Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Unable to remove malware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unable to remove malware

Unread postby sammieC » January 4th, 2011, 7:08 am

Hi - I hope you can help - this is a problem with my mum's computer - but she doesn't know how to run these logs so I will be helping to get this sorted with your assistance..(hopefully)

She clicked on a link from a friend which seems to have downloaded a virus and now each time she logs on she gets a warning message c:\users\sylvia\appsata\microsoft\windows\temporaryinternetfiles\low\content.IE5\JM29RYBO\ZWINKY(1).exe

Here is the Hijack this log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:55:43, on 04/01/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
C:\windows\Explorer.EXE
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\windows\system32\conhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\sylvia\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... n=77cec8c3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/aurig ... 0614135629
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

--
End of file - 9182 bytes

2007 Microsoft Office system
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Reader 9.1
Alice Greenfingers
AnyPC Client
Atheros Client Installation Program
AVG 9.0
BatteryLifeExtender
Business Contact Manager for Outlook 2007 SP1
Business Contact Manager for Outlook 2007 SP1
CyberLink YouCam
CyberLink YouCam
Dairy Dash
Easy Display Manager
Easy Network Manager
Easy SpeedUp Manager
EasyBatteryManager
Farm Frenzy 2
Game Pack
Go-Go Gourmet
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Junk Mail filter update
LeapFrog Connect
LeapFrog Connect
LeapFrog My Pals Plugin
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Choice Guard
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
MSVCRT
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Samsung Recovery Solution 4
Samsung Support Center
Samsung Update Plus
SamsungMovie
Spybot - Search & Destroy
Synaptics Pointing Device Driver
Update for Microsoft Office Word 2007 (KB974631)
Update for Microsoft Office Word 2007 (KB974631)
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
User Guide
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer

Thankas
sammieC
Regular Member
 
Posts: 16
Joined: December 19th, 2010, 4:22 pm
Advertisement
Register to Remove

Re: Unable to remove malware

Unread postby askey127 » January 7th, 2011, 3:08 pm

Hi SammieC,
Zwinky is sleazy kid's program peddled by Ask.com.
AVG is an antvirus program with a useless toolbar peddled by .... Ask.com !
We will replace AVG with Antivir, remove Spybot (it interferes with corrections), and remove your obsolete Adobe Reader.
We will update Adobe Reader later.

Please do these tasks in the order given. Don't do any extra surfing until you successfully install Antivir.
Please don't install, remove, or scan with anything else unless I ask.
It may be helpful to print this out first.
-----------------------------------------------
Download Antivir Free
This program is free for personal, non-business use.
Download AntiVir Free from here : http://www.softpedia.com/get/Antivirus/AntiVir-Personal-Edition.shtml
Save the Installer to your desktop, but don't run it yet.
-----------------------------------------------------------
Remove Registry items with HighjackThis. Start HijackThis. (Right-click and "Run as administrator" in Win7)
Click Do System Scan Only. When the Scan is complete, Check the following entries:
(Some of these lines may be missing)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... n=77cec8c3
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
Click the "X" in the upper right corner of the HiJackThis window to close it.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:

Spybot - Search & Destroy
AVG 9.0
Adobe Reader 9.1

Take extra care in answering questions posed by any Uninstaller.
If the Spybot Uninstaller asks whether you want to remove all files and settings, answer YES. If it reports that it cannot remove all files, that's OK.
----------------------------------------------
Download and Run Temp File Cleaner (TFC.exe)
Download Temp File Cleaner and save it to your desktop.
Right click and choose Run as Administrator.
If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
When it's done, if it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
After Restart, log back in to your usual account.
-----------------------------------------------
Install Antivir
Double Click the Avira Antivir Installer on your desktop, (Right click and choose "Run as administrator" in Win7), and Install the program.
-----------------------------------------------
Update and Scan with Antivir
Right click the red umbrella icon and choose Start Antivir.
When the window comes up click Start Update.
When the update is complete, click on Scan System Now.
This full scan could take a hour or more. Have it fix anything it finds.
-----------------------------------------------
Get Last Avira Report
Right click the red umbrella icon in the system tray and click Start Antivir
In the left pane, click Overview, then click Reports
There wil be reports titled Update and reports titled Scan. Find the most recent report in the list titled Scan
Click on the Report File button, or Right click the report and choose Display Report.
The report contents will come up in Notepad. Highlight the entire report (Ctrl+A) and copy to the clipboard (Ctrl+C).
Paste the contents (Ctrl+V) into your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Unable to remove malware

Unread postby sammieC » January 8th, 2011, 8:54 am

Thanks - here is the Avira report



Avira AntiVir Personal
Report file date: 08 January 2011 12:28

Scanning for 2336006 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7
Windows version : (plain) [6.1.7600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : SYLVIA-PC

Version information:
BUILD.DAT : 10.0.0.609 31824 Bytes 13/12/2010 09:43:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 13/12/2010 08:39:56
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 13/12/2010 08:40:06
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 12:26:47
VBASE002.VDF : 7.11.0.1 2048 Bytes 14/12/2010 12:26:47
VBASE003.VDF : 7.11.0.2 2048 Bytes 14/12/2010 12:26:48
VBASE004.VDF : 7.11.0.3 2048 Bytes 14/12/2010 12:26:48
VBASE005.VDF : 7.11.0.4 2048 Bytes 14/12/2010 12:26:48
VBASE006.VDF : 7.11.0.5 2048 Bytes 14/12/2010 12:26:48
VBASE007.VDF : 7.11.0.6 2048 Bytes 14/12/2010 12:26:48
VBASE008.VDF : 7.11.0.7 2048 Bytes 14/12/2010 12:26:48
VBASE009.VDF : 7.11.0.8 2048 Bytes 14/12/2010 12:26:48
VBASE010.VDF : 7.11.0.9 2048 Bytes 14/12/2010 12:26:48
VBASE011.VDF : 7.11.0.10 2048 Bytes 14/12/2010 12:26:48
VBASE012.VDF : 7.11.0.11 2048 Bytes 14/12/2010 12:26:48
VBASE013.VDF : 7.11.0.52 128000 Bytes 16/12/2010 12:26:48
VBASE014.VDF : 7.11.0.91 226816 Bytes 20/12/2010 12:26:49
VBASE015.VDF : 7.11.0.122 136192 Bytes 21/12/2010 12:26:49
VBASE016.VDF : 7.11.0.156 122880 Bytes 24/12/2010 12:26:49
VBASE017.VDF : 7.11.0.185 146944 Bytes 27/12/2010 12:26:49
VBASE018.VDF : 7.11.0.228 132608 Bytes 30/12/2010 12:26:50
VBASE019.VDF : 7.11.1.5 148480 Bytes 03/01/2011 12:26:50
VBASE020.VDF : 7.11.1.37 156672 Bytes 07/01/2011 12:26:50
VBASE021.VDF : 7.11.1.38 2048 Bytes 07/01/2011 12:26:51
VBASE022.VDF : 7.11.1.39 2048 Bytes 07/01/2011 12:26:51
VBASE023.VDF : 7.11.1.40 2048 Bytes 07/01/2011 12:26:51
VBASE024.VDF : 7.11.1.41 2048 Bytes 07/01/2011 12:26:51
VBASE025.VDF : 7.11.1.42 2048 Bytes 07/01/2011 12:26:51
VBASE026.VDF : 7.11.1.43 2048 Bytes 07/01/2011 12:26:51
VBASE027.VDF : 7.11.1.44 2048 Bytes 07/01/2011 12:26:51
VBASE028.VDF : 7.11.1.45 2048 Bytes 07/01/2011 12:26:51
VBASE029.VDF : 7.11.1.46 2048 Bytes 07/01/2011 12:26:51
VBASE030.VDF : 7.11.1.47 2048 Bytes 07/01/2011 12:26:51
VBASE031.VDF : 7.11.1.57 58368 Bytes 07/01/2011 12:26:51
Engineversion : 8.2.4.140
AEVDF.DLL : 8.1.2.1 106868 Bytes 13/12/2010 08:39:51
AESCRIPT.DLL : 8.1.3.52 1282426 Bytes 08/01/2011 12:26:54
AESCN.DLL : 8.1.7.2 127349 Bytes 13/12/2010 08:39:50
AESBX.DLL : 8.1.3.2 254324 Bytes 13/12/2010 08:39:50
AERDL.DLL : 8.1.9.2 635252 Bytes 13/12/2010 08:39:50
AEPACK.DLL : 8.2.4.7 512375 Bytes 08/01/2011 12:26:54
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 13/12/2010 08:39:49
AEHEUR.DLL : 8.1.2.64 3154294 Bytes 08/01/2011 12:26:53
AEHELP.DLL : 8.1.16.0 246136 Bytes 13/12/2010 08:39:42
AEGEN.DLL : 8.1.5.1 397683 Bytes 08/01/2011 12:26:52
AEEMU.DLL : 8.1.3.0 393589 Bytes 13/12/2010 08:39:42
AECORE.DLL : 8.1.19.0 196984 Bytes 13/12/2010 08:39:41
AEBB.DLL : 8.1.1.0 53618 Bytes 13/12/2010 08:39:41
AVWINLL.DLL : 10.0.0.0 19304 Bytes 13/12/2010 08:39:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 13/12/2010 08:39:54
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 14:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 13/12/2010 08:39:54
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 13/12/2010 08:39:56
AVARKT.DLL : 10.0.22.6 231784 Bytes 13/12/2010 08:39:52
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 13/12/2010 08:39:53
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 14:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 13/12/2010 08:39:56
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 14:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 13/12/2010 08:40:20

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 08 January 2011 12:28

Starting search for hidden objects.
HKEY_USERS\S-1-5-21-1131658597-4005637612-88016806-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum\implementing
[NOTE] The registry entry is invisible.
HKEY_USERS\S-1-5-21-1131658597-4005637612-88016806-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts\c:\users\sylvia\appdata\roaming\microsoft\windows\start menu\programs\spybot - search & destroy\file shredder.lnk
[NOTE] The registry entry is invisible.
HKEY_USERS\S-1-5-21-1131658597-4005637612-88016806-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts\c:\programdata\microsoft\windows\start menu\programs\spybot - search & destroy\file shredder.lnk
[NOTE] The registry entry is invisible.
HKEY_USERS\S-1-5-21-1131658597-4005637612-88016806-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts\c:\users\sylvia\appdata\roaming\microsoft\windows\start menu\programs\spybot - search & destroy\update spybot-s&d.lnk
[NOTE] The registry entry is invisible.
HKEY_USERS\S-1-5-21-1131658597-4005637612-88016806-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts\c:\programdata\microsoft\windows\start menu\programs\spybot - search & destroy\update spybot-s&d.lnk
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\languagelist
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\ie4uinit.exe,-731
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\ie4uinit.exe,-731
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\progra~1\middd5~1\mui\oaa.dll,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\progra~1\middd5~1\mui\oaa.dll,-103
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\windowsanytimeupgradeui.exe,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\unregmp2.exe,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\devicecenter.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sud.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\explorer.exe,-7021
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@"%windir%\system32\ie4uinit.exe",-732
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\appwiz.cpl,-159
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@appwiz.cpl,-165
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@appwiz.cpl,-166
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@appwiz.cpl,-167
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@appwiz.cpl,-168
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@appwiz.cpl,-169
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@appwiz.cpl,-170
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@appwiz.cpl,-171
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@appwiz.cpl,-172
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\networkexplorer.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\macromed\flash\flashutil10e.exe,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@sendmail.dll,-21
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\ntshrui.dll,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@zipfldr.dll,-10148
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@sendmail.dll,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\fxsresm.dll,-120
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\p2pcollab.dll,-8042
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\p2pcollab.dll,-8042
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\qagentrt.dll,-10
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\qagentrt.dll,-10
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\dnsapi.dll,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\dnsapi.dll,-103
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\fveui.dll,-843
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\fveui.dll,-843
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\fveui.dll,-844
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\fveui.dll,-844
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\wmploc.dll,-128
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\themeui.dll,-2682
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\accessibilitycpl.dll,-10
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\ie4uinit.exe,-737
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\wucltux.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\wucltux.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\ehome\ehres.dll,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\program files\windows sidebar\sidebar.exe,-1005
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\program files\dvd maker\dvdmaker.exe,-61403
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\fxsresm.dll,-114
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\xpsrchvw.exe,-102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\displayswitch.exe,-320
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\program files\common files\microsoft shared\ink\mip.exe,-291
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\mblctr.exe,-1008
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\mstsc.exe,-4000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\snippingtool.exe,-15051
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\soundrecorder.exe,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sntsearch.dll,-505
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\synccenter.dll,-3000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\oobefldr.dll,-33056
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\speech\speechux\sapi.cpl,-5555
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\dfrgui.exe,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\dfrgui.exe,-103
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\wdc.dll,-10030
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\msinfo32.exe,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\rstrui.exe,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\miguiresource.dll,-201
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\miguiresource.dll,-201
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\migwiz\wet.dll,-591
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\migwiz\wet.dll,-588
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\program files\common files\microsoft shared\ink\shapecollector.exe,-298
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\program files\common files\microsoft shared\ink\tiptsf.dll,-80
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\program files\windows journal\journal.exe,-3074
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\windowspowershell\v1.0\powershell.exe,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\comres.dll,-3410
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\mycomput.dll,-300
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\odbcint.dll,-1310
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\miguiresource.dll,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\iscsicpl.dll,-5001
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\mdsched.exe,-4001
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\wdc.dll,-10021
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\filemgmt.dll,-2204
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\msconfig.exe,-126
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\authfwgp.dll,-20
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10054
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10054
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10055
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10055
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10082
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10056
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10056
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10102
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10101
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10103
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10059
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10059
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10057
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10057
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10209
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10209
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10058
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10058
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10060
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10060
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10061
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\gameux.dll,-10061
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sdcpl.dll,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\recdisc.exe,-2000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\msra.exe,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\ntshrui.dll,-5112
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\langid
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\c:\windows\system32\wfs.exe
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\languagelist
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\c:\windows\system32,@elscore.dll,-2
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\c:\windows\system32,@elscore.dll,-5
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\c:\windows\system32,@elscore.dll,-4
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\c:\windows\system32,@elscore.dll,-6
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\c:\windows\system32,@elscore.dll,-3
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\c:\windows\system32,@elscore.dll,-7
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\c:\windows\system32,@elscore.dll,-8
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\c:\windows\system32,@elscore.dll,-9
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\c:\windows\system32,@elscore.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\program files\windows journal\journal.exe,-62005
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\unregmp2.exe,-9925
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-118
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-117
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-116
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-106
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-108
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-107
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-105
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-104
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-103
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-102
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\unregmp2.exe,-9914
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\windows\system32\sampleres.dll,-142
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\pacer.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@netcfgx.dll,-50003
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@netcfgx.dll,-50002
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@tcpipcfg.dll,-50002
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\tcpipcfg.dll,-50001
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\lltdres.dll,-4
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\lltdres.dll,-3
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32010
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32009
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32009
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32009
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\aelupsvc.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\afd.sys,-1000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\alg.exe,-112
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\appidsvc.dll,-102
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\appidsvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\appinfo.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\audiosrv.dll,-204
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\audiosrv.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\axinstsv.dll,-103
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\bdesvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\bfe.dll,-1001
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\qmgr.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\browser.dll,-102
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\browser.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\bthserv.dll,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\certprop.dll,-11
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\clfs.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@comres.dll,-947
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\cryptsvc.dll,-1001
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@oleres.dll,-5012
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\dfsc.sys,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\dhcpcore.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\discache.sys,-102
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\dnsapi.dll,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\dot3svc.dll,-1102
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\dps.dll,-500
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\eapsvc.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\efssvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\ehome\ehrecvr.exe,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\ehome\ehsched.exe,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wevtsvc.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@comres.dll,-2450
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\fxsresm.dll,-118
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\fdphost.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\fdrespub.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\fileinfo.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\filetrace.sys,-10001
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\fltmgr.sys,-10001
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\fntcache.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\presentationhost.exe,-3309
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\fsdepends.sys,-10001
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\fvevol.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@gpapi.dll,-112
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\hidserv.dll,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\kmsvc.dll,-6
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\listsvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\provsvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\http.sys,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\hwpolicy.sys,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\servicemodelinstallrc.dll,-8193
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\ikeext.dll,-501
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\ipbusenum.dll,-102
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32013
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\iphlpsvc.dll,-500
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\irenum.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@keyiso.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@comres.dll,-2946
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\srvsvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wkssvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\lltdres.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\lmhsvc.dll,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\luafv.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\ehome\ehres.dll,-15501
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\mmcss.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\mountmgr.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\firewallapi.dll,-23092
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\firewallapi.dll,-23090
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\webclnt.dll,-104
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wkssvc.dll,-1002
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wkssvc.dll,-1004
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wkssvc.dll,-1006
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@comres.dll,-2797
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\mshidkmdf.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\iscsidsc.dll,-5000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\msimsg.dll,-27
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\mup.sys,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\qagentrt.dll,-6
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\ndis.sys,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32001
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32002
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\netlogon.dll,-102
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\netman.dll,-109
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\netprofm.dll,-202
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\servicemodelinstallrc.dll,-8201
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\nlasvc.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\nsisvc.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\nsiproxy.sys,-2
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\pnrpsvc.dll,-8004
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\p2psvc.dll,-8006
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\partmgr.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\pcasvc.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\pla.dll,-500
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\umpnpmgr.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\pnrpauto.dll,-8002
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\pnrpsvc.dll,-8000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\polstore.dll,-5010
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\umpo.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32006
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\profsvc.dll,-300
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\psbase.dll,-300
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\pacer.sys,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\qwave.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\qwavedrv.sys,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rasauto.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32005
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rasmans.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32007
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\sstpsvc.dll,-202
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wkssvc.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\rdpcdd.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\rdpencdd.sys,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\rdprefmp.sys,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\mprdim.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@regsvc.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%windir%\system32\rpcepmap.dll,-1001
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\locator.exe,-2
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@oleres.dll,-5010
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\samsrv.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\scardsvr.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\scfilter.sys,-11
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\certprop.dll,-13
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\sdrsvc.dll,-107
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\seclogon.dll,-7001
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\sens.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\sensrsvc.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\sessenv.dll,-1026
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\ipnathlp.dll,-106
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\shsvcs.dll,-12288
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\tcpipcfg.dll,-50005
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\snmptrap.exe,-3
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\snmptrap.exe,-3
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\spoolsv.exe,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\sppsvc.exe,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\sppuinotify.dll,-103
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\srvsvc.dll,-102
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\srvsvc.dll,-104
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\ssdpsrv.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\sstpsvc.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wiaservc.dll,-9
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\swprv.dll,-103
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\sysmain.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\tabsvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\tapisrv.dll,-10100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\tbssvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\tcpipcfg.dll,-50003
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\tcpipcfg.dll,-50004
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\termsrv.dll,-268
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\themeservice.dll,-8192
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\mmcss.dll,-102
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\trkwks.dll,-1
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\servicing\trustedinstaller.exe,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\tssecsrv.sys,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\ui0detect.exe,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\upnphost.dll,-213
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\dwm.exe,-2000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\vaultsvc.dll,-1003
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\vds.exe,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\volmgrx.sys,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\vssvc.exe,-102
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\w32time.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32011
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rascfg.dll,-32012
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wat\watux.exe,-601
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wbengine.exe,-104
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wbiosrvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wcncsvc.dll,-3
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wcspluginservice.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wdi.dll,-502
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wdi.dll,-500
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\webclnt.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wecsvc.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wercplsupport.dll,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wersvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%programfiles%\windows defender\msmpres.dll,-103
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\winhttp.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wbem\wmisvc.dll,-205
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wsmsvc.dll,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wlansvc.dll,-257
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wbem\wmiapsrv.exe,-110
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%programfiles%\windows media player\wmpnetwk.exe,-101
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wpcsvc.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wpdbusenum.dll,-100
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\drivers\ws2ifsl.sys,-1000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wscsvc.dll,-200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\searchindexer.exe,-103
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wudfsvc.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\wwansvc.dll,-257
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rastls.dll,-2001
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\rastls.dll,-2002
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@%systemroot%\system32\raschap.dll,-2002
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@provsvc.dll,-202
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@provsvc.dll,-202
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@c:\program files\windows live\messenger\msgsres.dll,-4200
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@netlogon.dll,-1010
[NOTE] The registry entry is invisible.
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\64\52C64B7E\@sstpsvc.dll,-35001
[NOTE] The registry entry is invisible.
c:\program files\google\google toolbar\googletoolbaruser_32.exe
c:\program files\google\google toolbar\googletoolbaruser_32.exe
[NOTE] The process is not visible.

The scan of running processes will be started
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '42' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'avscan.exe' - '75' Module(s) have been scanned
Scan process 'avscan.exe' - '28' Module(s) have been scanned
Scan process 'avcenter.exe' - '94' Module(s) have been scanned
Scan process 'avgnt.exe' - '55' Module(s) have been scanned
Scan process 'sched.exe' - '50' Module(s) have been scanned
Scan process 'conhost.exe' - '14' Module(s) have been scanned
Scan process 'avshadow.exe' - '31' Module(s) have been scanned
Scan process 'avguard.exe' - '64' Module(s) have been scanned
Scan process 'TrustedInstaller.exe' - '53' Module(s) have been scanned
Scan process 'msiexec.exe' - '66' Module(s) have been scanned
Scan process 'FlashUtil10e.exe' - '32' Module(s) have been scanned
Scan process 'GoogleToolbarUser_32.exe' - '75' Module(s) have been scanned
Scan process 'iexplore.exe' - '128' Module(s) have been scanned
Scan process 'iexplore.exe' - '84' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '112' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '62' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '20' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '156' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '54' Module(s) have been scanned
Scan process 'Monitor.exe' - '37' Module(s) have been scanned
Scan process 'SynTPHelper.exe' - '17' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '29' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '44' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '49' Module(s) have been scanned
Scan process 'igfxpers.exe' - '32' Module(s) have been scanned
Scan process 'hkcmd.exe' - '28' Module(s) have been scanned
Scan process 'igfxtray.exe' - '29' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '29' Module(s) have been scanned
Scan process 'igfxext.exe' - '25' Module(s) have been scanned
Scan process 'svchost.exe' - '65' Module(s) have been scanned
Scan process 'dmhkcore.exe' - '54' Module(s) have been scanned
Scan process 'SSCKbdHk.exe' - '22' Module(s) have been scanned
Scan process 'EasySpeedUpManager.exe' - '32' Module(s) have been scanned
Scan process 'WCScheduler.exe' - '50' Module(s) have been scanned
Scan process 'SUPBackground.exe' - '59' Module(s) have been scanned
Scan process 'taskeng.exe' - '28' Module(s) have been scanned
Scan process 'taskhost.exe' - '50' Module(s) have been scanned
Scan process 'Explorer.EXE' - '187' Module(s) have been scanned
Scan process 'Dwm.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '61' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'sqlwriter.exe' - '33' Module(s) have been scanned
Scan process 'OberonGameConsoleService.exe' - '73' Module(s) have been scanned
Scan process 'CommandService.exe' - '23' Module(s) have been scanned
Scan process 'BcmSqlStartupSvc.exe' - '21' Module(s) have been scanned
Scan process 'svchost.exe' - '68' Module(s) have been scanned
Scan process 'spoolsv.exe' - '81' Module(s) have been scanned
Scan process 'svchost.exe' - '69' Module(s) have been scanned
Scan process 'svchost.exe' - '78' Module(s) have been scanned
Scan process 'svchost.exe' - '156' Module(s) have been scanned
Scan process 'svchost.exe' - '121' Module(s) have been scanned
Scan process 'svchost.exe' - '91' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'lsass.exe' - '67' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '383' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\ProgramData\Spybot - Search & Destroy\Recovery\FunWebProducts119.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch114.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch115.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch116.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch117.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch118.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch119.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch163.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch166.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch171.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch172.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch194.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch22.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch25.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch27.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
Begin scan in 'D:\'

Beginning disinfection:
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch27.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '4917fab1.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch25.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '5180d516.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch22.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '03df8ffe.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '65e8c03d.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch194.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '206ced03.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch172.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '5f77df62.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch171.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '13cff328.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch166.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '6fd7b378.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch163.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '428d9c35.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch119.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '5be5a7af.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch118.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '37b98b9f.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch117.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '4600b20a.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch116.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '481a82cd.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch115.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '0d33fb8f.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch114.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '0438ff24.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '5c79e64d.qua'.
C:\ProgramData\Spybot - Search & Destroy\Recovery\FunWebProducts119.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to the quarantine directory under the name '70649f8d.qua'.


End of the scan: 08 January 2011 12:50
Used time: 19:36 Minute(s)

The scan has been done completely.

12952 Scanned directories
221546 Files were scanned
0 Viruses and/or unwanted programs were found
17 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
17 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
221529 Files not concerned
1271 Archives were scanned
0 Warnings
17 Notes
404043 Objects were scanned with rootkit scan
350 Hidden objects were found
sammieC
Regular Member
 
Posts: 16
Joined: December 19th, 2010, 4:22 pm

Re: Unable to remove malware

Unread postby askey127 » January 8th, 2011, 11:59 am

SammieC,
--------------------------------------------------------
Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions.
All versions numbered lower than 9.4 are vulnerable.
Go HERE and click on AdbeRdr940_en_US.exe to download the latest version of Adobe Acrobat Reader.
Save this file to your desktop and run it to install the latest version of Adobe Reader.
----------------------------------------------
Download and Run Temp File Cleaner (TFC.exe)
Download Temp File Cleaner and save it to your desktop.
Double click to run it. (Right click and choose Run as Administrator in Vista or Win7)
If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
When it's done, if it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
After Restart, log back in to your usual account.

Tell me how it's running.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Unable to remove malware

Unread postby sammieC » January 10th, 2011, 8:24 am

Askey127

It seems to be running fine.

Have downloaded the new version of adobe / run TFC

Thanks
sammieC
Regular Member
 
Posts: 16
Joined: December 19th, 2010, 4:22 pm

Re: Unable to remove malware

Unread postby askey127 » January 11th, 2011, 6:01 pm

sammiec,
I think you are good to go.
Good luck.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Unable to remove malware

Unread postby sammieC » January 12th, 2011, 3:34 pm

Thanks askey127 :)
sammieC
Regular Member
 
Posts: 16
Joined: December 19th, 2010, 4:22 pm

Re: Unable to remove malware

Unread postby askey127 » January 12th, 2011, 4:22 pm

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: M2Judy, pgmigg and 30 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware