Inc.)(2011-03-22 01:32:34)
Reg HKLM\SOFTWARE\Classes\CLSID\{015BF83E-2A92-444B-B3A7-3D87785A1DBE}\InProcServer32@ C:\Program Files\Intel\PROSetWired\NCS\EAL\NE8023PS.dll(2004-01-29 00:36:06)
Reg HKLM\SOFTWARE\Classes\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\InprocServer32@ C:\Program Files\QuickTime\QTPlugin.ocx (The QuickTime Control allows you to view a wide variety of multimedia content in web pages./Apple Inc.)(2011-07-06 00:13:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{031AC65B-95ED-45E9-9BEA-C4532B2CAA42}\InprocServer32@ C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\PxWrap.dll (Sonic Solutions)(2005-02-02 08:00:00)
Reg HKLM\SOFTWARE\Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\LocalServer32@ C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe (InstallShield Update Service Agent/Macrovision Corporation)(2005-06-10 16:44:02)
Reg HKLM\SOFTWARE\Classes\CLSID\{03960C2A-9AF8-43C4-8956-F1E3F179AF2B}\InprocServer32@ C:\Program Files\CyberLink\PowerDVD\CLAlbumArt.dll(2005-12-15 21:18:17)
Reg HKLM\SOFTWARE\Classes\CLSID\{03A314FF-5E14-48B6-BACD-A34DA6BEA5C2}\InprocServer32@ C:\Program Files\Microsoft Digital Image 2006\sbox.dll (Shoebox Module/Microsoft Corporation)(2005-04-22 09:18:32)
Reg HKLM\SOFTWARE\Classes\CLSID\{04CCE2FF-A7D3-11D0-B436-00A0244A1DD2}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\pdm.dll (Process Debug Manager/Microsoft Corporation)(2006-10-26 19:40:34)
Reg HKLM\SOFTWARE\Classes\CLSID\{0507EEDE-3AE7-49C7-BF37-0EB4A62D8638}\LocalServer32@ C:\Program Files\Google\Google Talk\googletalk.exe (Google Talk/Google)(2007-01-01 21:22:02)
Reg HKLM\SOFTWARE\Classes\CLSID\{0578DF30-4383-11D2-B91E-0060089F5C5D}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\Works Shared\aw.dll(2005-10-07 22:35:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{060B3E70-8001-11CE-8635-524153480000}\InprocServer32@ C:\WINDOWS\system32\DWSTG32.OCX (Storage ActiveX Control/Desaware Inc.)(2007-06-05 18:34:05)
Reg HKLM\SOFTWARE\Classes\CLSID\{064CB054-2518-474E-B2E8-200049528C42}\LocalServer32@ C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe (IDriverT Module/Macrovision Corporation)(2005-04-04 06:41:10)
Reg HKLM\SOFTWARE\Classes\CLSID\{08165EA0-E946-11CF-9C87-00AA005127ED}\InProcServer32@ C:\WINDOWS\system32\webcheck.dll (Web Site Monitor/Microsoft Corporation)(2004-08-10 18:51:28)
Reg HKLM\SOFTWARE\Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32@ C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Sun Microsystems, Inc.)(2008-08-28 20:56:30)
Reg HKLM\SOFTWARE\Classes\CLSID\{08A6AF6A-8FF2-4a3b-BECF-C2FAC8630BBF}@LocalizedString C:\Program Files\iTunes\iTunes.Resources\iTunesRegistry.dll (iTunes Resource Module/Apple Inc.)(2012-03-27 10:55:42)
Reg HKLM\SOFTWARE\Classes\CLSID\{08A6AF6A-8FF2-4a3b-BECF-C2FAC8630BBF}\InprocServer32@ C:\Program Files\iTunes\iTunesAdmin.dll (iTunes Administrative DLL/Apple Inc.)(2012-03-27 10:09:20)
Reg HKLM\SOFTWARE\Classes\CLSID\{0A25C695-3765-4B37-9455-4B1C113C2C04}\InprocServer32@ C:\Program Files\iTunes\iTunesOutlookAddIn.dll (iTunes Outlook Add-in/Apple Inc.)(2012-03-27 10:09:30)
Reg HKLM\SOFTWARE\Classes\CLSID\{0A2B1953-AC12-4815-98E9-9F3ACEEC14C4}\InprocServer32@ C:\Program Files\Common Files\Sonic Shared\Sonic Central\Audio\AudioPlugin.dll (Sonic Solutions)(2005-01-31 08:00:00)
Reg HKLM\SOFTWARE\Classes\CLSID\{0A9007AA-4076-11D3-8789-0000F8105754}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft® InfoTech Storage System Library/Microsoft Corporation)(2001-06-20 16:26:46)
Reg HKLM\SOFTWARE\Classes\CLSID\{0BAC5C34-DF45-4C0F-8D64-8E92DCCF007D}\InprocServer32@ C:\Program Files\Common Files\Sonic Shared\Sonic Central\Data\DataPlugin.dll (Sonic Solutions)(2005-02-04 08:00:00)
Reg HKLM\SOFTWARE\Classes\CLSID\{0C0A3666-30C9-11D0-8F20-00805F2CD064}\LocalServer32@ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Machine Debug Manager/Microsoft Corporation)(2006-10-26 19:40:34)
Reg HKLM\SOFTWARE\Classes\CLSID\{0C392235-EB18-41CC-8EAD-59B9A6D58DBF}\InprocServer32@ c:\program files\real\realplayer\rdsf3260.dll (Audio Filter Plugin/RealNetworks, Inc.)(2011-03-22 01:31:20)
Reg HKLM\SOFTWARE\Classes\CLSID\{0CD18583-8805-11D2-BD0E-00C04F72DBBC}\LocalServer32@ C:\Program Files\Microsoft Works\wkgdcach.exe (Microsoft® Works Font Cache/Microsoft® Corporation)(2005-08-18 11:08:59)
Reg HKLM\SOFTWARE\Classes\CLSID\{0dabacb1-1a16-4082-a610-3d0b3a2a94fc}\InprocServer32@ C:\Program Files\Winamp\Plugins\cddbuiwinamp.dll (CDDBUIControl Module (Winamp5)/Gracenote)(2005-09-14 19:17:44)
Reg HKLM\SOFTWARE\Classes\CLSID\{0ECA5543-A97A-40AE-B3BE-ED4B64D16EC2}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\Picture It!\PIDav.dll (PIDav Module/Microsoft Corporation)(2005-04-22 09:17:54)
Reg HKLM\SOFTWARE\Classes\CLSID\{0FDF6D6B-D672-463B-846E-C6FF49109662}\InprocServer32@ C:\WINDOWS\system32\rmoc3260.dll (Real Player(tm) ActiveX Control/RealNetworks, Inc.)(2011-03-22 01:31:37)
Reg HKLM\SOFTWARE\Classes\CLSID\{0FF3639A-8A82-11d2-B46F-FA00AD000000}\InprocServer32@ C:\Program Files\Microsoft Works\wkwpac.dll (Microsoft® Works Word Proc. App Control/Microsoft® Corporation)(2005-08-22 19:25:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{10020100-E260-11CF-AE68-00AA004A34D5}\InprocServer32@ c:\Program Files\Microsoft SQL Server\80\Tools\binn\SQLDMO.DLL (Distributed Management Objects OLE DLL for SQL Enterprise Manager/Microsoft Corporation)(2008-08-11 16:49:38)
Reg HKLM\SOFTWARE\Classes\CLSID\{10072CEC-8CC1-11D1-986E-00A0C955B42E}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll (Microsoft Vector Graphics Rendering(VML)/Microsoft Corporation)(2004-08-10 19:02:30)
Reg HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211181104}\InprocServer32@ C:\Program Files\Coupon Companion Plugin\Coupon Companion Plugin.dll (Coupon Companion Plugin BHO/215 Apps)(2013-01-28 17:45:44)
Reg HKLM\SOFTWARE\Classes\CLSID\{119FA07A-79F0-41FC-99F8-B14151E63EDC}\LocalServer32@ C:\PROGRA~1\Intel\PROSET~1\NCS\WMIProv\8023\CDM\NcsDiag.exe (NIC_CDM_Prov Module/Intel(R) Corporation)(2004-02-17 17:01:04)
Reg HKLM\SOFTWARE\Classes\CLSID\{1397D36A-D960-4a1a-A02B-D7496833C953}\InprocServer32@ C:\Program Files\Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll (Client Agent/Microsoft Corporation)(2006-12-22 04:05:48)
Reg HKLM\SOFTWARE\Classes\CLSID\{14E86BCC-F492-4FED-B108-597E0D22189B}\InprocServer32@ C:\Program Files\Dell\Media Experience\AudioPlayer.dll (SonicAudioPlayer.dll/Sonic Solutions)(2005-01-27 07:02:00)
Reg HKLM\SOFTWARE\Classes\CLSID\{17ADAC6D-E798-11D2-BA25-00C04F72DABA}\InprocServer32@ C:\Program Files\Microsoft Works\wkwzmrg.DLL (Microsoft® Works Merge Wizard/Microsoft® Corporation)(2005-08-18 11:37:59)
Reg HKLM\SOFTWARE\Classes\CLSID\{1ACF39C8-83F0-11D2-BA0F-00C04F72DABA}\InprocServer32@ C:\Program Files\Microsoft Works\wkwztmpl.dll (Microsoft® Works Template Wizard/Microsoft® Corporation)(2005-08-18 11:39:14)
Reg HKLM\SOFTWARE\Classes\CLSID\{1B5959D0-2358-453D-B3FC-6F64632712E5}\InprocServer32@ C:\Program Files\Microsoft Digital Image 2006\stv.dll (STV Module/Microsoft Corporation)(2005-04-22 09:18:34)
Reg HKLM\SOFTWARE\Classes\CLSID\{1BBA3DC2-F2E4-11D0-901E-0020AF7543C2}\InprocServer32@ C:\WINDOWS\system32\fximg50g.ocx (FXTools Gold ActiveX Image Control/Pegasus Software LLC)(2009-07-18 03:01:17)
Reg HKLM\SOFTWARE\Classes\CLSID\{1DBDFE75-A07C-4E0B-B38B-527BFA12CF0C}\InProcServer32@ C:\Program Files\QuickTime\QTSystem\ExportControllerPS.dll (Export Controller PS/Apple Inc.)(2011-07-05 23:36:38)
Reg HKLM\SOFTWARE\Classes\CLSID\{2018C303-E3F2-4455-AA1A-773F84F10902}\InprocServer32@ C:\Program Files\Yahoo!\Shared\YbSkinSelect.dll (Yahoo! Skin Selection Object/Yahoo! Inc.)(2006-01-12 19:13:28)
Reg HKLM\SOFTWARE\Classes\CLSID\{2089ADC0-BE09-11CE-AAE4-CE6AC0F06E88}\InprocServer32@ C:\WINDOWS\system32\VSFLEX3.OCX (vsFlex3 ActiveX Controls/VideoSoft)(1999-01-05 23:30:02)
Reg HKLM\SOFTWARE\Classes\CLSID\{22C1CF92-C8B7-4AEF-8906-1812F7327221}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\Works Shared\numfmt80.dll (Microsoft® Works Number Format Filter/Microsoft® Corporation)(2005-08-18 11:13:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{22D84EC7-E201-4432-B3ED-A9DCA3604594}\LocalServer32@
Subject: GMER log pt. I
Posted: 06 April 2013 at 4:00am
Here is the first portion of what resulted after my first scan with GMER 2.1. As you can guess, I'm completely ignorant of how this works but I'm pretty sure I have a rootkit problem and TDSSKiller couldn't solve it. If anyone can advise me as to how to get rid of the issue I would greatly appreciate it.
thanks
GMER 2.1.19163 - http://www.gmer.net
3rd party scan 2013-04-05 21:49:36
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST380011A rev.8.16 74.51GB
Running: 38vun6h0.exe; Driver: C:\DOCUME~1\Andy\LOCALS~1\Temp\pgldqpoc.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS ZwClose [0xEF900CF0]
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\.NETFramework\PendingUpdates\v1.1.4322\NI@ C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen.exe (Microsoft Common Language Runtime native compiler/Microsoft Corporation)(2003-02-21 01:09:46)
Reg HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}@StubPath C:\WINDOWS\system32\ieudinit.exe (IE Per User Active Setup Uninstall Utility/Microsoft Corporation)(2009-03-08 09:32:52)
Reg HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}@KeyFileName C:\Program Files\Java\jre6\bin\regutils.dll (Java(TM) Platform SE binary/Sun Microsystems, Inc.)(2009-03-09 10:46:18)
Reg HKLM\SOFTWARE\Microsoft\ASP.NET\1.1.4322.0@DllFullPath C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll (aspnet_isapi.lib/Microsoft Corporation)(2012-10-10 00:27:00)
---- Kernel code sections - GMER 2.1 ----
init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF7EEBF80]
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{D41E4F1D-A407-11D1-8BC9-00C04FA30A41}@$DLL C:\WINDOWS\system32\corpol.dll (Microsoft COM Runtime Execution Engine/Microsoft Corporation)(2004-08-10 18:50:55)
Reg HKLM\SOFTWARE\Microsoft\Jet\3.5\Engines\Jet 2.x@win32 C:\WINDOWS\system32\msrd2x35.dll (Microsoft (R) Red ISAM/Microsoft Corporation)(2006-02-26 18:39:22)
Reg HKLM\SOFTWARE\Microsoft\Jet\3.5\Engines\Text@win32 C:\WINDOWS\system32\mstext35.dll (Microsoft Jet Text Isam/Microsoft Corporation)(2006-02-26 18:39:22)
Reg HKLM\SOFTWARE\Microsoft\MediaPlayer\Player\Extensions\MUIDescriptions@6 C:\WINDOWS\system32\DivXWMPExtType.dll(2008-09-19 21:54:18)
Reg HKLM\SOFTWARE\Microsoft\MMC\SnapIns\{1270e004-f895-42be-8070-df90d60cbb75}@NameStringIndirect C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscormmc.dll (Microsoft .NET Runtime Execution Engine Starter for MMC/Microsoft Corporation)(2003-02-21 00:43:52)
Reg HKLM\SOFTWARE\Microsoft\MMC\SnapIns\{D524927D-6C08-46BF-86AF-391534D779D3}@NameStringIndirect C:\WINDOWS\system32\ieaksie.dll (Internet Explorer Snap-in Extension to Group Policy/Microsoft Corporation)(2004-08-10 18:51:09)
Reg HKLM\SOFTWARE\Microsoft\Picture It!\11.0\Setup@EXE_PATH C:\Program Files\Microsoft Digital Image 2006\pi.exe (Microsoft Digital Image 2006 Editor/Microsoft Corporation)(2005-04-22 09:14:53)
Reg HKLM\SOFTWARE\Microsoft\Picture It!\Integration\ACQUIREV11APP@EXE Path C:\Program Files\Microsoft Digital Image 2006\imprtwiz.exe (Import Pictures Wizard/Microsoft Corporation)(2005-04-22 09:17:40)
Reg HKLM\SOFTWARE\Microsoft\Picture It!\Integration\PODV11@EXE Path C:\Program Files\Microsoft Digital Image 2006\Pod.exe (Microsoft Digital Image 2006 Library/Microsoft Corporation)(2005-04-22 09:09:45)
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk@command C:\PROGRA~1\DIGITA~1\DLG.exe (Digital Line Detection/BVRP Software)(2005-12-15 21:18:01)
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^dlbcserv.lnk@command C:\PROGRA~1\DELLPH~1\dlbcserv.exe(2006-01-10 03:35:21)
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSupport@command C:\Program Files\Dell Support\DSAgnt.exe (Dell Support/Gteko Ltd.)(2005-05-15 08:04:12)
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DMXLauncher@command C:\Program Files\Dell\Media Experience\DMXLauncher.exe(2005-01-27 07:02:00)
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 0150D2A0 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] kernel32.dll!lstrlenW + 43 7C809AEC 7 Bytes JMP 0185E7E6 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] kernel32.dll!MapViewOfFileEx + 6A 7C80B9A0 7 Bytes JMP 0185E7C3 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] kernel32.dll!ValidateLocale + B1C8 7C8449C8 7 Bytes JMP 01522245 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] GDI32.dll!SetDIBitsToDevice + 20A 77F19E14 7 Bytes JMP 0185E744 C:\Program Files\Mozilla Firefox\xul.dll
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer@command C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (System settings protector/Safer-Networking Ltd.)(2006-01-26 00:18:58)
Reg HKLM\SOFTWARE\Microsoft\Shared Tools\Text Converters\Export\MSWord6RTFExp@Path C:\Program Files\Common Files\Microsoft Shared\Textconv\wrd6er32.cnv (Word 97-2000 & 6.0/95 - RTF Export Converter/Microsoft Corporation)(2003-11-21 23:12:04)
---- User IAT/EAT - GMER 2.1 ----
IAT C:\WINDOWS\system32\services.exe[764] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS\system32\services.exe[764] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Updates\.NETFramework\1.1\M2698023@UninstallCommand C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe(2009-06-25 00:56:06)
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759\Filelist\10@FileName C:\WINDOWS\system32\inseng.dll (Install engine/Microsoft Corporation)(2004-08-10 18:51:09)
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759\Filelist\12@FileName C:\WINDOWS\system32\dxtrans.dll (DirectX Media -- DirectX Transform Core/Microsoft Corporation)(2004-08-10 18:51:06)
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759\Filelist\13@FileName C:\WINDOWS\system32\dxtmsft.dll (DirectX Media -- Image DirectX Transforms/Microsoft Corporation)(2004-08-10 18:51:06)
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759\Filelist\24@FileName C:\WINDOWS\system32\pngfilt.dll (IE PNG plugin image decoder/Microsoft Corporation)(2004-08-10 18:51:20)
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759\Filelist\26@FileName C:\WINDOWS\system32\msrating.dll (Internet Ratings and Local User Management DLL/Microsoft Corporation)(2004-08-10 18:51:15)
Reg HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978706\Filelist\0@FileName C:\Documents and Settings\Andy\Desktop\mspaint.exe (Paint/Microsoft Corporation)(2011-02-02 22:54:42)
Reg HKLM\SOFTWARE\Microsoft\WAB\Import\Works@DLL C:\Program Files\Microsoft Works\wkabstub.dll (Microsoft® Works Address Book Addin/Microsoft® Corporation)(2005-08-18 11:44:32)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\CameraLauncher.exe@ C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\CameraLauncher.exe (Canon Utilities CameraWindow/CANON INC.)(2010-03-18 19:18:50)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DLG.exe@ C:\Program Files\Digital Line Detect\DLG.exe (Digital Line Detection/BVRP Software)(2005-12-15 21:18:01)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DMX.exe@ C:\Program Files\Dell\Media Experience\DMX.exe (Dell Multimedia Experience/ )(2005-01-27 07:02:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FLVPlayer.exe@ C:\Program Files\FLV Player\FLVPlayer.exe(2008-10-16 13:50:42)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe@ C:\Program Files\Trend Micro\HijackThis\hijackthis.exe (HijackThis/Trend Micro Inc.)(2010-06-10 18:25:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\iTunes.exe@ C:\Program Files\iTunes\iTunes.exe (iTunes/Apple Inc.)(2012-03-27 10:09:16)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MediaHub.exe@ C:\Program Files\Common Files\Sonic Shared\Sonic Central\Main\Mediahub.exe(2005-02-11 08:00:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MoviePlayer.exe@ C:\PROGRA~1\QUICKT~1\MoviePlayer.exe (MoviePlayer Application/Apple Computer, Inc.)(2009-07-18 03:06:10)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\msworks.exe@ C:\Program Files\Microsoft Works\msworks.exe (Microsoft® Works/Microsoft® Corporation)(2005-08-22 19:36:29)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PictureViewer.exe@ C:\Program Files\QuickTime\PictureViewer.exe (PictureViewer/Apple Inc.)(2011-07-05 23:36:36)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PowerDVD.exe@ C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe (CyberLink PowerDVD Main Program/CyberLink Corp.)(2005-12-15 21:18:14)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\QuickTimePlayer.exe@ C:\Program Files\QuickTime\QuickTimePlayer.exe (QuickTime Player/Apple Inc.)(2011-07-06 00:13:08)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\RealPlay.exe@ c:\program files\real\realplayer\realplay.exe (RealPlayer/RealNetworks, Inc.)(2011-03-22 01:31:13)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\RealUpgrade.exe@ C:\Program Files\Real\RealUpgrade\RealUpgrade.exe (RealUpgrade Launcher/RealNetworks, Inc.)(2011-01-24 19:25:36)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\rnxproc.exe@ c:\program files\real\realplayer\Update\rnxproc.exe (RNX file processor/RealNetworks, Inc.)(2011-03-22 01:31:08)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\sbase.exe@ C:\Program Files\OpenOffice.org 3\program\sbase.exe(2008-09-20 00:32:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\scalc.exe@ C:\Program Files\OpenOffice.org 3\program\scalc.exe(2008-09-20 00:32:32)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\sdraw.exe@ C:\Program Files\OpenOffice.org 3\program\sdraw.exe(2008-09-20 00:32:34)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\simpress.exe@ C:\Program Files\OpenOffice.org 3\program\simpress.exe(2008-09-20 00:32:38)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smath.exe@ C:\Program Files\OpenOffice.org 3\program\smath.exe(2008-09-20 00:32:40)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\soffice.exe@ C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org 3.0/OpenOffice.org)(2008-09-30 23:46:12)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\swriter.exe@ C:\Program Files\OpenOffice.org 3\program\swriter.exe(2008-09-20 00:32:28)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\unopkg.exe@ C:\Program Files\OpenOffice.org 3\program\unopkg.exe(2008-09-20 00:40:46)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe@ C:\Program Files\WinRAR\WinRAR.exe(2007-03-13 04:51:26)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WKPLMSTP.EXE@ C:\Program Files\Microsoft Works\wkplmstp.exe (setup/Microsoft Corporation)(2005-08-18 11:41:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WKSAB.EXE@ C:\Program Files\Microsoft Works\WKSAB.exe (Microsoft® Works Address Book/Microsoft® Corporation)(2005-08-18 11:44:29)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wkscal.exe@ C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkscal.exe (Microsoft® Works Calendar/Microsoft® Corporation)(2005-08-18 11:31:40)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wksdb.exe@ C:\Program Files\Microsoft Works\wksdb.exe (Microsoft® Works Database/Microsoft® Corporation)(2005-08-18 11:44:45)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WKSSB.EXE@ C:\Program Files\Microsoft Works\WKSSB.exe (Microsoft® Works PortFolio/Microsoft® Corporation)(2005-08-18 11:41:58)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wksss.exe@ C:\Program Files\Microsoft Works\wksss.exe (Microsoft® Works Spreadsheet/Microsoft® Corporation)(2005-08-18 11:42:47)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wkswp.exe@ C:\Program Files\Microsoft Works\wkswp.exe (Microsoft® Works Word Processor/Microsoft® Corporation)(2005-08-18 11:13:48)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WKWCESTP.EXE@ C:\Program Files\Microsoft Works\wkwcestp.exe(2005-08-18 11:41:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WKWDSTUB.EXE@ C:\Program Files\Microsoft Works\WKWDSTUB.exe (Microsoft® Works Word Stub/Microsoft® Corporation)(2005-10-07 22:43:12)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls@QuickTime C:\Program Files\QuickTime\QTSystem\QuickTime.cpl (QuickTime Control Panel/Apple Inc.)(2011-07-06 00:08:14)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\SonicSCAudioCDTask@Action C:\Program Files\Common Files\Sonic Shared\Sonic Central\Audio\MainrENU.dll (Language resources - Dynamic Link Library/Sonic Solutions)(2005-01-31 08:00:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\SonicSCCopyCD@DefaultIcon C:\Program Files\Common Files\Sonic Shared\Sonic Central\Copy\MainrENU.dll (Language resources - Dynamic Link Library/Sonic Solutions)(2005-01-31 08:00:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\SonicSCDataProject@Action C:\Program Files\Common Files\Sonic Shared\Sonic Central\Data\MainrENU.dll (Language resources - Dynamic Link Library/Sonic Solutions)(2005-02-04 08:00:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VxDlaCdOnArrival@DefaultIcon C:\Program Files\Sonic\DLA\install\tfswcmd.exe (Drive Letter Access Component/Sonic Solutions)(2004-12-06 07:05:00)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\WinampMTPHandler@DefaultIcon C:\Program Files\Winamp\winamp.exe (Winamp/Nullsoft)(2006-03-10 17:47:08)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\Files\0@ C:\WINDOWS\system32\msxml4r.dll (MSXML 4.0 SP1 Resources/Microsoft Corporation)(2003-04-18 16:29:26)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PatchedComponents@{7B289966-1196-B7E9-B06B-D6B9ABF34537} c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9839.0_x-ww_ed80bd5c\msxml4.dll (MSXML 4.0 SP 2/Microsoft Corporation)(2006-09-12 22:53:32)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PatchedComponents@{7B2FCEFF-0F22-B7E1-B06B-D6B9ABF34537} c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll (MSXML 4.0 SP 2/Microsoft Corporation)(2006-11-04 20:17:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PatchedComponents@{7B298060-1128-B7E8-B06B-D6B9ABF34537} c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll (MSXML 4.0 SP 2/Microsoft Corporation)(2007-05-08 20:06:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PatchedComponents@{9BFFB8F8-F55F-10B2-B01F-C8B3B9A1E18E} C:\WINDOWS\winsxs\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll (Microsoft® C Runtime Library/Microsoft Corporation)(2007-08-23 05:18:08)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1@UninstallString C:\Program Files\Advanced System Protector\unins000.exe(2013-02-04 19:32:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CAL@DisplayIcon C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Camera Access Library 8/Canon Inc.)(2009-09-08 22:25:52)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CameraWindowDC8@DisplayIcon C:\Program Files\Canon\CameraWindow\CameraWindowDC8\CameraWindowDC8.exe (Canon Utilities CameraWindow DC/CANON INC.)(2010-06-03 19:10:38)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CleanUp!@UninstallString C:\Program Files\CleanUp!\uninstall.exe(2005-04-09 20:03:20)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Companion Plugin@DisplayIcon C:\Program Files\Coupon Companion Plugin\Uninstall.exe (Coupon Companion Plugin Installer/215 Apps)(2013-01-28 17:45:47)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dell Digital Jukebox Driver@UninstallString C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe(2005-12-15 21:27:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dell Digital Jukebox Driver@UnwiseLog C:\WINDOWS\UNWISE.EXE(2005-12-15 21:27:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dell Digital Jukebox Driver@DisplayIcon C:\Program Files\Dell\Digital Jukebox Drivers\CtDrvStp.exe (Creative Driver Setup/Creative Technology Ltd.)(2005-12-15 21:27:02)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dell Photo Printer 720 Logger@UninstallPath C:\Program Files\Dell Photo Printer 720\dlbcunst.exe(2006-01-10 03:35:21)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player@UninstallString C:\Program Files\FLV Player\uninst.exe(2009-07-20 03:40:38)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Macromedia Shockwave Player@UninstallString C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE(2005-12-15 21:32:25)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MavenAppMgr@DisplayIcon C:\Program Files\Common Files\Maven\Application Manager\appMgrAX.dll (Base service for Maven applications/Maven Networks, Inc.)(2006-06-21 23:51:05)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Interactive Training@UninstallString C:\WINDOWS\IsUninst.exe (InstallShield® unInstaller/InstallShield Software Corporation)(2004-08-10 19:12:03)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService@UninstallString C:\Program Files\Mozilla Maintenance Service\uninstall.exe (Mozilla Maintenance Service Installer/Mozilla Corporation)(2012-05-21 14:54:09)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyCamera@DisplayIcon C:\Program Files\Canon\CameraWindow\MyCamera\MyCamera.exe (Canon Utilities MyCamera/CANON INC.)(2010-04-15 19:05:36)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PictureItPrem_v11@UninstallString C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe (Digital Image Module/Microsoft Corporation)(2005-04-22 09:14:38)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PocketRAR@UninstallString C:\Program Files\PocketRAR\uninstall.exe(2009-07-20 01:50:39)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime 3.0@UninstallString C:\WINDOWS\uninst.exe (InstallShield unInstaller /InstallShield Corporation, Inc.)(2007-06-05 18:33:29)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 12.0@UninstallString c:\program files\real\realplayer\Update\r1puninst.exe (Uninstaller Shell executable/RealNetworks, Inc.)(2011-03-22 01:31:05)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spybot - Search & Destroy_is1@UninstallString C:\Program Files\Spybot - Search & Destroy\unins000.exe(2006-01-26 00:18:58)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebCyberCoach_wtrb@DisplayIcon C:\Program Files\WebCyberCoach\b_Dell\tranplug.exe (GTek Technologies Ltd.)(2005-12-15 21:24:32)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebCyberCoach_wtrb@UninstallString C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe (WebCyberCoach Uninstaller/Gteko Ltd.)(2005-12-15 21:24:32)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp@UninstallString C:\Program Files\Winamp\UninstWA.exe (Winamp Installer/Nullsoft, Inc.)(2006-01-19 21:09:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver@UninstallString C:\Program Files\WinRAR\uninstall.exe(2007-03-13 04:51:26)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Works2006Setup@UninstallString C:\Program Files\Microsoft Works Suite 2006\Setup\Launcher.exe (Microsoft® Works Suite Setup Launcher/Microsoft® Corporation)(2005-12-15 21:29:46)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Extras@UninstallString C:\Program Files\Yahoo!\Common\unin_yextras.exe (Yahoo! Browser Services Setup/Yahoo! Inc.)(2008-02-14 06:04:41)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Messenger@UninstallString C:\Program Files\Yahoo!\Messenger\UNWISE.EXE(2006-01-12 19:13:35)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk@UninstallString C:\Program Files\Google\Google Talk\uninstall.exe(2009-12-28 03:20:42)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}@DisplayIcon C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2006-02-03 03:23:09)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150080}@DisplayIcon C:\Program Files\Java\jre1.5.0_08\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2006-08-25 00:33:03)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}@DisplayIcon C:\Program Files\Java\jre1.5.0_11\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2007-03-29 16:10:15)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}@DisplayIcon C:\Program Files\Java\jre1.6.0_01\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2007-05-31 23:05:50)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}@DisplayIcon C:\Program Files\Java\jre1.6.0_02\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2007-08-03 23:03:51)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}@DisplayIcon C:\Program Files\Java\jre1.6.0_03\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2007-10-27 16:55:49)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}@DisplayIcon C:\Program Files\Java\jre1.6.0_05\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2008-05-03 04:20:52)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160070}@DisplayIcon C:\Program Files\Java\jre1.6.0_07\bin\javaws.exe (Java(TM) Web Start Launcher/Sun Microsystems, Inc.)(2008-11-12 00:26:14)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7585478E9D9B42108671C12F8714CEFE}@DisplayIcon C:\Program Files\DivX\DivX Converter\Converter.exe (DivX Converter Application/DivX, Inc.)(2008-09-19 21:54:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7585478E9D9B42108671C12F8714CEFE}@UninstallString C:\Program Files\DivX\DivXConverterUninstall.exe (DivX for Windows Installer, L:EN;ES;DE;FR;JA, DivX Codec 6.8.5, DivX Converter 6.6.1, DivX Player 6.8.2, DivX Web Player 1.4.2/DivX, Inc.)(2008-11-22 10:12:36)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}@DisplayIcon C:\Program Files\DivX\DivX Codec\config.exe (config/DivXNetworks Inc.)(2008-09-19 21:54:18)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7F142D56-3326-11D5-B229-002078017FBF}@DisplayIcon C:\Program Files\Modem Helper\MDM_Util.exe(2005-12-15 21:17:54)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8ADFC4160D694100B5B8A22DE9DCABD9}@DisplayIcon C:\Program Files\DivX\DivX Player\DivX Player.exe (DivX Player/DivX, Inc)(2008-09-19 21:55:18)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8ADFC4160D694100B5B8A22DE9DCABD9}@UninstallString C:\Program Files\DivX\DivXPlayerUninstall.exe (DivX for Windows Installer, L:EN;ES;DE;FR;JA, DivX Codec 6.8.5, DivX Converter 6.6.1, DivX Player 6.8.2, DivX Web Player 1.4.2/DivX, Inc.)(2008-11-22 10:12:52)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7050CBDB2504B34BC2A9CA0A692CC29}@DisplayIcon C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX Web Player version 1.4.2.7/DivX,Inc.)(2008-10-17 18:29:52)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7050CBDB2504B34BC2A9CA0A692CC29}@UninstallString C:\Program Files\DivX\DivXWebPlayerUninstall.exe (DivX for Windows Installer, L:EN;ES;DE;FR;JA, DivX Codec 6.8.5, DivX Converter 6.6.1, DivX Player 6.8.2, DivX Web Player 1.4.2/DivX, Inc.)(2008-11-22 10:12:56)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}@DisplayIcon C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware Application/SUPERAntiSpyware.com)(2010-05-18 17:26:23)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}@UninstallString C:\Program Files\SUPERAntiSpyware\SASUNINST.EXE (SUPERAntiSpyware Application UnInstaller/SUPERAntiSpyware.com)(2010-04-13 18:05:15)
Reg HKLM\SOFTWARE\Microsoft\Windows CE Services\Services\Synchronization\Objects\WorksAppointments@DefaultIcon C:\Program Files\Microsoft Works\wkwcecal.dll(2005-08-18 11:42:12)
Reg HKLM\SOFTWARE\Microsoft\Windows CE Services\Services\Synchronization\Objects\WorksContacts@DefaultIcon C:\Program Files\Microsoft Works\wkwcewab.dll(2005-01-06 01:37:46)
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32@vidc.DIVX C:\WINDOWS\system32\DivX.dll (DivX/DivX, Inc.)(2008-10-28 22:35:56)
Reg HKLM\SOFTWARE\Classes\*\Shell\sdfiles\command@ C:\Program Files\Spybot - Search & Destroy\SDFiles.exe (Single file on-demand scanner/Safer Networking Limited)(2008-08-12 21:06:14)
Reg HKLM\SOFTWARE\Classes\CLSID\{00192F1E-2D33-4239-B00F-5DD54EBE3A7B}\InprocServer32@ C:\Program Files\Microsoft Works\sbox11.dll (Shoebox Module/Microsoft Corporation)(2005-07-12 10:13:36)
Reg HKLM\SOFTWARE\Classes\CLSID\{007474E7-1A02-46e1-AF4C-FD819A1E8D15}\InprocServer32@ C:\Program Files\DivX\DivX Common Filters\gzHF330.ddc (QuickTime Audio Decoder Filter/DivX, Inc.)(2008-09-19 21:57:38)
Reg HKLM\SOFTWARE\Classes\CLSID\{00CEDC01-864D-11D3-908D-00C0F03B3EDC}\InprocServer32@ c:\program files\real\realplayer\ierjplug.dll (ierjplug Module/RealNetworks, Inc.)(2011-03-22 01:32:34)
Reg HKLM\SOFTWARE\Classes\CLSID\{015BF83E-2A92-444B-B3A7-3D87785A1DBE}\InProcServer32@ C:\Program Files\Intel\PROSetWired\NCS\EAL\NE8023PS.dll(2004-01-29 00:36:06)
Reg HKLM\SOFTWARE\Classes\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\InprocServer32@ C:\Program Files\QuickTime\QTPlugin.ocx (The QuickTime Control allows you to view a wide variety of multimedia content in web pages./Apple Inc.)(2011-07-06 00:13:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{031AC65B-95ED-45E9-9BEA-C4532B2CAA42}\InprocServer32@ C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\PxWrap.dll (Sonic Solutions)(2005-02-02 08:00:00)
Reg HKLM\SOFTWARE\Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\LocalServer32@ C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe (InstallShield Update Service Agent/Macrovision Corporation)(2005-06-10 16:44:02)
Reg HKLM\SOFTWARE\Classes\CLSID\{03960C2A-9AF8-43C4-8956-F1E3F179AF2B}\InprocServer32@ C:\Program Files\CyberLink\PowerDVD\CLAlbumArt.dll(2005-12-15 21:18:17)
Reg HKLM\SOFTWARE\Classes\CLSID\{03A314FF-5E14-48B6-BACD-A34DA6BEA5C2}\InprocServer32@ C:\Program Files\Microsoft Digital Image 2006\sbox.dll (Shoebox Module/Microsoft Corporation)(2005-04-22 09:18:32)
Reg HKLM\SOFTWARE\Classes\CLSID\{04CCE2FF-A7D3-11D0-B436-00A0244A1DD2}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\pdm.dll (Process Debug Manager/Microsoft Corporation)(2006-10-26 19:40:34)
Reg HKLM\SOFTWARE\Classes\CLSID\{0507EEDE-3AE7-49C7-BF37-0EB4A62D8638}\LocalServer32@ C:\Program Files\Google\Google Talk\googletalk.exe (Google Talk/Google)(2007-01-01 21:22:02)
Reg HKLM\SOFTWARE\Classes\CLSID\{0578DF30-4383-11D2-B91E-0060089F5C5D}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\Works Shared\aw.dll(2005-10-07 22:35:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{060B3E70-8001-11CE-8635-524153480000}\InprocServer32@ C:\WINDOWS\system32\DWSTG32.OCX (Storage ActiveX Control/Desaware Inc.)(2007-06-05 18:34:05)
Reg HKLM\SOFTWARE\Classes\CLSID\{064CB054-2518-474E-B2E8-200049528C42}\LocalServer32@ C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe (IDriverT Module/Macrovision Corporation)(2005-04-04 06:41:10)
Reg HKLM\SOFTWARE\Classes\CLSID\{08165EA0-E946-11CF-9C87-00AA005127ED}\InProcServer32@ C:\WINDOWS\system32\webcheck.dll (Web Site Monitor/Microsoft Corporation)(2004-08-10 18:51:28)
Reg HKLM\SOFTWARE\Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32@ C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Sun Microsystems, Inc.)(2008-08-28 20:56:30)
Reg HKLM\SOFTWARE\Classes\CLSID\{08A6AF6A-8FF2-4a3b-BECF-C2FAC8630BBF}@LocalizedString C:\Program Files\iTunes\iTunes.Resources\iTunesRegistry.dll (iTunes Resource Module/Apple Inc.)(2012-03-27 10:55:42)
Reg HKLM\SOFTWARE\Classes\CLSID\{08A6AF6A-8FF2-4a3b-BECF-C2FAC8630BBF}\InprocServer32@ C:\Program Files\iTunes\iTunesAdmin.dll (iTunes Administrative DLL/Apple Inc.)(2012-03-27 10:09:20)
Reg HKLM\SOFTWARE\Classes\CLSID\{0A25C695-3765-4B37-9455-4B1C113C2C04}\InprocServer32@ C:\Program Files\iTunes\iTunesOutlookAddIn.dll (iTunes Outlook Add-in/Apple Inc.)(2012-03-27 10:09:30)
Reg HKLM\SOFTWARE\Classes\CLSID\{0A2B1953-AC12-4815-98E9-9F3ACEEC14C4}\InprocServer32@ C:\Program Files\Common Files\Sonic Shared\Sonic Central\Audio\AudioPlugin.dll (Sonic Solutions)(2005-01-31 08:00:00)
Reg HKLM\SOFTWARE\Classes\CLSID\{0A9007AA-4076-11D3-8789-0000F8105754}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft® InfoTech Storage System Library/Microsoft Corporation)(2001-06-20 16:26:46)
Reg HKLM\SOFTWARE\Classes\CLSID\{0BAC5C34-DF45-4C0F-8D64-8E92DCCF007D}\InprocServer32@ C:\Program Files\Common Files\Sonic Shared\Sonic Central\Data\DataPlugin.dll (Sonic Solutions)(2005-02-04 08:00:00)
Reg HKLM\SOFTWARE\Classes\CLSID\{0C0A3666-30C9-11D0-8F20-00805F2CD064}\LocalServer32@ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Machine Debug Manager/Microsoft Corporation)(2006-10-26 19:40:34)
Reg HKLM\SOFTWARE\Classes\CLSID\{0C392235-EB18-41CC-8EAD-59B9A6D58DBF}\InprocServer32@ c:\program files\real\realplayer\rdsf3260.dll (Audio Filter Plugin/RealNetworks, Inc.)(2011-03-22 01:31:20)
Reg HKLM\SOFTWARE\Classes\CLSID\{0CD18583-8805-11D2-BD0E-00C04F72DBBC}\LocalServer32@ C:\Program Files\Microsoft Works\wkgdcach.exe (Microsoft® Works Font Cache/Microsoft® Corporation)(2005-08-18 11:08:59)
Reg HKLM\SOFTWARE\Classes\CLSID\{0dabacb1-1a16-4082-a610-3d0b3a2a94fc}\InprocServer32@ C:\Program Files\Winamp\Plugins\cddbuiwinamp.dll (CDDBUIControl Module (Winamp5)/Gracenote)(2005-09-14 19:17:44)
Reg HKLM\SOFTWARE\Classes\CLSID\{0ECA5543-A97A-40AE-B3BE-ED4B64D16EC2}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\Picture It!\PIDav.dll (PIDav Module/Microsoft Corporation)(2005-04-22 09:17:54)
Reg HKLM\SOFTWARE\Classes\CLSID\{0FDF6D6B-D672-463B-846E-C6FF49109662}\InprocServer32@ C:\WINDOWS\system32\rmoc3260.dll (Real Player(tm) ActiveX Control/RealNetworks, Inc.)(2011-03-22 01:31:37)
Reg HKLM\SOFTWARE\Classes\CLSID\{0FF3639A-8A82-11d2-B46F-FA00AD000000}\InprocServer32@ C:\Program Files\Microsoft Works\wkwpac.dll (Microsoft® Works Word Proc. App Control/Microsoft® Corporation)(2005-08-22 19:25:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{10020100-E260-11CF-AE68-00AA004A34D5}\InprocServer32@ c:\Program Files\Microsoft SQL Server\80\Tools\binn\SQLDMO.DLL (Distributed Management Objects OLE DLL for SQL Enterprise Manager/Microsoft Corporation)(2008-08-11 16:49:38)
Reg HKLM\SOFTWARE\Classes\CLSID\{10072CEC-8CC1-11D1-986E-00A0C955B42E}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll (Microsoft Vector Graphics Rendering(VML)/Microsoft Corporation)(2004-08-10 19:02:30)
Reg HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211181104}\InprocServer32@ C:\Program Files\Coupon Companion Plugin\Coupon Companion Plugin.dll (Coupon Companion Plugin BHO/215 Apps)(2013-01-28 17:45:44)
Reg HKLM\SOFTWARE\Classes\CLSID\{119FA07A-79F0-41FC-99F8-B14151E63EDC}\LocalServer32@ C:\PROGRA~1\Intel\PROSET~1\NCS\WMIProv\8023\CDM\NcsDiag.exe (NIC_CDM_Prov Module/Intel(R) Corporation)(2004-02-17 17:01:04)
Reg HKLM\SOFTWARE\Classes\CLSID\{1397D36A-D960-4a1a-A02B-D7496833C953}\InprocServer32@ C:\Program Files\Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll (Client Agent/Microsoft Corporation)(2006-12-22 04:05:48)
Reg HKLM\SOFTWARE\Classes\CLSID\{14E86BCC-F492-4FED-B108-597E0D22189B}\InprocServer32@ C:\Program Files\Dell\Media Experience\AudioPlayer.dll (SonicAudioPlayer.dll/Sonic Solutions)(2005-01-27 07:02:00)
Reg HKLM\SOFTWARE\Classes\CLSID\{17ADAC6D-E798-11D2-BA25-00C04F72DABA}\InprocServer32@ C:\Program Files\Microsoft Works\wkwzmrg.DLL (Microsoft® Works Merge Wizard/Microsoft® Corporation)(2005-08-18 11:37:59)
Reg HKLM\SOFTWARE\Classes\CLSID\{1ACF39C8-83F0-11D2-BA0F-00C04F72DABA}\InprocServer32@ C:\Program Files\Microsoft Works\wkwztmpl.dll (Microsoft® Works Template Wizard/Microsoft® Corporation)(2005-08-18 11:39:14)
Reg HKLM\SOFTWARE\Classes\CLSID\{1B5959D0-2358-453D-B3FC-6F64632712E5}\InprocServer32@ C:\Program Files\Microsoft Digital Image 2006\stv.dll (STV Module/Microsoft Corporation)(2005-04-22 09:18:34)
Reg HKLM\SOFTWARE\Classes\CLSID\{1BBA3DC2-F2E4-11D0-901E-0020AF7543C2}\InprocServer32@ C:\WINDOWS\system32\fximg50g.ocx (FXTools Gold ActiveX Image Control/Pegasus Software LLC)(2009-07-18 03:01:17)
Reg HKLM\SOFTWARE\Classes\CLSID\{1DBDFE75-A07C-4E0B-B38B-527BFA12CF0C}\InProcServer32@ C:\Program Files\QuickTime\QTSystem\ExportControllerPS.dll (Export Controller PS/Apple Inc.)(2011-07-05 23:36:38)
Reg HKLM\SOFTWARE\Classes\CLSID\{2018C303-E3F2-4455-AA1A-773F84F10902}\InprocServer32@ C:\Program Files\Yahoo!\Shared\YbSkinSelect.dll (Yahoo! Skin Selection Object/Yahoo! Inc.)(2006-01-12 19:13:28)
Reg HKLM\SOFTWARE\Classes\CLSID\{2089ADC0-BE09-11CE-AAE4-CE6AC0F06E88}\InprocServer32@ C:\WINDOWS\system32\VSFLEX3.OCX (vsFlex3 ActiveX Controls/VideoSoft)(1999-01-05 23:30:02)
Reg HKLM\SOFTWARE\Classes\CLSID\{22C1CF92-C8B7-4AEF-8906-1812F7327221}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\Works Shared\numfmt80.dll (Microsoft® Works Number Format Filter/Microsoft® Corporation)(2005-08-18 11:13:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{22D84EC7-E201-4432-B3ED-A9DCA3604594}\LocalServer32@