Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

pop up ads and missing security centre
Goto page 1, 2  Next
 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics
View previous topic :: View next topic  
Author Message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Fri Jun 01, 2012 12:34 pm    Post subject: pop up ads and missing security centre Reply with quote

Had posted but did not realise I needed to run a dds. Have problem with pop up ads and missing security centre. Attaching DDS, hope I did it properly

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Teresa at 21:27:58 on 2012-06-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4056.2411 [GMT 1:00]
.
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=0DAFCE1E115456CC664D534FC7DF59EC&tbp=homepage
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Google Update] "C:\Users\Teresa\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\Teresa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\Teresa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{B7CAA498-92B2-4B8E-92B8-3D28B6770DDA} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{F292EAD9-60D7-4B96-A945-DFF51DE9EB56} : DhcpNameServer = 89.19.64.36 89.19.64.164
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
BHO-X64: blekko search bar - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
Hosts: 69.72.252.254 www.google-analytics.com.
Hosts: 69.72.252.254 ad-emea.doubleclick.net.
Hosts: 69.72.252.254 www.statcounter.com.
Hosts: 184.95.41.155 www.google-analytics.com.
Hosts: 184.95.41.155 ad-emea.doubleclick.net.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\4ge3qayx.default\
FF - prefs.js: browser.search.selectedEngine - Blekko
FF - prefs.js: browser.startup.homepage - hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=0DAFCE1E115456CC664D534FC7DF59EC&tbp=homepage
FF - prefs.js: keyword.URL - hxxp://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_031&u=USERGUID&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Teresa\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - 4c77c07e-d465-4911-9f17-6d05540cb316
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,Buzzdock,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2010-5-31 89600]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-7-4 1692480]
R2 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2010-3-15 9216]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 257696]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys --> C:\Windows\system32\DRIVERS\ewusbnet.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys --> C:\Windows\system32\DRIVERS\ggflt.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\system32\DRIVERS\ewusbfake.sys --> C:\Windows\system32\DRIVERS\ewusbfake.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-31 129976]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-8-15 155344]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-05-31 21:15:18 -------- d-----w- C:\ProgramData\blekko toolbars
2012-05-31 21:15:11 -------- d-----w- C:\Users\Teresa\AppData\Local\blekkotb_031
2012-05-31 21:15:11 -------- d-----w- C:\Program Files (x86)\blekkotb_031
2012-05-31 21:15:10 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor
2012-05-31 21:15:07 -------- d-----w- C:\Program Files (x86)\Yontoo
2012-05-31 21:15:06 -------- d-----w- C:\ProgramData\Tarma Installer
2012-05-31 20:26:22 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-05-31 20:26:22 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-30 20:17:27 -------- d-----w- C:\Windows\Temp678CEF2C-4B39-4B24-F5B1-8323F946A43B-Signatures
2012-05-30 20:09:44 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-30 20:07:58 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-30 20:07:55 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-30 20:07:55 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-30 20:07:55 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-30 20:07:54 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-30 20:07:54 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-30 18:20:46 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-30 18:20:45 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-30 18:20:39 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-30 18:20:36 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-30 18:20:33 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-30 18:20:33 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-22 17:54:33 -------- d-----w- C:\Users\Teresa\AppData\Roaming\SUPERAntiSpyware.com
2012-05-22 17:54:03 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-05-22 17:54:03 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-05-21 21:43:09 -------- d-----w- C:\Users\Teresa\AppData\Local\Mozilla
2012-05-21 21:43:00 43960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-05-21 20:38:55 -------- d-----w- C:\Users\Teresa\AppData\Local\ElevatedDiagnostics
.
==================== Find3M ====================
.
2012-05-30 20:28:23 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-30 20:28:23 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-30 20:27:58 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-04 14:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 21:30:18.43 ===============
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105

PostPosted: Fri Jun 01, 2012 8:24 pm    Post subject: Reply with quote

Hi partnership,

Firstly, welcome to the Spyware Warrior Forum. Smile
My name is Scolabar, and I'll be helping you with your malware problems.
Logs can take a while to research, so please be patient.
If you no longer require help I would be grateful if you would let me know.

Please note the following important guidelines before proceeding:
  1. The instructions that will be provided are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable
    !

  2. If you have any questions or do not understand something, please do not hesitate to ask, don't guess or assume.
  3. Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  4. Only reply to this thread, do not start another. Please, continue responding, until I give you the All Clean.
    Absence of symptoms does not necessarily mean that everything is clear.
  5. DO NOT run any other fix or removal tools unless instructed to do so!
  6. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  7. Print each set of instructions, if possible. Your Internet connection will not be available during some fix processes.
  8. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  9. Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!
Please Note: If you haven't done so already, please read this topic Help with Spyware Removal Forum Guidelines (PLEASE READ) where the conditions for receiving help here are explained.

Windows 7 Advice:
Please Note: The programs I ask you to use will need to be run in Administrator Mode.
In order to do this Right-click on the program file and select the Run as Administrator option.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
If prompted, please click on the Allow button.
Reference: User Account Control (UAC) and Running as Administrator

Quote:
Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

In light of this, it would be advisable for you to back up any important files and folders that you don't want to lose before we start.
If you follow these guidelines, things should proceed smoothly. Smile
I am currently reviewing your log and will return, as soon as possible, with additional instructions.

Thank you for your patience.

Scolabar
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105

PostPosted: Fri Jun 01, 2012 10:50 pm    Post subject: Reply with quote

Hi partnership,

Thank you again for your patience. Smile

Please read these instructions carefully before executing and perform the steps exactly in the order given.
lf, you have any questions about or problems with, executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before proceeding please make sure any open programs are closed.

Step 1:
OTL - Scan
  1. Please download OTL by Old Timer. Save it to your Desktop.
  2. Right-click on OTL.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  3. Under Output, ensure that the Standard Output option is selected.
  4. Under the Extra Registry section, select the Use SafeList option.
  5. Click the Scan All Users checkbox.
  6. Tick the LOP Check and Purity Check checkboxes.
  7. Also make sure the Include 64bit Scans checkbox is ticked.
    Note: Please leave the remaining selections on the default settings.
  8. Click on the Run Scan button in the top left-hand corner of the program window.
  9. When done, two Notepad files will automatically open:
    • OTL.txt <-- Will be opened, maximized.
    • Extras.txt <-- Will be minimized on task bar.
  10. Please Copy and Paste the entire contents of both of the OTL.txt and Extras.txt files into your next reply.
Step 2:
TDSSKiller - Scan
  1. Please download TDSSKiller.exe by Kaspersky and save it to your Desktop. <-- Important!!!
  2. Right-click on TDSSKiller.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
    If TDSSKiller does not run, try renaming the program file. Right-click on TDSSKiller.exe, select the Rename option and give the program a random name with the .com file extension (i.e. ektfhtw.com).
    If you cannot see file extensions, please refer to: How to change the file extension.
  3. Click the Start Scan button. Do not use the computer during the scan!
  4. When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  5. Now click on Report to open the log file created by TDSSKiller.
  6. The log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt is created and saved to the root directory. (Usually C: drive).
  7. Copy and Paste the entire contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt file into your next reply.
PLEASE DO NOT TRY TO FIX ANYTHING AT THIS STAGE.

Step 3:
SystemLook
  1. Please download SystemLook_x64.exe by jpshortstuff and Save it to your Desktop.
    Alternate download site.
  2. Right-click on SystemLook_x64.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
    If you receive an Open File - Security Warning alert, please click on the Run button to continue.
  3. Copy and Paste the text in the code box below into SystemLook's main text entry window:
    Code:
    :reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc] /sub
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] /sub

  4. Click on the Look button to start the scan.
    When SystemLook has completed its task a Notepad window will open showing the results of the scan.
    A log file will be created on your Desktop named SystemLook.txt.
  5. Please post the contents of the SystemLook.txt file in your next reply.
Step 4:
Security Check
  1. Please download Security Check by screen317 and Save it to your Desktop.
    Alternate download site: Link 2
  2. Right-click on SecurityCheck.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  3. Press the Space Bar when you see the Press any key to continue... message.
    Please Note: This scan will take a short while to complete, so please be patient.
  4. When the scan has completed, a Notepad file will automatically open called checkup.txt.
  5. Save the file checkup.txt to your Desktop.
    Please Note: This output file is NOT automatically saved!
  6. Then Copy and Paste the entire contents of the checkup.txt file into your next reply.
Step 5:
Include in Next Post
  1. Did you have any problems carrying out the instructions?
  2. OTL.txt.
  3. Extras.txt.
  4. TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt.
  5. SystemLook.txt.
  6. checkup.txt.
  7. Do you have the original Windows installation media for your PC?

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed

_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 02, 2012 4:22 am    Post subject: Reply with quote

ok downloaded the otl and did the scan ticking as you said. got error message to say list index out of bounds (192) and it seems to have stopped. Will wait further instructions before carrying out the rest.
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105

PostPosted: Sat Jun 02, 2012 9:58 pm    Post subject: Reply with quote

Hi partnership,

When you run the OTL scan it should give an indication at the bottom of the window what stage the scanning process has reached. Can you let me know what stage the scan reaches at the point when you receive the out of bounds error message?

Which web browser do you primarily use? Is it only in that browser that you get the pop-ups? Do you get the pop-up ads in all the web browsers installed on the system?

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed

_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sun Jun 03, 2012 1:54 am    Post subject: Reply with quote

Ok ran the OTL scan again and same message came up when it is scanning chrome settings.

I was using internet explorer and downloaded firefox because people said it was better but I get the pop ups with both so there is no difference.
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sun Jun 03, 2012 2:00 am    Post subject: Reply with quote

Forgot to say that I have noticed than when I click on what would be very legitimate websites I am often redirected to bitadvisor sites, I always close these and go back and it usually works - not sure if this is related or if this is to do with the sites themselves but it is happening more often.
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105

PostPosted: Sun Jun 03, 2012 6:08 am    Post subject: Reply with quote

Hi partnership,

Thank you for the update. Big Thumb Up

Let's try a slightly different tack. Please can you run the following instructions in place of Step 1 of my last set of instructions and then continue with Step 2 as provided previously and post back the logs requested:

Step 1:
RSIT (Random's System Information Tool)
  1. Please download RSITx64 by random/random and save it to your Desktop.
  2. Right-click on RSITx64.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  3. Read the disclaimer and then click on the Continue button.
  4. RSIT will start running.
  5. When the program has finished two logs files will automatically open in Notepad:
    • log.txt <-- Will be opened, maximized.
    • info.txt <-- Will be minimized on task bar.
  6. Please Copy and Paste the entire contents of both log.txt and info.txt files into your next reply.
    Note: These logs can be lengthy, so please post one log per reply.
Please include the following logs in your next post:

Include in Next Post
  1. Did you have any problems carrying out the instructions?
  2. log.txt.
  3. info.txt.
  4. TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt.
  5. SystemLook.txt.
  6. checkup.txt.
  7. Do you have the original Windows installation media for your PC?

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed

_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sun Jun 03, 2012 9:20 am    Post subject: Reply with quote

no problem running all the steps will post one by one

log.txt

Logfile of random's system information tool 1.09 (written by random/random)
Run by Teresa at 2012-06-03 18:01:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 406 GB (88%) free of 462 GB
Total RAM: 4056 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:58, on 03/06/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Teresa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 69.72.252.254 www.google-analytics.com.
O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net.
O1 - Hosts: 69.72.252.254 www.statcounter.com.
O1 - Hosts: 184.95.41.155 www.google-analytics.com.
O1 - Hosts: 184.95.41.155 ad-emea.doubleclick.net.
O1 - Hosts: 184.95.41.155 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Teresa\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Dropbox.lnk = C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12634 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Dell\DellDock\DockLogin.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3144480
\??\C:\Windows\system32\conhost.exe "1187203545396396197-1436025270-1859377011-671629724-14587794991671525879-1639315913
"C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe"
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe"
WLIDSvcM.exe 1808
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {AA44388F-5274-490C-9F8C-C5611F5F8BCF}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE" C:\Users\Teresa
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE"
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "4116983101985762155-649930971-1589250639-55516321-873654470-152580766-1699690235
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files\Dell\DellDock\DellDock.exe"
"C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe"
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\sppsvc.exe
taskhost.exe $(Arg0)
"C:\Users\Teresa\Desktop\RSITx64.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1308780347-3018791662-52600780-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1308780347-3018791662-52600780-1000UA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\4ge3qayx.default

prefs.js - "browser.startup.homepage" - "http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=0DAFCE1E115456CC664D534FC7DF59EC&tbp=homepage"
prefs.js - "keyword.URL" - "http://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_031&u=USERGUID&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
msservice.js

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
search.xml
twitter.xml
wikipedia.xml
yahoo.xml

C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\4ge3qayx.default\extensions\
plugin@yontoo.com
{8769adce-dba5-48e9-afb5-67b12cdf2e61}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-03-19 253040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-04 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-10 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8769adce-dba5-48e9-afb5-67b12cdf2e61}]
blekko search bar - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll [2012-05-18 85288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-19 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-15 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2011-12-09 194848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-03-19 253040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-19 192112]
{8769adce-dba5-48e9-afb5-67b12cdf2e61} - blekko search bar - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll [2012-05-18 85288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-04-06 384296]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-02-25 487424]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-02-21 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-02-21 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-02-21 365592]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [2009-07-17 4968960]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2009-07-02 3180624]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Teresa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-20 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 9728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2009-10-15 498160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-10-13 17351304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-07-25 433360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2011-10-10 273528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24 409744]
"DellSupportCenter"=C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter []
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe""=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [2011-10-10 559616]

C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe
Dropbox.lnk - C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-11-06 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-06-03 18:01:33 ----D---- C:\Program Files\trend micro
2012-06-03 18:01:32 ----D---- C:\rsit
2012-05-31 22:15:18 ----D---- C:\ProgramData\blekko toolbars
2012-05-31 22:15:11 ----D---- C:\Program Files (x86)\blekkotb_031
2012-05-31 22:15:10 ----D---- C:\ProgramData\Anti-phishing Domain Advisor
2012-05-31 22:15:07 ----D---- C:\Program Files (x86)\Yontoo
2012-05-31 22:15:06 ----D---- C:\ProgramData\Tarma Installer
2012-05-31 21:26:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-05-31 21:26:22 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-31 18:56:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-05-30 21:17:27 ----D---- C:\Windows\Temp678CEF2C-4B39-4B24-F5B1-8323F946A43B-Signatures
2012-05-30 21:09:44 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-30 21:07:58 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-30 19:20:46 ----A---- C:\Windows\system32\DWrite.dll
2012-05-30 19:20:45 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-05-30 19:20:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-30 19:20:36 ----A---- C:\Windows\system32\win32k.sys
2012-05-30 19:20:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-05-30 19:20:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-05-22 18:54:33 ----D---- C:\Users\Teresa\AppData\Roaming\SUPERAntiSpyware.com
2012-05-22 18:54:03 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-05-22 18:54:03 ----D---- C:\Program Files\SUPERAntiSpyware
2012-05-21 22:43:09 ----D---- C:\Users\Teresa\AppData\Roaming\Mozilla
2012-05-21 22:43:04 ----D---- C:\ProgramData\Mozilla
2012-05-21 22:43:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-05-21 21:48:20 ----D---- C:\Program Files\Microsoft Silverlight

======List of files/folders modified in the last 1 month======

2012-06-03 18:01:33 ----RD---- C:\Program Files
2012-06-03 18:00:11 ----D---- C:\Windows\Temp
2012-06-03 17:58:26 ----D---- C:\Users\Teresa\AppData\Roaming\Dropbox
2012-06-03 17:58:13 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup
2012-06-03 11:14:19 ----D---- C:\Windows\system32\config
2012-06-02 13:08:36 ----SHD---- C:\System Volume Information
2012-06-02 12:47:20 ----D---- C:\Windows\System32
2012-06-02 12:47:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-02 12:46:35 ----D---- C:\Windows\registration
2012-06-02 12:46:34 ----D---- C:\Windows
2012-06-01 09:27:21 ----A---- C:\Windows\ntbtlog.txt
2012-05-31 22:29:12 ----RD---- C:\Program Files (x86)
2012-05-31 22:15:18 ----HD---- C:\ProgramData
2012-05-31 22:05:23 ----D---- C:\Users\Teresa\AppData\Roaming\Skype
2012-05-31 19:27:46 ----D---- C:\Windows\Microsoft.NET
2012-05-31 19:27:42 ----RSD---- C:\Windows\assembly
2012-05-30 21:40:53 ----D---- C:\Windows\winsxs
2012-05-30 21:39:29 ----SHD---- C:\Config.Msi
2012-05-30 21:39:28 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-05-30 21:38:39 ----D---- C:\Windows\SysWOW64
2012-05-30 21:38:39 ----D---- C:\Windows\system32\drivers
2012-05-30 21:37:16 ----SHD---- C:\Windows\Installer
2012-05-30 21:32:05 ----D---- C:\Windows\system32\catroot
2012-05-30 21:32:04 ----D---- C:\Windows\system32\catroot2
2012-05-30 21:28:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-05-30 21:27:58 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-05-30 21:25:20 ----A---- C:\Windows\win.ini
2012-05-30 21:23:15 ----D---- C:\Program Files\Microsoft Security Client
2012-05-30 21:23:15 ----D---- C:\Program Files (x86)\Microsoft Security Client
2012-05-30 21:19:33 ----D---- C:\Windows\system32\Tasks
2012-05-30 21:18:56 ----D---- C:\ProgramData\Skype
2012-05-30 21:12:47 ----D---- C:\Program Files\Windows Journal
2012-05-30 20:52:02 ----D---- C:\Windows\Tasks
2012-05-30 20:46:58 ----D---- C:\ProgramData\Microsoft
2012-05-30 20:43:17 ----D---- C:\Windows\ShellNew
2012-05-30 20:43:10 ----D---- C:\Windows\system32\wbem
2012-05-30 20:42:12 ----D---- C:\Windows\system32\wfp
2012-05-30 20:42:12 ----D---- C:\Windows\system32\DriverStore
2012-05-30 20:42:12 ----D---- C:\Windows\inf
2012-05-30 20:42:10 ----D---- C:\Windows\SYSWOW64\Macromed
2012-05-30 20:42:10 ----D---- C:\Windows\system32\NDF
2012-05-30 20:42:10 ----D---- C:\Windows\system32\Macromed
2012-05-30 20:42:10 ----D---- C:\Windows\system32\drivers\UMDF
2012-05-30 20:42:10 ----D---- C:\Windows\system32\CodeIntegrity
2012-05-30 20:41:47 ----RD---- C:\Program Files (x86)\Skype
2012-05-30 20:41:36 ----D---- C:\Program Files (x86)\Calibre2
2012-05-30 20:36:09 ----D---- C:\Users\Teresa\AppData\Roaming\PCDr
2012-05-30 20:36:08 ----SD---- C:\Users\Teresa\AppData\Roaming\Microsoft
2012-05-30 20:33:39 ----D---- C:\ProgramData\Real
2012-05-30 20:33:12 ----D---- C:\Program Files (x86)\Common Files
2012-05-13 22:31:44 ----D---- C:\Users\Teresa\AppData\Roaming\0A202

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-06-15 557848]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-04-15 301688]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2009-07-17 22520]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-17 2769400]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-11-06 7370304]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-05-08 215552]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-02-25 505856]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-11-04 133632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-08-15 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-08-15 27176]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-11-04 117120]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-11-04 114304]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-02 89600]
R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [2010-02-25 244736]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2010-03-15 9216]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE [2009-07-17 33280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 257696]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe [2009-06-06 250616]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-20 182768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-24 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sun Jun 03, 2012 9:21 am    Post subject: Reply with quote

no problem running all the steps will post one by one

log.txt

Logfile of random's system information tool 1.09 (written by random/random)
Run by Teresa at 2012-06-03 18:01:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 406 GB (88%) free of 462 GB
Total RAM: 4056 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:58, on 03/06/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Teresa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 69.72.252.254 www.google-analytics.com.
O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net.
O1 - Hosts: 69.72.252.254 www.statcounter.com.
O1 - Hosts: 184.95.41.155 www.google-analytics.com.
O1 - Hosts: 184.95.41.155 ad-emea.doubleclick.net.
O1 - Hosts: 184.95.41.155 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Teresa\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Dropbox.lnk = C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12634 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Dell\DellDock\DockLogin.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3144480
\??\C:\Windows\system32\conhost.exe "1187203545396396197-1436025270-1859377011-671629724-14587794991671525879-1639315913
"C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe"
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe"
WLIDSvcM.exe 1808
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {AA44388F-5274-490C-9F8C-C5611F5F8BCF}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE" C:\Users\Teresa
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE"
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "4116983101985762155-649930971-1589250639-55516321-873654470-152580766-1699690235
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files\Dell\DellDock\DellDock.exe"
"C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe"
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\sppsvc.exe
taskhost.exe $(Arg0)
"C:\Users\Teresa\Desktop\RSITx64.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1308780347-3018791662-52600780-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1308780347-3018791662-52600780-1000UA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\4ge3qayx.default

prefs.js - "browser.startup.homepage" - "http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=0DAFCE1E115456CC664D534FC7DF59EC&tbp=homepage"
prefs.js - "keyword.URL" - "http://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_031&u=USERGUID&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
msservice.js

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
search.xml
twitter.xml
wikipedia.xml
yahoo.xml

C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\4ge3qayx.default\extensions\
plugin@yontoo.com
{8769adce-dba5-48e9-afb5-67b12cdf2e61}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-03-19 253040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-04 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-10 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8769adce-dba5-48e9-afb5-67b12cdf2e61}]
blekko search bar - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll [2012-05-18 85288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-19 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-15 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2011-12-09 194848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-03-19 253040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-19 192112]
{8769adce-dba5-48e9-afb5-67b12cdf2e61} - blekko search bar - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll [2012-05-18 85288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-04-06 384296]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-02-25 487424]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-02-21 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-02-21 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-02-21 365592]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [2009-07-17 4968960]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2009-07-02 3180624]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Teresa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-20 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 9728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2009-10-15 498160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-10-13 17351304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-07-25 433360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2011-10-10 273528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24 409744]
"DellSupportCenter"=C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter []
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe""=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [2011-10-10 559616]

C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe
Dropbox.lnk - C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-11-06 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-06-03 18:01:33 ----D---- C:\Program Files\trend micro
2012-06-03 18:01:32 ----D---- C:\rsit
2012-05-31 22:15:18 ----D---- C:\ProgramData\blekko toolbars
2012-05-31 22:15:11 ----D---- C:\Program Files (x86)\blekkotb_031
2012-05-31 22:15:10 ----D---- C:\ProgramData\Anti-phishing Domain Advisor
2012-05-31 22:15:07 ----D---- C:\Program Files (x86)\Yontoo
2012-05-31 22:15:06 ----D---- C:\ProgramData\Tarma Installer
2012-05-31 21:26:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-05-31 21:26:22 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-31 18:56:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-05-30 21:17:27 ----D---- C:\Windows\Temp678CEF2C-4B39-4B24-F5B1-8323F946A43B-Signatures
2012-05-30 21:09:44 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-30 21:07:58 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-30 19:20:46 ----A---- C:\Windows\system32\DWrite.dll
2012-05-30 19:20:45 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-05-30 19:20:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-30 19:20:36 ----A---- C:\Windows\system32\win32k.sys
2012-05-30 19:20:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-05-30 19:20:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-05-22 18:54:33 ----D---- C:\Users\Teresa\AppData\Roaming\SUPERAntiSpyware.com
2012-05-22 18:54:03 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-05-22 18:54:03 ----D---- C:\Program Files\SUPERAntiSpyware
2012-05-21 22:43:09 ----D---- C:\Users\Teresa\AppData\Roaming\Mozilla
2012-05-21 22:43:04 ----D---- C:\ProgramData\Mozilla
2012-05-21 22:43:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-05-21 21:48:20 ----D---- C:\Program Files\Microsoft Silverlight

======List of files/folders modified in the last 1 month======

2012-06-03 18:01:33 ----RD---- C:\Program Files
2012-06-03 18:00:11 ----D---- C:\Windows\Temp
2012-06-03 17:58:26 ----D---- C:\Users\Teresa\AppData\Roaming\Dropbox
2012-06-03 17:58:13 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup
2012-06-03 11:14:19 ----D---- C:\Windows\system32\config
2012-06-02 13:08:36 ----SHD---- C:\System Volume Information
2012-06-02 12:47:20 ----D---- C:\Windows\System32
2012-06-02 12:47:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-02 12:46:35 ----D---- C:\Windows\registration
2012-06-02 12:46:34 ----D---- C:\Windows
2012-06-01 09:27:21 ----A---- C:\Windows\ntbtlog.txt
2012-05-31 22:29:12 ----RD---- C:\Program Files (x86)
2012-05-31 22:15:18 ----HD---- C:\ProgramData
2012-05-31 22:05:23 ----D---- C:\Users\Teresa\AppData\Roaming\Skype
2012-05-31 19:27:46 ----D---- C:\Windows\Microsoft.NET
2012-05-31 19:27:42 ----RSD---- C:\Windows\assembly
2012-05-30 21:40:53 ----D---- C:\Windows\winsxs
2012-05-30 21:39:29 ----SHD---- C:\Config.Msi
2012-05-30 21:39:28 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-05-30 21:38:39 ----D---- C:\Windows\SysWOW64
2012-05-30 21:38:39 ----D---- C:\Windows\system32\drivers
2012-05-30 21:37:16 ----SHD---- C:\Windows\Installer
2012-05-30 21:32:05 ----D---- C:\Windows\system32\catroot
2012-05-30 21:32:04 ----D---- C:\Windows\system32\catroot2
2012-05-30 21:28:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-05-30 21:27:58 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-05-30 21:25:20 ----A---- C:\Windows\win.ini
2012-05-30 21:23:15 ----D---- C:\Program Files\Microsoft Security Client
2012-05-30 21:23:15 ----D---- C:\Program Files (x86)\Microsoft Security Client
2012-05-30 21:19:33 ----D---- C:\Windows\system32\Tasks
2012-05-30 21:18:56 ----D---- C:\ProgramData\Skype
2012-05-30 21:12:47 ----D---- C:\Program Files\Windows Journal
2012-05-30 20:52:02 ----D---- C:\Windows\Tasks
2012-05-30 20:46:58 ----D---- C:\ProgramData\Microsoft
2012-05-30 20:43:17 ----D---- C:\Windows\ShellNew
2012-05-30 20:43:10 ----D---- C:\Windows\system32\wbem
2012-05-30 20:42:12 ----D---- C:\Windows\system32\wfp
2012-05-30 20:42:12 ----D---- C:\Windows\system32\DriverStore
2012-05-30 20:42:12 ----D---- C:\Windows\inf
2012-05-30 20:42:10 ----D---- C:\Windows\SYSWOW64\Macromed
2012-05-30 20:42:10 ----D---- C:\Windows\system32\NDF
2012-05-30 20:42:10 ----D---- C:\Windows\system32\Macromed
2012-05-30 20:42:10 ----D---- C:\Windows\system32\drivers\UMDF
2012-05-30 20:42:10 ----D---- C:\Windows\system32\CodeIntegrity
2012-05-30 20:41:47 ----RD---- C:\Program Files (x86)\Skype
2012-05-30 20:41:36 ----D---- C:\Program Files (x86)\Calibre2
2012-05-30 20:36:09 ----D---- C:\Users\Teresa\AppData\Roaming\PCDr
2012-05-30 20:36:08 ----SD---- C:\Users\Teresa\AppData\Roaming\Microsoft
2012-05-30 20:33:39 ----D---- C:\ProgramData\Real
2012-05-30 20:33:12 ----D---- C:\Program Files (x86)\Common Files
2012-05-13 22:31:44 ----D---- C:\Users\Teresa\AppData\Roaming\0A202

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-06-15 557848]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-04-15 301688]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2009-07-17 22520]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-17 2769400]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-11-06 7370304]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-05-08 215552]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-02-25 505856]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-11-04 133632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-08-15 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-08-15 27176]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-11-04 117120]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-11-04 114304]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-02 89600]
R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [2010-02-25 244736]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2010-03-15 9216]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE [2009-07-17 33280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 257696]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe [2009-06-06 250616]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-20 182768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-24 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sun Jun 03, 2012 9:23 am    Post subject: Reply with quote

info.txt

info.txt logfile of random's system information tool 1.09 2012-06-03 18:02:01

======Uninstall list======

-->"C:\Program Files (x86)\WildTangent\Dell Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Blasterball 2 Revolution\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\FATE Undiscovered Realms\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\FATE\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Game Explorer Categories - genres\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Game Explorer Categories - main\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Jewel Quest Solitaire 2\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Monopoly\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Peggle\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Plants vs. Zombies\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Scrabble\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Virtual Families\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Virtual Villagers - The Secret City\Uninstall.exe"
-->"C:\Program Files (x86)\WildTangent\Dell Games\Yahtzee\Uninstall.exe"
-->C:\Program Files (x86)\Sony Ericsson\Update Engine\uninst.exe
-->C:\ProgramData\{D19C2D22-6043-47E7-B400-83A351841204}\delldock.exe
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x9
Adobe Digital Editions-->"C:\Program Files (x86)\Adobe\Adobe Digital Editions\uninstall.exe"
Adobe Flash Player 11 ActiveX 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_2_202_235_ActiveX.exe -maintain activex
Adobe Reader 9.5.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A95000000001}
Advanced Audio FX Engine-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9 /remove
Anti-phishing Domain Advisor-->C:\ProgramData\Anti-phishing Domain Advisor\uninstall.exe
Bing Bar-->MsiExec.exe /X{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}
blekko search bar-->C:\Program Files (x86)\blekkotb_031\uninstall.exe
calibre-->MsiExec.exe /I{7F92FF5F-C7EA-40BA-9481-02B6B4479C93}
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Dell DataSafe Local Backup - Support Software-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}\setup.exe" -l0x9 -removeonly
Dell DataSafe Local Backup-->"C:\Program Files (x86)\InstallShield Installation Information\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}\setup.exe" -runfromtemp -l0x9 -removeonly
Dell Dock-->"C:\ProgramData\{D19C2D22-6043-47E7-B400-83A351841204}\delldock.exe" REMOVE=TRUE MODIFY=FALSE
Dell Edoc Viewer-->MsiExec.exe /I{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}
Dell Getting Started Guide-->MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
Dell Support Center-->C:\PROGRA~1\DELLSU~1\uninst.exe
Dell Support Center-->MsiExec.exe /X{0090A87C-3E0E-43D4-AA71-A71B06563A4A}
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
Dell Webcam Central-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x9 /remove
Dell Wireless WLAN Card Utility-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_F91D44FAA5479127.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\SysWOW64\igxpun.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Intel® Matrix Storage Manager-->C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Java(TM) 6 Update 20 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416020FF}
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216026FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Live! Cam Avatar Creator-->C:\Program Files (x86)\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Malwarebytes Anti-Malware version 1.61.0.1400-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Messenger Companion-->MsiExec.exe /I{50816F92-1652-4A7C-B9BC-48F682742C4B}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable - KB2467175-->MsiExec.exe /X{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148-->MsiExec.exe /X{EE936C7A-EA40-31D5-9B65-8E3E089C3828}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{820B6609-4C97-3A2B-B644-573B06A0F0CC}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox 12.0 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Quickset64-->MsiExec.exe /I{87CF757E-C1F1-4D22-865C-00C6950B5258}
RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
RealPlayer-->C:\Program Files (x86)\Real\RealPlayer\Update\r1puninst.exe RealNetworks|RealPlayer|12.0
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Roxio Burn-->C:\ProgramData\Uninstall\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}\setup.exe /x {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}
Roxio Burn-->MsiExec.exe /I{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Sony Ericsson PC Companion 2.01.217-->"C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Sony Ericsson Update Engine-->C:\Program Files (x86)\Sony Ericsson\Update Engine\uninst.exe
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Vodafone Mobile Connect Lite-->MsiExec.exe /X{E21DC406-9F79-4094-AFA5-E66154F7D28C}
WildTangent Games-->"C:\Program Files (x86)\WildTangent\Dell Games\Uninstall.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Family Safety-->MsiExec.exe /I{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}
Windows Live Family Safety-->MsiExec.exe /X{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Sync-->MsiExec.exe /X{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
WinRAR archiver-->C:\Program Files (x86)\WinRAR\uninstall.exe
Yontoo 1.10.02-->C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe /remove /q0

======Hosts File======

69.72.252.254 www.google-analytics.com.
69.72.252.254 ad-emea.doubleclick.net.
69.72.252.254 www.statcounter.com.
184.95.41.155 www.google-analytics.com.
184.95.41.155 ad-emea.doubleclick.net.
184.95.41.155 www.statcounter.com.

======System event log======

Computer Name: Teresa-PC
Event Code: 7011
Message: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
Record Number: 173779
Source Name: Service Control Manager
Time Written: 20111227200231.964391-000
Event Type: Error
User:

Computer Name: Teresa-PC
Event Code: 3002
Message:
Record Number: 173777
Source Name: Microsoft Antimalware
Time Written: 20111227200203.000000-000
Event Type: Error
User:

Computer Name: Teresa-PC
Event Code: 7011
Message: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
Record Number: 173776
Source Name: Service Control Manager
Time Written: 20111227200201.946938-000
Event Type: Error
User:

Computer Name: Teresa-PC
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.

Record Number: 173690
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20111227134413.404222-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Teresa-PC
Event Code: 10002
Message: WLAN Extensibility Module has stopped.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Record Number: 173689
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20111227134413.404222-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Teresa-PC
Event Code: 4621
Message: The COM+ Event System could not remove the EventSystem.EventSubscription object {AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: wltrynt SENS Logon Spy Subscription
Object description:
The HRESULT was 80070005.
Record Number: 23931
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110524164516.000000-000
Event Type: Error
User:

Computer Name: Teresa-PC
Event Code: 0
Message: conflictManagerTypeValue
Record Number: 23905
Source Name: VMCService
Time Written: 20110524161236.000000-000
Event Type: Error
User:

Computer Name: Teresa-PC
Event Code: 3011
Message: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Record Number: 23891
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20110523220758.249328-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Teresa-PC
Event Code: 3012
Message: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Record Number: 23890
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20110523220758.249328-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Teresa-PC
Event Code: 1000
Message:
Record Number: 23883
Source Name: Application Error
Time Written: 20110523220742.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: Teresa-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: TERESA-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x20c
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 24536
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110617191428.459661-000
Event Type: Audit Success
User:

Computer Name: Teresa-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 24535
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110617191428.147660-000
Event Type: Audit Success
User:

Computer Name: Teresa-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: TERESA-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x20c
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 24534
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110617191428.147660-000
Event Type: Audit Success
User:

Computer Name: Teresa-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 24533
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110617191428.038460-000
Event Type: Audit Success
User:

Computer Name: Teresa-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: TERESA-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x20c
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 24532
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110617191428.038460-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a

-----------------EOF-----------------
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sun Jun 03, 2012 9:25 am    Post subject: Reply with quote

tddskiller log

18:08:08.0885 6060 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
18:08:09.0009 6060 ============================================================
18:08:09.0009 6060 Current date / time: 2012/06/03 18:08:09.0009
18:08:09.0009 6060 SystemInfo:
18:08:09.0009 6060
18:08:09.0009 6060 OS Version: 6.1.7601 ServicePack: 1.0
18:08:09.0009 6060 Product type: Workstation
18:08:09.0009 6060 ComputerName: TERESA-PC
18:08:09.0009 6060 UserName: Teresa
18:08:09.0009 6060 Windows directory: C:\Windows
18:08:09.0009 6060 System windows directory: C:\Windows
18:08:09.0009 6060 Running under WOW64
18:08:09.0009 6060 Processor architecture: Intel x64
18:08:09.0009 6060 Number of processors: 2
18:08:09.0009 6060 Page size: 0x1000
18:08:09.0009 6060 Boot type: Normal boot
18:08:09.0009 6060 ============================================================
18:08:09.0337 6060 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:08:09.0353 6060 ============================================================
18:08:09.0353 6060 \Device\Harddisk0\DR0:
18:08:09.0353 6060 MBR partitions:
18:08:09.0353 6060 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
18:08:09.0353 6060 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625830
18:08:09.0353 6060 ============================================================
18:08:09.0384 6060 C: <-> \Device\Harddisk0\DR0\Partition1
18:08:09.0384 6060 ============================================================
18:08:09.0384 6060 Initialize success
18:08:09.0384 6060 ============================================================
18:08:19.0711 2436 ============================================================
18:08:19.0711 2436 Scan started
18:08:19.0711 2436 Mode: Manual;
18:08:19.0711 2436 ============================================================
18:08:20.0085 2436 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:08:20.0085 2436 1394ohci - ok
18:08:20.0132 2436 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:08:20.0132 2436 ACPI - ok
18:08:20.0179 2436 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:08:20.0179 2436 AcpiPmi - ok
18:08:20.0319 2436 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:08:20.0319 2436 AdobeFlashPlayerUpdateSvc - ok
18:08:20.0382 2436 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:08:20.0397 2436 adp94xx - ok
18:08:20.0444 2436 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:08:20.0444 2436 adpahci - ok
18:08:20.0491 2436 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:08:20.0507 2436 adpu320 - ok
18:08:20.0538 2436 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:08:20.0538 2436 AeLookupSvc - ok
18:08:20.0678 2436 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
18:08:20.0678 2436 AESTFilters - ok
18:08:20.0756 2436 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:08:20.0756 2436 AFD - ok
18:08:20.0803 2436 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:08:20.0803 2436 agp440 - ok
18:08:20.0865 2436 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:08:20.0865 2436 ALG - ok
18:08:20.0928 2436 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:08:20.0928 2436 aliide - ok
18:08:20.0943 2436 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:08:20.0943 2436 amdide - ok
18:08:21.0037 2436 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:08:21.0037 2436 AmdK8 - ok
18:08:21.0053 2436 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:08:21.0053 2436 AmdPPM - ok
18:08:21.0099 2436 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:08:21.0115 2436 amdsata - ok
18:08:21.0162 2436 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:08:21.0162 2436 amdsbs - ok
18:08:21.0193 2436 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:08:21.0193 2436 amdxata - ok
18:08:21.0271 2436 ApfiltrService (98449a2957778a6f025c418438a380f4) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:08:21.0271 2436 ApfiltrService - ok
18:08:21.0349 2436 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:08:21.0349 2436 AppID - ok
18:08:21.0396 2436 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:08:21.0396 2436 AppIDSvc - ok
18:08:21.0458 2436 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:08:21.0458 2436 Appinfo - ok
18:08:21.0505 2436 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:08:21.0505 2436 arc - ok
18:08:21.0521 2436 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:08:21.0521 2436 arcsas - ok
18:08:21.0567 2436 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:08:21.0567 2436 AsyncMac - ok
18:08:21.0630 2436 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:08:21.0630 2436 atapi - ok
18:08:21.0692 2436 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:08:21.0708 2436 AudioEndpointBuilder - ok
18:08:21.0723 2436 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:08:21.0723 2436 AudioSrv - ok
18:08:21.0786 2436 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:08:21.0786 2436 AxInstSV - ok
18:08:21.0848 2436 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:08:21.0864 2436 b06bdrv - ok
18:08:21.0911 2436 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:08:21.0926 2436 b57nd60a - ok
18:08:22.0051 2436 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:08:22.0051 2436 BBSvc - ok
18:08:22.0082 2436 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
18:08:22.0082 2436 BCM42RLY - ok
18:08:22.0379 2436 BCM43XX (f4cd5f52850bf2c978de178f256ba372) C:\Windows\system32\DRIVERS\bcmwl664.sys
18:08:22.0410 2436 BCM43XX - ok
18:08:22.0550 2436 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:08:22.0566 2436 BDESVC - ok
18:08:22.0644 2436 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:08:22.0644 2436 Beep - ok
18:08:22.0737 2436 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:08:22.0769 2436 BITS - ok
18:08:22.0815 2436 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:08:22.0815 2436 blbdrive - ok
18:08:22.0862 2436 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:08:22.0862 2436 bowser - ok
18:08:22.0909 2436 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:08:22.0909 2436 BrFiltLo - ok
18:08:22.0925 2436 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:08:22.0925 2436 BrFiltUp - ok
18:08:22.0971 2436 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:08:22.0971 2436 Browser - ok
18:08:23.0003 2436 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:08:23.0003 2436 Brserid - ok
18:08:23.0018 2436 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:08:23.0034 2436 BrSerWdm - ok
18:08:23.0065 2436 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:08:23.0065 2436 BrUsbMdm - ok
18:08:23.0096 2436 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:08:23.0096 2436 BrUsbSer - ok
18:08:23.0127 2436 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:08:23.0127 2436 BTHMODEM - ok
18:08:23.0174 2436 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:08:23.0174 2436 bthserv - ok
18:08:23.0205 2436 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:08:23.0205 2436 cdfs - ok
18:08:23.0252 2436 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:08:23.0252 2436 cdrom - ok
18:08:23.0315 2436 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:08:23.0315 2436 CertPropSvc - ok
18:08:23.0361 2436 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:08:23.0361 2436 circlass - ok
18:08:23.0424 2436 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:08:23.0424 2436 CLFS - ok
18:08:23.0502 2436 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:08:23.0517 2436 clr_optimization_v2.0.50727_32 - ok
18:08:23.0595 2436 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:08:23.0595 2436 clr_optimization_v2.0.50727_64 - ok
18:08:23.0689 2436 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:08:23.0705 2436 clr_optimization_v4.0.30319_32 - ok
18:08:23.0736 2436 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:08:23.0736 2436 clr_optimization_v4.0.30319_64 - ok
18:08:23.0767 2436 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:08:23.0767 2436 CmBatt - ok
18:08:23.0798 2436 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:08:23.0798 2436 cmdide - ok
18:08:23.0861 2436 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:08:23.0876 2436 CNG - ok
18:08:23.0939 2436 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:08:23.0939 2436 Compbatt - ok
18:08:23.0970 2436 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:08:23.0970 2436 CompositeBus - ok
18:08:24.0001 2436 COMSysApp - ok
18:08:24.0017 2436 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:08:24.0017 2436 crcdisk - ok
18:08:24.0079 2436 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
18:08:24.0079 2436 CryptSvc - ok
18:08:24.0110 2436 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:08:24.0126 2436 CtClsFlt - ok
18:08:24.0188 2436 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:08:24.0188 2436 DcomLaunch - ok
18:08:24.0251 2436 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:08:24.0266 2436 defragsvc - ok
18:08:24.0329 2436 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:08:24.0329 2436 DfsC - ok
18:08:24.0391 2436 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:08:24.0407 2436 Dhcp - ok
18:08:24.0438 2436 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:08:24.0438 2436 discache - ok
18:08:24.0500 2436 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:08:24.0500 2436 Disk - ok
18:08:24.0563 2436 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:08:24.0563 2436 Dnscache - ok
18:08:24.0656 2436 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
18:08:24.0656 2436 DockLoginService - ok
18:08:24.0719 2436 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:08:24.0719 2436 dot3svc - ok
18:08:24.0765 2436 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:08:24.0765 2436 DPS - ok
18:08:24.0812 2436 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:08:24.0812 2436 drmkaud - ok
18:08:24.0890 2436 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:08:24.0906 2436 DXGKrnl - ok
18:08:24.0937 2436 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:08:24.0937 2436 EapHost - ok
18:08:25.0951 2436 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:08:26.0013 2436 ebdrv - ok
18:08:26.0123 2436 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:08:26.0123 2436 EFS - ok
18:08:26.0216 2436 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:08:26.0232 2436 ehRecvr - ok
18:08:26.0263 2436 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:08:26.0263 2436 ehSched - ok
18:08:26.0388 2436 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:08:26.0403 2436 elxstor - ok
18:08:26.0435 2436 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:08:26.0435 2436 ErrDev - ok
18:08:26.0513 2436 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:08:26.0513 2436 EventSystem - ok
18:08:26.0559 2436 ewusbnet (0b8880f8d9a781670557307e2bca6bd6) C:\Windows\system32\DRIVERS\ewusbnet.sys
18:08:26.0575 2436 ewusbnet - ok
18:08:26.0606 2436 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:08:26.0606 2436 exfat - ok
18:08:26.0637 2436 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:08:26.0637 2436 fastfat - ok
18:08:26.0715 2436 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:08:26.0731 2436 Fax - ok
18:08:26.0778 2436 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:08:26.0778 2436 fdc - ok
18:08:26.0809 2436 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:08:26.0809 2436 fdPHost - ok
18:08:26.0825 2436 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:08:26.0825 2436 FDResPub - ok
18:08:26.0856 2436 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:08:26.0856 2436 FileInfo - ok
18:08:26.0871 2436 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:08:26.0871 2436 Filetrace - ok
18:08:26.0903 2436 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:08:26.0903 2436 flpydisk - ok
18:08:26.0949 2436 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:08:26.0949 2436 FltMgr - ok
18:08:27.0043 2436 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:08:27.0059 2436 FontCache - ok
18:08:27.0183 2436 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:08:27.0183 2436 FontCache3.0.0.0 - ok
18:08:27.0277 2436 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:08:27.0277 2436 FsDepends - ok
18:08:27.0324 2436 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
18:08:27.0324 2436 fssfltr - ok
18:08:27.0464 2436 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:08:27.0480 2436 fsssvc - ok
18:08:27.0651 2436 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:08:27.0651 2436 Fs_Rec - ok
18:08:27.0714 2436 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:08:27.0714 2436 fvevol - ok
18:08:27.0870 2436 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:08:27.0870 2436 gagp30kx - ok
18:08:28.0010 2436 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
18:08:28.0010 2436 GameConsoleService - ok
18:08:28.0073 2436 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
18:08:28.0073 2436 ggflt - ok
18:08:28.0104 2436 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
18:08:28.0104 2436 ggsemc - ok
18:08:28.0166 2436 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:08:28.0182 2436 gpsvc - ok
18:08:28.0291 2436 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:08:28.0291 2436 gupdate - ok
18:08:28.0338 2436 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:08:28.0353 2436 gupdatem - ok
18:08:28.0400 2436 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:08:28.0400 2436 gusvc - ok
18:08:28.0431 2436 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:08:28.0431 2436 hcw85cir - ok
18:08:28.0494 2436 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:08:28.0494 2436 HDAudBus - ok
18:08:28.0525 2436 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:08:28.0525 2436 HidBatt - ok
18:08:28.0541 2436 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:08:28.0556 2436 HidBth - ok
18:08:28.0572 2436 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:08:28.0572 2436 HidIr - ok
18:08:28.0619 2436 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:08:28.0619 2436 hidserv - ok
18:08:28.0681 2436 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:08:28.0681 2436 HidUsb - ok
18:08:28.0712 2436 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:08:28.0712 2436 hkmsvc - ok
18:08:28.0759 2436 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:08:28.0759 2436 HomeGroupListener - ok
18:08:28.0806 2436 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:08:28.0806 2436 HomeGroupProvider - ok
18:08:28.0868 2436 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:08:28.0868 2436 HpSAMD - ok
18:08:28.0946 2436 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:08:28.0962 2436 HTTP - ok
18:08:29.0009 2436 hwdatacard (3e31c1470aba81ba2dcb956f8504c037) C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:08:29.0009 2436 hwdatacard - ok
18:08:29.0055 2436 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:08:29.0055 2436 hwpolicy - ok
18:08:29.0102 2436 hwusbfake (b45b3647ba32749b94fa689175ec8c26) C:\Windows\system32\DRIVERS\ewusbfake.sys
18:08:29.0102 2436 hwusbfake - ok
18:08:29.0149 2436 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:08:29.0149 2436 i8042prt - ok
18:08:29.0243 2436 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:08:29.0243 2436 IAANTMON - ok
18:08:29.0321 2436 iaStor (4f6fb2cdbdeefc47e7d2066e78254580) C:\Windows\system32\DRIVERS\iaStor.sys
18:08:29.0336 2436 iaStor - ok
18:08:29.0399 2436 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:08:29.0399 2436 iaStorV - ok
18:08:29.0586 2436 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:08:29.0601 2436 idsvc - ok
18:08:29.0898 2436 igfx (44a4cfdf95dec95cfe8a5c111a2cbf71) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:08:30.0085 2436 igfx - ok
18:08:30.0272 2436 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:08:30.0272 2436 iirsp - ok
18:08:30.0350 2436 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:08:30.0366 2436 IKEEXT - ok
18:08:30.0397 2436 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:08:30.0397 2436 intelide - ok
18:08:30.0459 2436 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:08:30.0459 2436 intelppm - ok
18:08:30.0506 2436 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:08:30.0506 2436 IPBusEnum - ok
18:08:30.0553 2436 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:08:30.0553 2436 IpFilterDriver - ok
18:08:30.0600 2436 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:08:30.0600 2436 IPMIDRV - ok
18:08:30.0631 2436 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:08:30.0631 2436 IPNAT - ok
18:08:30.0678 2436 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:08:30.0678 2436 IRENUM - ok
18:08:30.0709 2436 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:08:30.0709 2436 isapnp - ok
18:08:30.0756 2436 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:08:30.0756 2436 iScsiPrt - ok
18:08:30.0803 2436 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:08:30.0803 2436 kbdclass - ok
18:08:30.0849 2436 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:08:30.0849 2436 kbdhid - ok
18:08:30.0865 2436 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:08:30.0881 2436 KeyIso - ok
18:08:30.0896 2436 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:08:30.0896 2436 KSecDD - ok
18:08:30.0943 2436 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:08:30.0943 2436 KSecPkg - ok
18:08:30.0974 2436 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:08:30.0974 2436 ksthunk - ok
18:08:31.0037 2436 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:08:31.0052 2436 KtmRm - ok
18:08:31.0099 2436 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:08:31.0115 2436 LanmanServer - ok
18:08:31.0161 2436 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:08:31.0161 2436 LanmanWorkstation - ok
18:08:31.0208 2436 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:08:31.0208 2436 lltdio - ok
18:08:31.0271 2436 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:08:31.0271 2436 lltdsvc - ok
18:08:31.0302 2436 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:08:31.0302 2436 lmhosts - ok
18:08:31.0333 2436 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:08:31.0333 2436 LSI_FC - ok
18:08:31.0380 2436 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:08:31.0380 2436 LSI_SAS - ok
18:08:31.0395 2436 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:08:31.0395 2436 LSI_SAS2 - ok
18:08:31.0411 2436 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:08:31.0411 2436 LSI_SCSI - ok
18:08:31.0489 2436 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:08:31.0489 2436 luafv - ok
18:08:31.0520 2436 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:08:31.0520 2436 Mcx2Svc - ok
18:08:31.0551 2436 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:08:31.0551 2436 megasas - ok
18:08:31.0598 2436 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:08:31.0598 2436 MegaSR - ok
18:08:31.0645 2436 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:08:31.0645 2436 MMCSS - ok
18:08:31.0676 2436 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:08:31.0676 2436 Modem - ok
18:08:31.0707 2436 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:08:31.0707 2436 monitor - ok
18:08:31.0754 2436 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:08:31.0754 2436 mouclass - ok
18:08:31.0770 2436 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:08:31.0770 2436 mouhid - ok
18:08:31.0801 2436 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:08:31.0801 2436 mountmgr - ok
18:08:31.0879 2436 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:08:31.0879 2436 MozillaMaintenance - ok
18:08:31.0910 2436 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:08:31.0926 2436 mpio - ok
18:08:31.0973 2436 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:08:31.0973 2436 mpsdrv - ok
18:08:32.0019 2436 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:08:32.0019 2436 MRxDAV - ok
18:08:32.0066 2436 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:08:32.0082 2436 mrxsmb - ok
18:08:32.0113 2436 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:08:32.0129 2436 mrxsmb10 - ok
18:08:32.0144 2436 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:08:32.0144 2436 mrxsmb20 - ok
18:08:32.0207 2436 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:08:32.0207 2436 msahci - ok
18:08:32.0238 2436 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:08:32.0238 2436 msdsm - ok
18:08:32.0269 2436 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:08:32.0269 2436 MSDTC - ok
18:08:32.0347 2436 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:08:32.0347 2436 Msfs - ok
18:08:32.0378 2436 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:08:32.0378 2436 mshidkmdf - ok
18:08:32.0409 2436 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:08:32.0425 2436 msisadrv - ok
18:08:32.0472 2436 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:08:32.0472 2436 MSiSCSI - ok
18:08:32.0487 2436 msiserver - ok
18:08:32.0519 2436 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:08:32.0519 2436 MSKSSRV - ok
18:08:32.0519 2436 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:08:32.0534 2436 MSPCLOCK - ok
18:08:32.0550 2436 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:08:32.0550 2436 MSPQM - ok
18:08:32.0612 2436 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:08:32.0628 2436 MsRPC - ok
18:08:32.0675 2436 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:08:32.0675 2436 mssmbios - ok
18:08:32.0690 2436 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:08:32.0690 2436 MSTEE - ok
18:08:32.0737 2436 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:08:32.0737 2436 MTConfig - ok
18:08:32.0768 2436 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:08:32.0768 2436 Mup - ok
18:08:32.0831 2436 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:08:32.0846 2436 napagent - ok
18:08:32.0955 2436 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:08:32.0955 2436 NativeWifiP - ok
18:08:33.0049 2436 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:08:33.0065 2436 NDIS - ok
18:08:33.0111 2436 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:08:33.0111 2436 NdisCap - ok
18:08:33.0143 2436 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:08:33.0143 2436 NdisTapi - ok
18:08:33.0189 2436 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:08:33.0189 2436 Ndisuio - ok
18:08:33.0236 2436 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:08:33.0236 2436 NdisWan - ok
18:08:33.0267 2436 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:08:33.0283 2436 NDProxy - ok
18:08:33.0299 2436 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:08:33.0299 2436 NetBIOS - ok
18:08:33.0361 2436 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:08:33.0361 2436 NetBT - ok
18:08:33.0392 2436 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:08:33.0392 2436 Netlogon - ok
18:08:33.0470 2436 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:08:33.0470 2436 Netman - ok
18:08:33.0486 2436 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:08:33.0501 2436 netprofm - ok
18:08:33.0657 2436 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:08:33.0657 2436 NetTcpPortSharing - ok
18:08:33.0720 2436 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:08:33.0720 2436 nfrd960 - ok
18:08:33.0782 2436 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:08:33.0782 2436 NlaSvc - ok
18:08:33.0798 2436 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:08:33.0798 2436 Npfs - ok
18:08:33.0845 2436 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:08:33.0845 2436 nsi - ok
18:08:33.0891 2436 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:08:33.0891 2436 nsiproxy - ok
18:08:33.0985 2436 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:08:34.0016 2436 Ntfs - ok
18:08:34.0188 2436 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:08:34.0188 2436 Null - ok
18:08:34.0235 2436 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:08:34.0235 2436 nvraid - ok
18:08:34.0266 2436 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:08:34.0266 2436 nvstor - ok
18:08:34.0297 2436 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:08:34.0297 2436 nv_agp - ok
18:08:34.0313 2436 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:08:34.0313 2436 ohci1394 - ok
18:08:34.0391 2436 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:08:34.0391 2436 ose - ok
18:08:34.0453 2436 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:08:34.0453 2436 p2pimsvc - ok
18:08:34.0500 2436 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:08:34.0515 2436 p2psvc - ok
18:08:34.0547 2436 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:08:34.0547 2436 Parport - ok
18:08:34.0593 2436 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:08:34.0593 2436 partmgr - ok
18:08:34.0625 2436 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:08:34.0625 2436 PcaSvc - ok
18:08:34.0671 2436 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:08:34.0671 2436 pci - ok
18:08:34.0687 2436 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:08:34.0687 2436 pciide - ok
18:08:34.0734 2436 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:08:34.0734 2436 pcmcia - ok
18:08:34.0765 2436 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:08:34.0765 2436 pcw - ok
18:08:34.0796 2436 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:08:34.0812 2436 PEAUTH - ok
18:08:34.0905 2436 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:08:34.0921 2436 PerfHost - ok
18:08:35.0015 2436 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:08:35.0046 2436 pla - ok
18:08:35.0108 2436 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:08:35.0124 2436 PlugPlay - ok
18:08:35.0155 2436 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:08:35.0155 2436 PNRPAutoReg - ok
18:08:35.0186 2436 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:08:35.0186 2436 PNRPsvc - ok
18:08:35.0249 2436 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:08:35.0249 2436 PolicyAgent - ok
18:08:35.0311 2436 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:08:35.0311 2436 Power - ok
18:08:35.0405 2436 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:08:35.0405 2436 PptpMiniport - ok
18:08:35.0436 2436 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:08:35.0436 2436 Processor - ok
18:08:35.0483 2436 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
18:08:35.0498 2436 ProfSvc - ok
18:08:35.0514 2436 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:08:35.0529 2436 ProtectedStorage - ok
18:08:35.0576 2436 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:08:35.0576 2436 Psched - ok
18:08:35.0623 2436 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:08:35.0623 2436 PxHlpa64 - ok
18:08:35.0717 2436 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:08:35.0748 2436 ql2300 - ok
18:08:35.0904 2436 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:08:35.0904 2436 ql40xx - ok
18:08:35.0951 2436 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:08:35.0951 2436 QWAVE - ok
18:08:35.0982 2436 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:08:35.0982 2436 QWAVEdrv - ok
18:08:35.0997 2436 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:08:35.0997 2436 RasAcd - ok
18:08:36.0060 2436 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:08:36.0060 2436 RasAgileVpn - ok
18:08:36.0075 2436 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:08:36.0091 2436 RasAuto - ok
18:08:36.0138 2436 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:08:36.0138 2436 Rasl2tp - ok
18:08:36.0185 2436 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:08:36.0185 2436 RasMan - ok
18:08:36.0231 2436 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:08:36.0231 2436 RasPppoe - ok
18:08:36.0263 2436 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:08:36.0263 2436 RasSstp - ok
18:08:36.0309 2436 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:08:36.0309 2436 rdbss - ok
18:08:36.0341 2436 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:08:36.0341 2436 rdpbus - ok
18:08:36.0356 2436 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:08:36.0356 2436 RDPCDD - ok
18:08:36.0403 2436 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:08:36.0403 2436 RDPENCDD - ok
18:08:36.0434 2436 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:08:36.0434 2436 RDPREFMP - ok
18:08:36.0481 2436 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
18:08:36.0481 2436 RDPWD - ok
18:08:36.0543 2436 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:08:36.0543 2436 rdyboost - ok
18:08:36.0606 2436 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:08:36.0606 2436 RemoteAccess - ok
18:08:36.0637 2436 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:08:36.0653 2436 RemoteRegistry - ok
18:08:36.0668 2436 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:08:36.0668 2436 RpcEptMapper - ok
18:08:36.0699 2436 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:08:36.0699 2436 RpcLocator - ok
18:08:36.0762 2436 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:08:36.0762 2436 RpcSs - ok
18:08:36.0809 2436 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:08:36.0824 2436 rspndr - ok
18:08:36.0855 2436 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
18:08:36.0855 2436 RSUSBSTOR - ok
18:08:36.0902 2436 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:08:36.0902 2436 SamSs - ok
18:08:36.0949 2436 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:08:36.0949 2436 sbp2port - ok
18:08:36.0996 2436 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:08:36.0996 2436 SCardSvr - ok
18:08:37.0043 2436 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:08:37.0043 2436 scfilter - ok
18:08:37.0121 2436 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:08:37.0136 2436 Schedule - ok
18:08:37.0183 2436 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:08:37.0183 2436 SCPolicySvc - ok
18:08:37.0230 2436 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:08:37.0230 2436 SDRSVC - ok
18:08:37.0355 2436 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:08:37.0355 2436 SeaPort - ok
18:08:37.0433 2436 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:08:37.0433 2436 secdrv - ok
18:08:37.0464 2436 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:08:37.0479 2436 seclogon - ok
18:08:37.0511 2436 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:08:37.0511 2436 SENS - ok
18:08:37.0542 2436 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:08:37.0542 2436 SensrSvc - ok
18:08:37.0589 2436 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:08:37.0589 2436 Serenum - ok
18:08:37.0620 2436 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:08:37.0620 2436 Serial - ok
18:08:37.0667 2436 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:08:37.0667 2436 sermouse - ok
18:08:37.0729 2436 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:08:37.0729 2436 SessionEnv - ok
18:08:37.0760 2436 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:08:37.0776 2436 sffdisk - ok
18:08:37.0776 2436 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:08:37.0776 2436 sffp_mmc - ok
18:08:37.0791 2436 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:08:37.0791 2436 sffp_sd - ok
18:08:37.0807 2436 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:08:37.0807 2436 sfloppy - ok
18:08:37.0932 2436 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:08:37.0947 2436 SftService - ok
18:08:38.0150 2436 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:08:38.0150 2436 SharedAccess - ok
18:08:38.0197 2436 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:08:38.0213 2436 ShellHWDetection - ok
18:08:38.0291 2436 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:08:38.0291 2436 SiSRaid2 - ok
18:08:38.0322 2436 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:08:38.0322 2436 SiSRaid4 - ok
18:08:38.0337 2436 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:08:38.0337 2436 Smb - ok
18:08:38.0400 2436 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:08:38.0400 2436 SNMPTRAP - ok
18:08:38.0556 2436 Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
18:08:38.0556 2436 Sony Ericsson PCCompanion - ok
18:08:38.0618 2436 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:08:38.0618 2436 spldr - ok
18:08:38.0681 2436 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:08:38.0681 2436 Spooler - ok
18:08:38.0837 2436 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:08:38.0868 2436 sppsvc - ok
18:08:38.0993 2436 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:08:39.0008 2436 sppuinotify - ok
18:08:39.0102 2436 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:08:39.0102 2436 srv - ok
18:08:39.0149 2436 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:08:39.0164 2436 srv2 - ok
18:08:39.0180 2436 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:08:39.0180 2436 srvnet - ok
18:08:39.0242 2436 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:08:39.0242 2436 SSDPSRV - ok
18:08:39.0273 2436 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:08:39.0273 2436 SstpSvc - ok
18:08:39.0414 2436 STacSV (5697fb5dcf36ada09c153378e88ae6ad) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
18:08:39.0414 2436 STacSV - ok
18:08:39.0461 2436 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:08:39.0461 2436 stexstor - ok
18:08:39.0523 2436 STHDA (f3f6c17f70eba268cdbe4f9704e3eac5) C:\Windows\system32\DRIVERS\stwrt64.sys
18:08:39.0539 2436 STHDA - ok
18:08:39.0601 2436 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:08:39.0617 2436 stisvc - ok
18:08:39.0648 2436 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:08:39.0648 2436 swenum - ok
18:08:39.0710 2436 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:08:39.0726 2436 swprv - ok
18:08:39.0835 2436 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:08:39.0851 2436 SysMain - ok
18:08:39.0975 2436 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:08:39.0975 2436 TabletInputService - ok
18:08:40.0007 2436 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:08:40.0007 2436 TapiSrv - ok
18:08:40.0038 2436 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:08:40.0053 2436 TBS - ok
18:08:40.0194 2436 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:08:40.0225 2436 Tcpip - ok
18:08:40.0475 2436 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:08:40.0490 2436 TCPIP6 - ok
18:08:40.0568 2436 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:08:40.0568 2436 tcpipreg - ok
18:08:40.0615 2436 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:08:40.0615 2436 TDPIPE - ok
18:08:40.0662 2436 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:08:40.0662 2436 TDTCP - ok
18:08:40.0693 2436 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:08:40.0709 2436 tdx - ok
18:08:40.0755 2436 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:08:40.0755 2436 TermDD - ok
18:08:40.0818 2436 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:08:40.0833 2436 TermService - ok
18:08:40.0880 2436 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:08:40.0880 2436 Themes - ok
18:08:40.0927 2436 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:08:40.0927 2436 THREADORDER - ok
18:08:40.0943 2436 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:08:40.0958 2436 TrkWks - ok
18:08:41.0036 2436 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:08:41.0036 2436 TrustedInstaller - ok
18:08:41.0067 2436 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:08:41.0083 2436 tssecsrv - ok
18:08:41.0114 2436 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:08:41.0114 2436 TsUsbFlt - ok
18:08:41.0192 2436 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:08:41.0192 2436 tunnel - ok
18:08:41.0239 2436 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:08:41.0239 2436 uagp35 - ok
18:08:41.0301 2436 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:08:41.0301 2436 udfs - ok
18:08:41.0348 2436 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:08:41.0348 2436 UI0Detect - ok
18:08:41.0395 2436 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:08:41.0395 2436 uliagpkx - ok
18:08:41.0426 2436 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:08:41.0426 2436 umbus - ok
18:08:41.0473 2436 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:08:41.0473 2436 UmPass - ok
18:08:41.0520 2436 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:08:41.0535 2436 upnphost - ok
18:08:41.0582 2436 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:08:41.0582 2436 usbccgp - ok
18:08:41.0629 2436 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:08:41.0629 2436 usbcir - ok
18:08:41.0660 2436 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:08:41.0660 2436 usbehci - ok
18:08:41.0707 2436 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:08:41.0707 2436 usbhub - ok
18:08:41.0723 2436 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:08:41.0723 2436 usbohci - ok
18:08:41.0754 2436 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:08:41.0754 2436 usbprint - ok
18:08:41.0785 2436 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:08:41.0785 2436 USBSTOR - ok
18:08:41.0801 2436 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
18:08:41.0816 2436 usbuhci - ok
18:08:41.0879 2436 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:08:41.0879 2436 usbvideo - ok
18:08:41.0925 2436 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:08:41.0925 2436 UxSms - ok
18:08:41.0957 2436 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:08:41.0957 2436 VaultSvc - ok
18:08:42.0019 2436 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:08:42.0019 2436 vdrvroot - ok
18:08:42.0081 2436 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:08:42.0097 2436 vds - ok
18:08:42.0144 2436 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:08:42.0144 2436 vga - ok
18:08:42.0159 2436 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:08:42.0159 2436 VgaSave - ok
18:08:42.0206 2436 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:08:42.0206 2436 vhdmp - ok
18:08:42.0253 2436 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:08:42.0253 2436 viaide - ok
18:08:42.0409 2436 VMCService (ab71fdeafaa11fffd18378553d8ef8ad) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
18:08:42.0409 2436 VMCService - ok
18:08:42.0425 2436 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:08:42.0425 2436 volmgr - ok
18:08:42.0487 2436 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:08:42.0487 2436 volmgrx - ok
18:08:42.0534 2436 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:08:42.0534 2436 volsnap - ok
18:08:42.0612 2436 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:08:42.0612 2436 vsmraid - ok
18:08:42.0705 2436 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:08:42.0737 2436 VSS - ok
18:08:42.0893 2436 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:08:42.0893 2436 vwifibus - ok
18:08:42.0924 2436 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:08:42.0924 2436 vwififlt - ok
18:08:42.0986 2436 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:08:43.0002 2436 W32Time - ok
18:08:43.0017 2436 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:08:43.0017 2436 WacomPen - ok
18:08:43.0080 2436 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:08:43.0080 2436 WANARP - ok
18:08:43.0080 2436 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:08:43.0095 2436 Wanarpv6 - ok
18:08:43.0205 2436 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:08:43.0220 2436 WatAdminSvc - ok
18:08:43.0314 2436 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:08:43.0345 2436 wbengine - ok
18:08:43.0470 2436 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:08:43.0485 2436 WbioSrvc - ok
18:08:43.0532 2436 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:08:43.0532 2436 wcncsvc - ok
18:08:43.0548 2436 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:08:43.0548 2436 WcsPlugInService - ok
18:08:43.0626 2436 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:08:43.0626 2436 Wd - ok
18:08:43.0673 2436 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:08:43.0673 2436 Wdf01000 - ok
18:08:43.0688 2436 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:08:43.0688 2436 WdiServiceHost - ok
18:08:43.0688 2436 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:08:43.0688 2436 WdiSystemHost - ok
18:08:43.0735 2436 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:08:43.0735 2436 WebClient - ok
18:08:43.0782 2436 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:08:43.0797 2436 Wecsvc - ok
18:08:43.0813 2436 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:08:43.0813 2436 wercplsupport - ok
18:08:43.0829 2436 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:08:43.0829 2436 WerSvc - ok
18:08:43.0907 2436 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:08:43.0907 2436 WfpLwf - ok
18:08:43.0938 2436 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
18:08:43.0953 2436 WimFltr - ok
18:08:43.0969 2436 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:08:43.0969 2436 WIMMount - ok
18:08:43.0985 2436 WinHttpAutoProxySvc - ok
18:08:44.0078 2436 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:08:44.0078 2436 Winmgmt - ok
18:08:44.0203 2436 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:08:44.0234 2436 WinRM - ok
18:08:44.0437 2436 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:08:44.0437 2436 WinUsb - ok
18:08:44.0515 2436 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:08:44.0531 2436 Wlansvc - ok
18:08:44.0609 2436 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:08:44.0624 2436 wlcrasvc - ok
18:08:44.0765 2436 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:08:44.0796 2436 wlidsvc - ok
18:08:44.0858 2436 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
18:08:44.0874 2436 wltrysvc - ok
18:08:45.0045 2436 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:08:45.0045 2436 WmiAcpi - ok
18:08:45.0139 2436 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:08:45.0139 2436 wmiApSrv - ok
18:08:45.0201 2436 WMPNetworkSvc - ok
18:08:45.0248 2436 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:08:45.0248 2436 WPCSvc - ok
18:08:45.0279 2436 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:08:45.0295 2436 WPDBusEnum - ok
18:08:45.0342 2436 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:08:45.0342 2436 ws2ifsl - ok
18:08:45.0389 2436 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
18:08:45.0404 2436 wscsvc - ok
18:08:45.0404 2436 WSearch - ok
18:08:45.0529 2436 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
18:08:45.0560 2436 wuauserv - ok
18:08:45.0747 2436 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:08:45.0747 2436 WudfPf - ok
18:08:45.0779 2436 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:08:45.0779 2436 WUDFRd - ok
18:08:45.0825 2436 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:08:45.0825 2436 wudfsvc - ok
18:08:45.0872 2436 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:08:45.0872 2436 WwanSvc - ok
18:08:45.0950 2436 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
18:08:45.0950 2436 yukonw7 - ok
18:08:46.0013 2436 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
18:08:46.0184 2436 \Device\Harddisk0\DR0 - ok
18:08:46.0200 2436 Boot (0x1200) (9f22d7d006b9d684c3f753afa6f7933a) \Device\Harddisk0\DR0\Partition0
18:08:46.0200 2436 \Device\Harddisk0\DR0\Partition0 - ok
18:08:46.0215 2436 Boot (0x1200) (d90fcfda59af318522013fbe233e16f9) \Device\Harddisk0\DR0\Partition1
18:08:46.0215 2436 \Device\Harddisk0\DR0\Partition1 - ok
18:08:46.0215 2436 ============================================================
18:08:46.0215 2436 Scan finished
18:08:46.0215 2436 ============================================================
18:08:46.0278 3564 Detected object count: 0
18:08:46.0278 3564 Actual detected object count: 0
18:11:00.0922 1980 Deinitialize success
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sun Jun 03, 2012 9:26 am    Post subject: Reply with quote

system look

SystemLook 30.07.11 by jpshortstuff
Log created at 18:13 on 03/06/2012 by Teresa
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc]
"DisplayName"="@%SystemRoot%\System32\wscsvc.dll,-200"
"ErrorControl"= 0x0000000001 (1)
"ImagePath"="%SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted"
"Start"= 0x0000000002 (2)
"Type"= 0x0000000020 (32)
"Description"="@%SystemRoot%\System32\wscsvc.dll,-201"
"DependOnService"="RpcSs WinMgmt"
"ObjectName"="NT AUTHORITY\LocalService"
"ServiceSidType"= 0x0000000001 (1)
"RequiredPrivileges"="SeChangeNotifyPrivilege SeImpersonatePrivilege"
"DelayedAutoStart"= 0x0000000001 (1)
"FailureActions"=80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 c0 d4 01 00 01 00 00 00 e0 93 04 00 00 00 00 00 00 00 00 00 (REG_BINARY)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\Parameters]
"ServiceDllUnloadOnStop"= 0x0000000001 (1)
"ServiceDll"="%SystemRoot%\System32\wscsvc.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\Security]
"Security"=01 00 14 80 c8 00 00 00 d4 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 98 00 06 00 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 9d 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 8d 01 02 00 01 01 00 00 00 00 00 05 06 00 00 00 00 00 14 00 00 01 00 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 28 00 15 00 00 00 01 06 00 00 00 00 00 05 50 00 00 00 49 59 9d 77 91 56 e5 55 dc f4 e2 0e a7 8b eb ca 7b 42 13 56 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 (REG_BINARY)


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1"=28 4d b2 76 41 04 ca 01 (REG_QWORD)
"AntiVirusOverride"= 0x0000000000 (0)
"AntiSpywareOverride"= 0x0000000000 (0)
"FirewallOverride"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
(No values found)


-= EOF =-
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sun Jun 03, 2012 9:27 am    Post subject: Reply with quote

check up text

Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
Java(TM) 6 Update 26
Java version out of date!
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (12.0)
Google Chrome 18.0.1025.162
Google Chrome 19.0.1084.52
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````

Yes I have the discs I made for windows when i got the laptop. Not labelled though so don't know which is first one.
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105

PostPosted: Mon Jun 04, 2012 2:40 pm    Post subject: Reply with quote

Hi partnership,

Apologies for the delay in responding. I am having to send this message from my mobile phone as I will now have no Internet access using a computer until Wednesday morning.

I will post my next set of instructions then.

Scolabar
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105

PostPosted: Wed Jun 06, 2012 1:19 am    Post subject: Reply with quote

Hi partnership,

Thank you again for your patience. Smile

Again, please remember to read the instructions below carefully before executing and perform the steps, in the order given.
If you have any questions about or problems executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before proceeding please make sure any open programs are closed.

Step 1:
Create System Restore Point

First we need to make sure we have a back up of the Registry to return to if we need it:
  1. Click on Start > Control Panel > System and Security > System.
  2. In the left-hand pane click on the System Protection option.
  3. When the Dialog comes up, click on the System Protection tab.
  4. Check that the drive letter where Windows is located (usually C: drive) indicates System protection ON.
    (This indicates System restore is turned ON for the Windows drive).
  5. Click on the Create button to create a new restore point. In the Name dialog, type a descriptive name and then click on the Create button.
  6. You will get a message that the Restore Point was created successfully. Click on the Close button.
  7. Click on the OK button and close the System window in the Control Panel.
< STOP > If you did not successfully complete this step. < STOP > Do not continue with any other steps, post back and let me know!

Step 2:
No Anti-virus Software Installed!

Looking over your log I can see NO evidence of Anti-virus software installed. This puts your computer at serious risk.
Anti-virus software will help detect, cleanse, and erase harmful virus files on a computer, Web server, or network.
Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories.

To protect your computer from infection download a (free for personal use) Anti-virus program from one the following reliable vendors, but please do not install it until I ask you to do so.
  1. avast! Free Antivirus - Excellent detection, the freeware version includes email scanning.
  2. Microsoft Security Essentials ** - New, from Microsoft, with email scanning, easy to install, easy to use.
    ** Your PC must run a genuine version of the Windows OS to install Microsoft Security Essentials.
A good (pay for) Anti-virus program is ESET NOD32 Antivirus - 30 day free trial.

Please Note: You should run only one Anti-virus program at a time. Having more than one Anti-virus program active in memory uses additional resources and results in program conflicts and false virus alerts.

Installing a new Anti-virus product.
Do NOT uninstall any existing Anti-virus product yet!
  1. Download the new Anti-virus product to your computer desktop.
  2. Save any work. Close all applications, especially your Internet connection.
  3. Uninstall any existing Anti-virus product using the Anti-virus uninstall option, if available.
  4. Reboot your computer, if not done during the uninstall.
  5. Install the new Anti-virus product following the installation instructions.
  6. Check for updates to the new Anti-virus product, if not already done during the installation setup.
  7. Run a full scan of your computer and post the scan report in your next reply
Step 3:
Uninstall Program
  1. Select Start > Control Panel > Programs > Programs and Features.
  2. Under the Programs heading, click on Uninstall a program.
  3. Scroll down the list of installed programs and locate the following program:

      Yontoo 1.10.02

  4. Right-click on Uninstall to uninstall it.
  5. When finished Close the Control Panel window.
  6. Restart the computer to complete removal of the program.
Step 4:
ComboFix

Quote:
Do NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be used under the guidance and supervision of an expert, NOT for general public or personal use. Using this tool incorrectly could lead to serious problems with your operating system such as preventing it from ever starting again. This site, sUBs and myself will not be responsible for any damage caused to your machine by misusing or running ComboFix on your own. Please read Combofix's Disclaimer.

The first thing you need to do is print out How-To-Use-ComboFix. Read these instructions thoroughly.
You will not have Internet access when you execute ComboFix. All open windows will need to be closed!

If you have previously downloaded ComboFix please delete that version and download it again. This tool is frequently updated.
  1. Please download ComboFix.exe by © sUBs and save it to your Desktop. <<--- IMPORTANT!!
    Alternate download site is available here.
  2. Please disable any Anti-Virus, Anti-Spyware and Firewall programs you have active, as shown in this topic. Please close all open application windows.
    Note: ** Only ** when the above items disabled should you proceed with the following steps:
  3. Right-click on ComboFix.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  4. Reply Yes to the Disclaimer prompt.
    The ComboFix program screen will appear indicating the program is preparing to run. ComboFix will then by begin creating a System Restore Point and then backup your Registry.
    Note: Do Not use your keyboard or mouse click anywhere in the ComboFix window, as this may cause the program to stall or crash!
  5. When the program has finished ComboFix will produce a log file called combofix.txt which will automatically open in Notepad.
  6. Please Copy and Paste the entire contents of the combofix.txt file into your next reply.
** REMEMBER ** Re-Enable your Anti-Virus, Anti-Spyware and Firewall programs before reconnecting to the Internet!

Step 5:
Include in Next Post
  1. Did you have any problems carrying out the instructions?
  2. Anti-virus Full Scan Report.
  3. combofix.txt.

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed

_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE


Last edited by Scolabar on Wed Jun 06, 2012 9:14 pm; edited 1 time in total
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Wed Jun 06, 2012 5:32 am    Post subject: Reply with quote

Thanks. I do have microsoft security essential installed on the computer and regularly run it so don't understand how you do not see it. I have not run it since I started this as you said not to do anything else. I also have malware antimalware installed.
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Wed Jun 06, 2012 11:35 am    Post subject: Reply with quote

On foot of your last post have just checked my laptop and security essentials seems to have disappeared from the computer. I know I did not uninstall it so don't know how it has happened. Will follow your last instructions and then report back
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105

PostPosted: Wed Jun 06, 2012 2:19 pm    Post subject: Reply with quote

Hi partnership,

Do you happen to know what version of MSE you were running?

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed

_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Wed Jun 06, 2012 3:08 pm    Post subject: Reply with quote

No I don't know what version of MSE I was using but I downloaded it again as per instructions and ran a full scan and it came up with no threats detetected. I then removed the Yontoo as directed.

I will not be able to run the combofix until Friday as I won't have access to a printer to print off the instructions until then.

Another issue is that the windows firewall is not turned on and it will not allow me to turn it on it comes up as not using recommended settings, when I click on use recommended settings it comes up with error code 080070424.

Stragenly enough this evening I am getting no pop up ads!
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105

PostPosted: Wed Jun 06, 2012 11:35 pm    Post subject: Reply with quote

Hi partnership,

Thank you for the update. Please post the logs requested on Friday when you are ready. Wink

In the meantime, let's see if we can get your Windows Firewall and Security Center working again.

Again, please remember to read the instructions below carefully before executing and perform the steps, in the order given.
If you have any questions about or problems executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before proceeding please make sure any open programs are closed.

Step 1:
FSS - Scan
  1. Please download Farbar Service Scanner and save it to your Desktop.
  2. Right-click on FSS.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  3. Check the following options in the list:
    • RpcSc and PlugPlay <-- Automatically selected by default - cannot be disabled.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
  4. Click on the Scan button.
  5. When the scan has finished, a text file named FSS.txt will be created on your Desktop. (- the same location where the tool is run from).
  6. Rename the resulting log file as FSS1.txt.
  7. Please Copy and Paste the entire contents of the FSS1.txt log into your next reply.
Step 2:
FSS - Service Key Export
  1. Right-click on FSS.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  2. Copy and Paste the following text into the Search text box:
    Code:
    mpsdrv
    MpsSvc
    bfe
    wscsvc
  3. Click on the Export Service button.
  4. When the tool has finished, a text file named FSS.txt will be created on your Desktop. (- the same location where the tool is run from).
    Note: This will overwrite the previous log file.
  5. Rename the resulting log file as FSS2.txt.
  6. Copy and Paste the entire contents of the FSS2.txt log into your next reply.
  7. Exit the program when finished.
Step 3:
Microsoft Windows Firewall Troubleshooter
  1. Please click on the following link:
  2. Click on the Run Now button.
  3. Save the file MicrosoftFixit.WindowsFirewall.RNP.<Version>.Run.exe to your Desktop.
  4. Right-click on MicrosoftFixit.WindowsFirewall.RNP.<Version>.Run.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  5. Click on the Accept button in the Licence Agreement window to continue.
  6. Click on Detect problems and apply fixes for me (Recommended) option.
  7. Follow the instructions to apply any recommended fixes.
  8. When completed click on the Next button.
  9. Then run some tests to check if this resolved your Windows Firewall issue.
  10. Exit the Windows Firewall Troubleshooter.
Step 4:
FSS - Re-Run Scan
  1. Please repeat Step 1 and rename the resulting log file as FSS3.txt.
  2. Copy and Paste the entire contents of the FSS3.txt log into your next reply.
Step 5:
FSS - Re-Run Service Key Export
  1. Please repeat Step 2 and rename the resulting log file as FSS4.txt.
  2. Copy and Paste the entire contents of the FSS4.txt log into your next reply.
Step 6:
Include in Next Post
  1. Did you have any problems carrying out the instructions?
  2. FSS1.txt.
  3. FSS2.txt.
  4. Did the Microsoft Windows Firewall Troubleshooter resolve the Windows Firewall issue?
  5. FSS3.txt.
  6. FSS4.txt.

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed

_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Thu Jun 07, 2012 10:20 am    Post subject: Reply with quote

ok managed to do the above steps. Attaching logs

FSS1.txt
Farbar Service Scanner Version: 05-06-2012
Ran by Teresa (administrator) on 07-06-2012 at 18:57:50
Running from "C:\Users\Teresa\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.
Unable to retrieve ServiceDll of WinDefend. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
fss2.txt
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\mpsdrv]
"DisplayName"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23092"
"Group"="network"
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,6d,00,70,00,73,00,64,00,72,00,76,\
00,2e,00,73,00,79,00,73,00,00,00
"Description"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23093"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\mpsdrv\Enum]
"0"="Root\\LEGACY_MPSDRV\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\wscsvc]
"DisplayName"="@%SystemRoot%\\System32\\wscsvc.dll,-200"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,73,00,74,00,\
72,00,69,00,63,00,74,00,65,00,64,00,00,00
"Start"=dword:00000002
"Type"=dword:00000020
"Description"="@%SystemRoot%\\System32\\wscsvc.dll,-201"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,57,00,69,00,6e,00,\
4d,00,67,00,6d,00,74,00,00,00,00,00
"ObjectName"="NT AUTHORITY\\LocalService"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,00,00
"DelayedAutoStart"=dword:00000001
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\wscsvc\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
77,00,73,00,63,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\wscsvc\Security]
"Security"=hex:01,00,14,80,c8,00,00,00,d4,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,98,00,06,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\
00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,\
00,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,28,00,15,00,00,00,01,06,00,\
00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,\
7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,\
00,00,00

fss3.txt

Farbar Service Scanner Version: 05-06-2012
Ran by Teresa (administrator) on 07-06-2012 at 19:14:49
Running from "C:\Users\Teresa\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.
Unable to retrieve ServiceDll of WinDefend. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

fss4.txt

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\mpsdrv]
"DisplayName"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23092"
"Group"="network"
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,6d,00,70,00,73,00,64,00,72,00,76,\
00,2e,00,73,00,79,00,73,00,00,00
"Description"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23093"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\mpsdrv\Enum]
"0"="Root\\LEGACY_MPSDRV\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc]
"DisplayName"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23090"
"Group"="NetworkProvider"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,6f,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,00,00
"Description"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23091"
"ObjectName"="NT Authority\\LocalService"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):6d,00,70,00,73,00,64,00,72,00,76,00,00,00,62,00,66,00,\
65,00,00,00,00,00
"ServiceSidType"=dword:00000003
"RequiredPrivileges"=hex(7):53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,\
00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,\
72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,41,00,75,\
00,64,00,69,00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,00,74,00,69,\
00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,00,6f,00,62,00,61,\
00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\
65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,\
00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,\
6e,00,63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,\
00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
6d,00,70,00,73,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceDllUnloadOnStop"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Security]
"Security"=hex:01,00,14,80,b4,00,00,00,c0,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,84,00,05,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\
00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,15,00,\
00,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,\
0e,a7,8b,eb,ca,7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,\
00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe]
"DisplayName"="@%SystemRoot%\\system32\\bfe.dll,-1001"
"Group"="NetworkProvider"
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,6f,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,00,00
"Description"="@%SystemRoot%\\system32\\bfe.dll,-1002"
"ObjectName"="NT AUTHORITY\\LocalService"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"ServiceSidType"=dword:00000003
"RequiredPrivileges"=hex(7):53,00,65,00,41,00,75,00,64,00,69,00,74,00,50,00,72,\
00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
62,00,66,00,65,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceMain"="BfeServiceMain"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\BootTime]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\BootTime\Filter]
"{dc95b53e-01cf-4058-821d-350b3d0d4676}"=hex:01,10,08,00,cc,cc,cc,cc,98,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,01,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,02,00,00,00,0c,00,\
02,00,02,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,05,00,00,00,00,00,00,00,01,00,00,00,\
01,00,00,00,3a,00,00,00,04,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,87,\
00,00,00,00,00,00,00
"{2dd96961-5757-434f-b617-34e732517c0e}"=hex:01,10,08,00,cc,cc,cc,cc,a8,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,17,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,01,00,00,00,03,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,0c,02,00,00,00,03,00,00,00,13,00,00,00,00,00,00,00,03,00,00,00,\
03,00,00,00,83,00,00,00,14,00,00,00,00,00,00,00,03,00,00,00,03,00,00,00,0e,\
00,00,00,0b,00,00,00,08,00,00,00,03,00,00,00,03,00,00,00,01,00,00,00
"{2db25e6c-f07a-44f4-b6c8-50a330d2790b}"=hex:01,10,08,00,cc,cc,cc,cc,a8,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,19,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,01,00,00,00,03,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,0c,02,00,00,00,03,00,00,00,13,00,00,00,00,00,00,00,03,00,00,00,\
03,00,00,00,83,00,00,00,14,00,00,00,00,00,00,00,03,00,00,00,03,00,00,00,01,\
00,00,00,0b,00,00,00,08,00,00,00,03,00,00,00,03,00,00,00,01,00,00,00
"{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}"=hex:01,10,08,00,cc,cc,cc,cc,a8,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2c,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,1a,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,01,00,00,00,03,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,30,08,00,00,00,03,00,00,00,13,00,00,00,00,00,00,00,03,00,00,00,\
03,00,00,00,83,00,00,00,14,00,00,00,00,00,00,00,03,00,00,00,03,00,00,00,01,\
00,00,00,0b,00,00,00,08,00,00,00,03,00,00,00,03,00,00,00,01,00,00,00
"{0c41d586-9c19-4e01-9d66-b5b98a97576e}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,03,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,02,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,12,00,00,00,06,00,00,00,03,00,00,00,\
03,00,00,00,01,00,00,00
"{12c38916-82ac-4737-8f38-b6957ffebad6}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,1e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,04,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,02,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,12,00,00,00,06,00,00,00,03,00,00,00,\
03,00,00,00,01,00,00,00
"{c970a45d-57f9-4e32-a5bd-886a9662641e}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2c,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,05,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,02,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,0b,00,00,00,06,00,00,00,03,00,00,00,\
03,00,00,00,01,00,00,00
"{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,06,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,02,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,0b,00,00,00,06,00,00,00,03,00,00,00,\
03,00,00,00,01,00,00,00
"{074f7f68-ee10-428a-89d1-ba78f6c327ca}"=hex:01,10,08,00,cc,cc,cc,cc,68,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,0f,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,00,00,00,00,00,00,\
00,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00
"{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}"=hex:01,10,08,00,cc,cc,cc,cc,68,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,1e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,10,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,00,00,00,00,00,00,\
00,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00
"{a47525e2-725b-4888-8af1-ba5a60c04f4d}"=hex:01,10,08,00,cc,cc,cc,cc,68,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2c,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,11,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,00,00,00,00,00,00,\
00,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00
"{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}"=hex:01,10,08,00,cc,cc,cc,cc,68,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,12,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,00,00,00,00,00,00,\
00,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00
"{935b7f48-0ede-44dd-9bc2-e00bb635cda3}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,08,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,e7,00,01,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,00,00,01,00,00,00,09,00,00,00,08,00,00,00,03,00,00,00,\
03,00,00,00,00,00,0c,00
"{941dad9d-7b1a-4354-997b-00cf1aa9b35c}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,0a,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,e8,00,01,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,00,00,01,00,00,00,09,00,00,00,08,00,00,00,03,00,00,00,\
03,00,00,00,00,00,0c,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\Callout]
"{22001ee0-8e87-4f75-ba58-248f5918a63a}"=hex:01,10,08,00,cc,cc,cc,cc,58,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,d0,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,d0,00,00,00,01,10,08,00,cc,cc,cc,cc,c0,00,00,00,00,00,00,00,00,\
00,02,00,e0,1e,00,22,87,8e,75,4f,ba,58,24,8f,59,18,a6,3a,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,3c,65,89,3b,70,c1,e4,\
49,b1,cd,e0,ee,ee,e1,9a,3e,16,01,00,00,16,00,00,00,00,00,00,00,16,00,00,00,\
4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,00,20,00,56,00,34,\
00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,16,00,00,00,00,00,\
00,00,16,00,00,00,4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,\
00,20,00,56,00,34,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,\
3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,00,01,00,04,8c,50,\
01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,\
18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,\
00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,\
ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,\
ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,\
00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,\
56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,\
45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,\
06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,\
c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,\
00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,\
f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,\
3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,\
00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,\
05,12,00,00,00
"{79f2a265-b693-4cc9-b480-cbcd87bd4747}"=hex:01,10,08,00,cc,cc,cc,cc,58,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,d0,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,d0,00,00,00,01,10,08,00,cc,cc,cc,cc,c0,00,00,00,00,00,00,00,00,\
00,02,00,65,a2,f2,79,93,b6,c9,4c,b4,80,cb,cd,87,bd,47,47,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,7a,13,c9,47,c4,7e,b3,\
46,b6,e4,48,e9,26,b1,ed,a4,17,01,00,00,16,00,00,00,00,00,00,00,16,00,00,00,\
4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,00,20,00,56,00,36,\
00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,16,00,00,00,00,00,\
00,00,16,00,00,00,4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,\
00,20,00,56,00,36,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,\
3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,00,01,00,04,8c,50,\
01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,\
18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,\
00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,\
ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,\
ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,\
00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,\
56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,\
45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,\
06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,\
c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,\
00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,\
f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,\
3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,\
00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,\
05,12,00,00,00
"{c4b50f21-503e-4d7a-abd4-ed0a823a2453}"=hex:01,10,08,00,cc,cc,cc,cc,90,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,08,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,08,01,00,00,01,10,08,00,cc,cc,cc,cc,f8,00,00,00,00,00,00,00,00,\
00,02,00,21,0f,b5,c4,3e,50,7a,4d,ab,d4,ed,0a,82,3a,24,53,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,0a,47,80,af,96,55,13,\
4c,99,92,53,9e,6f,e5,79,67,18,01,00,00,24,00,00,00,00,00,00,00,24,00,00,00,\
4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,46,00,6c,00,6f,00,77,00,20,\
00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,00,64,00,20,00,\
56,00,34,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,24,00,00,\
00,00,00,00,00,24,00,00,00,4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,\
46,00,6c,00,6f,00,77,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,\
00,68,00,65,00,64,00,20,00,56,00,34,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,\
75,00,74,00,00,00,3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,\
00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,\
09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,\
00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,\
b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,\
8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,\
00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,\
54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,\
00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,\
39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,\
bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,\
01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,\
01,00,00,00,00,00,05,12,00,00,00
"{91e902db-2cef-4040-b8e2-02fe4fd49c25}"=hex:01,10,08,00,cc,cc,cc,cc,90,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,08,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,08,01,00,00,01,10,08,00,cc,cc,cc,cc,f8,00,00,00,00,00,00,00,00,\
00,02,00,db,02,e9,91,ef,2c,40,40,b8,e2,02,fe,4f,d4,9c,25,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,b3,d2,21,70,a4,df,6e,\
40,af,eb,6a,fa,f7,e7,0e,fd,19,01,00,00,24,00,00,00,00,00,00,00,24,00,00,00,\
4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,46,00,6c,00,6f,00,77,00,20,\
00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,00,64,00,20,00,\
56,00,36,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,24,00,00,\
00,00,00,00,00,24,00,00,00,4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,\
46,00,6c,00,6f,00,77,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,\
00,68,00,65,00,64,00,20,00,56,00,36,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,\
75,00,74,00,00,00,3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,\
00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,\
09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,\
00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,\
b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,\
8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,\
00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,\
54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,\
00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,\
39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,\
bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,\
01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,\
01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\Filter]
"{dc95b53e-01cf-4058-821d-350b3d0d4676}"=hex:01,10,08,00,cc,cc,cc,cc,c0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,a0,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,a0,01,00,00,01,10,08,00,cc,cc,cc,cc,90,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,3e,b5,95,dc,cf,01,58,40,82,1d,35,0b,3d,0d,46,76,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,02,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,2b,ef,\
71,39,3e,62,9a,4f,8c,b1,6e,79,b8,06,b9,a7,00,00,00,00,01,00,00,00,01,00,00,\
00,3a,00,00,00,af,a1,1b,0c,65,57,3f,45,af,22,a8,f7,91,ac,77,5b,00,00,00,00,\
02,00,00,00,02,00,00,00,87,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,\
00,00,00
"{f444c576-6e60-4ea2-9faa-80d57ed12cd2}"=hex:01,10,08,00,cc,cc,cc,cc,c0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,a0,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,a0,01,00,00,01,10,08,00,cc,cc,cc,cc,90,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,76,c5,44,f4,60,6e,a2,4e,9f,aa,80,d5,7e,d1,2c,d2,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,02,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,2b,ef,\
71,39,3e,62,9a,4f,8c,b1,6e,79,b8,06,b9,a7,00,00,00,00,01,00,00,00,01,00,00,\
00,3a,00,00,00,af,a1,1b,0c,65,57,3f,45,af,22,a8,f7,91,ac,77,5b,00,00,00,00,\
02,00,00,00,02,00,00,00,87,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,\
00,00,00
"{0c41d586-9c19-4e01-9d66-b5b98a97576e}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,86,d5,41,0c,19,9c,01,4e,9d,66,b5,b9,8a,97,57,6e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{12c38916-82ac-4737-8f38-b6957ffebad6}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,16,89,c3,12,ac,82,37,47,8f,38,b6,95,7f,fe,ba,d6,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{c970a45d-57f9-4e32-a5bd-886a9662641e}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,5d,a4,70,c9,f9,57,32,4e,a5,bd,88,6a,96,62,64,1e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,05,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,1b,e0,3b,0c,70,fe,c4,4c,89,dc,c0,79,96,b6,7e,6d,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,06,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{4d9581d2-aef8-4993-84cd-b986ced80d42}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,d2,81,95,4d,f8,ae,93,49,84,cd,b9,86,ce,d8,0d,42,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,07,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,f4,bd,7c,be,92,b1,a5,4a,94,f8,1f,b5,c5,ee,07,bc,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{716b48eb-0a35-4a76-92ab-1d987230d288}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,eb,48,6b,71,35,0a,76,4a,92,ab,1d,98,72,30,d2,88,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,09,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{1165065e-4996-4338-abaf-4b8556b4d431}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,5e,06,65,11,96,49,38,43,ab,af,4b,85,56,b4,d4,31,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0a,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{07a24961-a760-4e80-b263-6d275e1b09cb}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,61,49,a2,07,60,a7,80,4e,b2,63,6d,27,5e,1b,09,cb,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,00,01,39,\
41,4c,56,32,4b,bc,1d,71,80,48,35,4d,7c,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0b,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,e2,b2,0c,5b,87,ab,74,49,9f,1c,2f,22,a6,54,ee,b9,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,60,3b,b0,\
7f,8d,7b,fa,4d,ba,dd,98,01,76,fc,4e,12,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0c,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,61,ca,b2,b6,98,fb,22,44,ad,c2,e7,cf,56,b3,68,0c,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,d1,57,8d,\
c3,a7,05,33,4c,90,4f,7f,bc,ee,e6,0e,82,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0d,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{0aa7fff8-919f-453c-928c-28a12122ba38}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,f8,ff,a7,0a,9f,91,3c,45,92,8c,28,a1,21,22,ba,38,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,3b,39,72,\
4a,9f,31,bc,44,84,c3,ba,54,dc,b3,b6,b4,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0e,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{074f7f68-ee10-428a-89d1-ba78f6c327ca}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,68,7f,4f,07,10,ee,8a,42,89,d1,ba,78,f6,c3,27,ca,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0f,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,5c,10,16,c0,34,eb,19,45,a5,fd,5f,4e,4a,d4,d1,8e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,10,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{a47525e2-725b-4888-8af1-ba5a60c04f4d}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,e2,25,75,a4,5b,72,88,48,8a,f1,ba,5a,60,c0,4f,4d,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,11,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,a3,96,cc,0c,5c,8c,e2,45,b8,0e,7e,37,b1,6c,c1,ad,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,12,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{91ffecf0-0a9e-4572-95f1-a7111af86967}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,f0,ec,ff,91,9e,0a,72,45,95,f1,a7,11,1a,f8,69,67,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,13,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{64e55933-15a5-495d-a928-ccca43d44875}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,33,59,e5,64,a5,15,5d,49,a9,28,cc,ca,43,d4,48,75,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{13bfd422-6f75-4408-8924-9400ec0cb19c}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,22,d4,bf,13,75,6f,08,44,89,24,94,00,ec,0c,b1,9c,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,15,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,db,56,fb,cb,85,3c,43,45,9b,c2,76,ea,28,cd,d7,4e,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,16,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{2dd96961-5757-434f-b617-34e732517c0e}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,61,69,d9,2d,57,57,4f,43,b6,17,34,e7,32,51,7c,0e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
0e,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,0c,01,00,00,00,00,00,\
00,00
"{375fb39b-08c6-40f2-bdf2-08fa63f970a2}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,9b,b3,5f,37,c6,08,f2,40,bd,f2,08,fa,63,f9,70,a2,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,18,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105

PostPosted: Thu Jun 07, 2012 9:41 pm    Post subject: Reply with quote

Hi partnership,

Thank you for the logs.

Please can you repost the FSS4.txt logfile - the log appears to be incomplete as the combination of the all the logs posted has exceeded the character limit. Please post this log separately. Wink

In addition, please let me know if this has fixed your Windows Firewall issue and what the current status is with the Security Center - i.e. whether or not the Security Center is now accessible.

Please also post the combofix.txt logfile when you are ready.

Include in Next Post
  1. Did you have any problems carrying out the instructions?
  2. FSS4.txt.
  3. Is the Windows Firewall issue now fixed?
  4. What is the current status of the Security Center? Is it now accessible?
  5. combofix.txt.

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed

_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Fri Jun 08, 2012 2:37 am    Post subject: Reply with quote

ok here is the FSS4

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\mpsdrv]
"DisplayName"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23092"
"Group"="network"
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,6d,00,70,00,73,00,64,00,72,00,76,\
00,2e,00,73,00,79,00,73,00,00,00
"Description"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23093"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\mpsdrv\Enum]
"0"="Root\\LEGACY_MPSDRV\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc]
"DisplayName"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23090"
"Group"="NetworkProvider"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,6f,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,00,00
"Description"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23091"
"ObjectName"="NT Authority\\LocalService"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):6d,00,70,00,73,00,64,00,72,00,76,00,00,00,62,00,66,00,\
65,00,00,00,00,00
"ServiceSidType"=dword:00000003
"RequiredPrivileges"=hex(7):53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,\
00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,\
72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,41,00,75,\
00,64,00,69,00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,00,74,00,69,\
00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,00,6f,00,62,00,61,\
00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\
65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,\
00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,\
6e,00,63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,\
00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
6d,00,70,00,73,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceDllUnloadOnStop"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Security]
"Security"=hex:01,00,14,80,b4,00,00,00,c0,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,84,00,05,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\
00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,15,00,\
00,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,\
0e,a7,8b,eb,ca,7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,\
00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe]
"DisplayName"="@%SystemRoot%\\system32\\bfe.dll,-1001"
"Group"="NetworkProvider"
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,6f,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,00,00
"Description"="@%SystemRoot%\\system32\\bfe.dll,-1002"
"ObjectName"="NT AUTHORITY\\LocalService"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"ServiceSidType"=dword:00000003
"RequiredPrivileges"=hex(7):53,00,65,00,41,00,75,00,64,00,69,00,74,00,50,00,72,\
00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
62,00,66,00,65,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceMain"="BfeServiceMain"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\BootTime]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\BootTime\Filter]
"{dc95b53e-01cf-4058-821d-350b3d0d4676}"=hex:01,10,08,00,cc,cc,cc,cc,98,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,01,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,02,00,00,00,0c,00,\
02,00,02,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,05,00,00,00,00,00,00,00,01,00,00,00,\
01,00,00,00,3a,00,00,00,04,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,87,\
00,00,00,00,00,00,00
"{2dd96961-5757-434f-b617-34e732517c0e}"=hex:01,10,08,00,cc,cc,cc,cc,a8,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,17,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,01,00,00,00,03,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,0c,02,00,00,00,03,00,00,00,13,00,00,00,00,00,00,00,03,00,00,00,\
03,00,00,00,83,00,00,00,14,00,00,00,00,00,00,00,03,00,00,00,03,00,00,00,0e,\
00,00,00,0b,00,00,00,08,00,00,00,03,00,00,00,03,00,00,00,01,00,00,00
"{2db25e6c-f07a-44f4-b6c8-50a330d2790b}"=hex:01,10,08,00,cc,cc,cc,cc,a8,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,19,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,01,00,00,00,03,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,0c,02,00,00,00,03,00,00,00,13,00,00,00,00,00,00,00,03,00,00,00,\
03,00,00,00,83,00,00,00,14,00,00,00,00,00,00,00,03,00,00,00,03,00,00,00,01,\
00,00,00,0b,00,00,00,08,00,00,00,03,00,00,00,03,00,00,00,01,00,00,00
"{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}"=hex:01,10,08,00,cc,cc,cc,cc,a8,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2c,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,1a,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,01,00,00,00,03,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,30,08,00,00,00,03,00,00,00,13,00,00,00,00,00,00,00,03,00,00,00,\
03,00,00,00,83,00,00,00,14,00,00,00,00,00,00,00,03,00,00,00,03,00,00,00,01,\
00,00,00,0b,00,00,00,08,00,00,00,03,00,00,00,03,00,00,00,01,00,00,00
"{0c41d586-9c19-4e01-9d66-b5b98a97576e}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,03,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,02,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,12,00,00,00,06,00,00,00,03,00,00,00,\
03,00,00,00,01,00,00,00
"{12c38916-82ac-4737-8f38-b6957ffebad6}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,1e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,04,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,02,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,12,00,00,00,06,00,00,00,03,00,00,00,\
03,00,00,00,01,00,00,00
"{c970a45d-57f9-4e32-a5bd-886a9662641e}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2c,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,05,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,02,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,0b,00,00,00,06,00,00,00,03,00,00,00,\
03,00,00,00,01,00,00,00
"{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,06,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,02,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,0b,00,00,00,06,00,00,00,03,00,00,00,\
03,00,00,00,01,00,00,00
"{074f7f68-ee10-428a-89d1-ba78f6c327ca}"=hex:01,10,08,00,cc,cc,cc,cc,68,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,0f,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,00,00,00,00,00,00,\
00,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00
"{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}"=hex:01,10,08,00,cc,cc,cc,cc,68,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,1e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,10,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,00,00,00,00,00,00,\
00,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00
"{a47525e2-725b-4888-8af1-ba5a60c04f4d}"=hex:01,10,08,00,cc,cc,cc,cc,68,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2c,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,11,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,00,00,00,00,00,00,\
00,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00
"{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}"=hex:01,10,08,00,cc,cc,cc,cc,68,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,2e,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,12,00,00,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,00,00,00,00,00,00,\
00,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00
"{935b7f48-0ede-44dd-9bc2-e00bb635cda3}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,08,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,e7,00,01,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,00,00,01,00,00,00,09,00,00,00,08,00,00,00,03,00,00,00,\
03,00,00,00,00,00,0c,00
"{941dad9d-7b1a-4354-997b-00cf1aa9b35c}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,0a,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,e8,00,01,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,00,00,01,00,00,00,09,00,00,00,08,00,00,00,03,00,00,00,\
03,00,00,00,00,00,0c,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\Callout]
"{22001ee0-8e87-4f75-ba58-248f5918a63a}"=hex:01,10,08,00,cc,cc,cc,cc,58,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,d0,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,d0,00,00,00,01,10,08,00,cc,cc,cc,cc,c0,00,00,00,00,00,00,00,00,\
00,02,00,e0,1e,00,22,87,8e,75,4f,ba,58,24,8f,59,18,a6,3a,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,3c,65,89,3b,70,c1,e4,\
49,b1,cd,e0,ee,ee,e1,9a,3e,16,01,00,00,16,00,00,00,00,00,00,00,16,00,00,00,\
4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,00,20,00,56,00,34,\
00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,16,00,00,00,00,00,\
00,00,16,00,00,00,4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,\
00,20,00,56,00,34,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,\
3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,00,01,00,04,8c,50,\
01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,\
18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,\
00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,\
ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,\
ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,\
00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,\
56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,\
45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,\
06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,\
c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,\
00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,\
f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,\
3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,\
00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,\
05,12,00,00,00
"{79f2a265-b693-4cc9-b480-cbcd87bd4747}"=hex:01,10,08,00,cc,cc,cc,cc,58,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,d0,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,d0,00,00,00,01,10,08,00,cc,cc,cc,cc,c0,00,00,00,00,00,00,00,00,\
00,02,00,65,a2,f2,79,93,b6,c9,4c,b4,80,cb,cd,87,bd,47,47,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,7a,13,c9,47,c4,7e,b3,\
46,b6,e4,48,e9,26,b1,ed,a4,17,01,00,00,16,00,00,00,00,00,00,00,16,00,00,00,\
4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,00,20,00,56,00,36,\
00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,16,00,00,00,00,00,\
00,00,16,00,00,00,4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,\
00,20,00,56,00,36,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,\
3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,00,01,00,04,8c,50,\
01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,\
18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,\
00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,\
ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,\
ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,\
00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,\
56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,\
45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,\
06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,\
c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,\
00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,\
f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,\
3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,\
00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,\
05,12,00,00,00
"{c4b50f21-503e-4d7a-abd4-ed0a823a2453}"=hex:01,10,08,00,cc,cc,cc,cc,90,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,08,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,08,01,00,00,01,10,08,00,cc,cc,cc,cc,f8,00,00,00,00,00,00,00,00,\
00,02,00,21,0f,b5,c4,3e,50,7a,4d,ab,d4,ed,0a,82,3a,24,53,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,0a,47,80,af,96,55,13,\
4c,99,92,53,9e,6f,e5,79,67,18,01,00,00,24,00,00,00,00,00,00,00,24,00,00,00,\
4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,46,00,6c,00,6f,00,77,00,20,\
00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,00,64,00,20,00,\
56,00,34,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,24,00,00,\
00,00,00,00,00,24,00,00,00,4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,\
46,00,6c,00,6f,00,77,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,\
00,68,00,65,00,64,00,20,00,56,00,34,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,\
75,00,74,00,00,00,3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,\
00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,\
09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,\
00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,\
b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,\
8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,\
00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,\
54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,\
00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,\
39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,\
bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,\
01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,\
01,00,00,00,00,00,05,12,00,00,00
"{91e902db-2cef-4040-b8e2-02fe4fd49c25}"=hex:01,10,08,00,cc,cc,cc,cc,90,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,08,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,08,01,00,00,01,10,08,00,cc,cc,cc,cc,f8,00,00,00,00,00,00,00,00,\
00,02,00,db,02,e9,91,ef,2c,40,40,b8,e2,02,fe,4f,d4,9c,25,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,b3,d2,21,70,a4,df,6e,\
40,af,eb,6a,fa,f7,e7,0e,fd,19,01,00,00,24,00,00,00,00,00,00,00,24,00,00,00,\
4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,46,00,6c,00,6f,00,77,00,20,\
00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,00,64,00,20,00,\
56,00,36,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,24,00,00,\
00,00,00,00,00,24,00,00,00,4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,\
46,00,6c,00,6f,00,77,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,\
00,68,00,65,00,64,00,20,00,56,00,36,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,\
75,00,74,00,00,00,3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,\
00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,\
09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,\
00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,\
b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,\
8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,\
00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,\
54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,\
00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,\
39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,\
bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,\
01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,\
01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\Filter]
"{dc95b53e-01cf-4058-821d-350b3d0d4676}"=hex:01,10,08,00,cc,cc,cc,cc,c0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,a0,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,a0,01,00,00,01,10,08,00,cc,cc,cc,cc,90,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,3e,b5,95,dc,cf,01,58,40,82,1d,35,0b,3d,0d,46,76,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,02,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,2b,ef,\
71,39,3e,62,9a,4f,8c,b1,6e,79,b8,06,b9,a7,00,00,00,00,01,00,00,00,01,00,00,\
00,3a,00,00,00,af,a1,1b,0c,65,57,3f,45,af,22,a8,f7,91,ac,77,5b,00,00,00,00,\
02,00,00,00,02,00,00,00,87,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,\
00,00,00
"{f444c576-6e60-4ea2-9faa-80d57ed12cd2}"=hex:01,10,08,00,cc,cc,cc,cc,c0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,a0,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,a0,01,00,00,01,10,08,00,cc,cc,cc,cc,90,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,76,c5,44,f4,60,6e,a2,4e,9f,aa,80,d5,7e,d1,2c,d2,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,02,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,2b,ef,\
71,39,3e,62,9a,4f,8c,b1,6e,79,b8,06,b9,a7,00,00,00,00,01,00,00,00,01,00,00,\
00,3a,00,00,00,af,a1,1b,0c,65,57,3f,45,af,22,a8,f7,91,ac,77,5b,00,00,00,00,\
02,00,00,00,02,00,00,00,87,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,\
00,00,00
"{0c41d586-9c19-4e01-9d66-b5b98a97576e}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,86,d5,41,0c,19,9c,01,4e,9d,66,b5,b9,8a,97,57,6e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{12c38916-82ac-4737-8f38-b6957ffebad6}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,16,89,c3,12,ac,82,37,47,8f,38,b6,95,7f,fe,ba,d6,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{c970a45d-57f9-4e32-a5bd-886a9662641e}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,5d,a4,70,c9,f9,57,32,4e,a5,bd,88,6a,96,62,64,1e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,05,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,1b,e0,3b,0c,70,fe,c4,4c,89,dc,c0,79,96,b6,7e,6d,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,06,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{4d9581d2-aef8-4993-84cd-b986ced80d42}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,d2,81,95,4d,f8,ae,93,49,84,cd,b9,86,ce,d8,0d,42,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,07,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,f4,bd,7c,be,92,b1,a5,4a,94,f8,1f,b5,c5,ee,07,bc,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{716b48eb-0a35-4a76-92ab-1d987230d288}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,eb,48,6b,71,35,0a,76,4a,92,ab,1d,98,72,30,d2,88,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,09,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{1165065e-4996-4338-abaf-4b8556b4d431}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,5e,06,65,11,96,49,38,43,ab,af,4b,85,56,b4,d4,31,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0a,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{07a24961-a760-4e80-b263-6d275e1b09cb}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,61,49,a2,07,60,a7,80,4e,b2,63,6d,27,5e,1b,09,cb,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,00,01,39,\
41,4c,56,32,4b,bc,1d,71,80,48,35,4d,7c,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0b,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,e2,b2,0c,5b,87,ab,74,49,9f,1c,2f,22,a6,54,ee,b9,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,60,3b,b0,\
7f,8d,7b,fa,4d,ba,dd,98,01,76,fc,4e,12,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0c,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,61,ca,b2,b6,98,fb,22,44,ad,c2,e7,cf,56,b3,68,0c,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,d1,57,8d,\
c3,a7,05,33,4c,90,4f,7f,bc,ee,e6,0e,82,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0d,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{0aa7fff8-919f-453c-928c-28a12122ba38}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,f8,ff,a7,0a,9f,91,3c,45,92,8c,28,a1,21,22,ba,38,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,3b,39,72,\
4a,9f,31,bc,44,84,c3,ba,54,dc,b3,b6,b4,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0e,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{074f7f68-ee10-428a-89d1-ba78f6c327ca}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,68,7f,4f,07,10,ee,8a,42,89,d1,ba,78,f6,c3,27,ca,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0f,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,5c,10,16,c0,34,eb,19,45,a5,fd,5f,4e,4a,d4,d1,8e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,10,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{a47525e2-725b-4888-8af1-ba5a60c04f4d}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,e2,25,75,a4,5b,72,88,48,8a,f1,ba,5a,60,c0,4f,4d,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,11,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,a3,96,cc,0c,5c,8c,e2,45,b8,0e,7e,37,b1,6c,c1,ad,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,12,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{91ffecf0-0a9e-4572-95f1-a7111af86967}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,f0,ec,ff,91,9e,0a,72,45,95,f1,a7,11,1a,f8,69,67,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,13,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{64e55933-15a5-495d-a928-ccca43d44875}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,33,59,e5,64,a5,15,5d,49,a9,28,cc,ca,43,d4,48,75,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{13bfd422-6f75-4408-8924-9400ec0cb19c}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,22,d4,bf,13,75,6f,08,44,89,24,94,00,ec,0c,b1,9c,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,15,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,db,56,fb,cb,85,3c,43,45,9b,c2,76,ea,28,cd,d7,4e,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,16,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{2dd96961-5757-434f-b617-34e732517c0e}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,61,69,d9,2d,57,57,4f,43,b6,17,34,e7,32,51,7c,0e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
0e,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,0c,01,00,00,00,00,00,\
00,00
"{375fb39b-08c6-40f2-bdf2-08fa63f970a2}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,9b,b3,5f,37,c6,08,f2,40,bd,f2,08,fa,63,f9,70,a2,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,18,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
0e,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,0c,01,00,00,00,00,00,\
00,00
"{2db25e6c-f07a-44f4-b6c8-50a330d2790b}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,6c,5e,b2,2d,7a,f0,f4,44,b6,c8,50,a3,30,d2,79,0b,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,19,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,0c,01,00,00,00,00,00,\
00,00
"{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,d6,1c,2f,c4,95,3a,e2,4a,a5,13,79,3c,3a,e6,10,c7,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,1a,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,18,04,00,00,00,00,00,\
00,00
"{b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,6b,ab,fd,b6,c6,dc,e3,43,99,ce,7a,ec,a6,50,63,a4,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,1b,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,0c,01,00,00,00,00,00,\
00,00
"{3697a558-3ed3-49be-a4c1-c1a4448653b4}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,58,a5,97,36,d3,3e,be,49,a4,c1,c1,a4,44,86,53,b4,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,1c,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,18,04,00,00,00,00,00,\
00,00
"{935b7f48-0ede-44dd-9bc2-e00bb635cda3}"=hex:01,10,08,00,cc,cc,cc,cc,00,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,78,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,78,01,00,00,01,10,08,00,cc,cc,cc,cc,68,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,48,7f,5b,93,de,0e,dd,44,9b,c2,e0,0b,b6,35,cd,a3,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,24,cc,2a,\
a8,e1,4e,e1,4e,b4,65,fd,1d,25,cb,10,a4,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e7,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,\
e9,03,68,4a,a8,0c,08,00,00,00,03,00,00,00,03,00,00,00,00,00,0c,00,00,00,00,\
00,02,00,00,00,00,00,00,00,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,\
00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,\
02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,\
00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,\
00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,\
84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,\
59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,\
02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,\
68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,\
50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,\
10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,\
0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,\
00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,\
04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,\
01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00
"{941dad9d-7b1a-4354-997b-00cf1aa9b35c}"=hex:01,10,08,00,cc,cc,cc,cc,00,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,78
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Fri Jun 08, 2012 2:47 am    Post subject: Reply with quote

Firewall - says on for public networks and not connected for home or work private networks. When I click in further the public network settings has the box checked for nootify me when it blocks a program and not checked for block all incoming including those on list of allowed programs
The private one has the same checks

When I go into action centre the network firewall, windows update, virus protection, spyware, user account are all on, internet settings is ok and network access protection is off.

If I go into services and check security center is there and started

Windows defender does not start is says it does not exisist as installed device error code 0x80070424

Will run combofix later
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Fri Jun 08, 2012 12:22 pm    Post subject: Reply with quote

Ok ran combofix with no problems. Here is the report.

ComboFix 12-06-08.02 - Teresa 08/06/2012 20:43:11.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4056.2700 [GMT 1:00]
Running from: c:\users\Teresa\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml
c:\programdata\PCDr\5907\Downloads\288d198f-eb50-4316-9b17-4269c8487bf7.dll
c:\users\Teresa\AppData\Local\eve.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-05-08 to 2012-06-08 )))))))))))))))))))))))))))))))
.
.
2012-06-08 19:54 . 2012-06-08 19:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-07 19:53 . 2012-05-08 09:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{991A567F-13CF-4C79-BDCE-2169DB2D9ADD}\mpengine.dll
2012-06-06 19:52 . 2012-06-06 19:51 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BDCDBD5E-CE05-4B50-8947-11591B10101B}\gapaengine.dll
2012-06-06 19:51 . 2012-05-08 09:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-03 17:01 . 2012-06-03 17:01 -------- d-----w- c:\program files\trend micro
2012-06-03 17:01 . 2012-06-03 17:02 -------- d-----w- C:\rsit
2012-06-02 11:43 . 2012-06-02 12:08 -------- dc----w- c:\users\Teresa\AppData\Local\MigWiz
2012-05-31 21:15 . 2012-05-31 21:15 -------- d-----w- c:\programdata\blekko toolbars
2012-05-31 21:15 . 2012-05-31 21:15 -------- d-----w- c:\users\Teresa\AppData\Local\blekkotb_031
2012-05-31 21:15 . 2012-05-31 21:15 -------- d-----w- c:\program files (x86)\blekkotb_031
2012-05-31 21:15 . 2012-05-31 21:15 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-05-31 21:15 . 2012-06-06 23:00 -------- d-----w- c:\programdata\Tarma Installer
2012-05-31 20:26 . 2012-05-31 21:29 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-05-31 20:26 . 2012-05-31 21:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-05-31 17:56 . 2012-05-31 17:56 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-05-30 20:17 . 2012-05-30 20:17 -------- d-----w- c:\windows\Temp678CEF2C-4B39-4B24-F5B1-8323F946A43B-Signatures
2012-05-30 20:09 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-30 20:07 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-30 20:07 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-30 20:07 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-30 20:07 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-30 20:07 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-30 20:07 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-30 18:20 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-30 18:20 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-30 18:20 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-30 18:20 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-30 18:20 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-30 18:20 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-22 17:54 . 2012-05-22 17:54 -------- d-----w- c:\users\Teresa\AppData\Roaming\SUPERAntiSpyware.com
2012-05-22 17:54 . 2012-05-30 14:11 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-05-22 17:54 . 2012-05-22 17:54 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-05-21 21:43 . 2012-05-21 21:43 -------- d-----w- c:\users\Teresa\AppData\Local\Mozilla
2012-05-21 20:48 . 2012-05-30 14:09 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-21 20:38 . 2012-05-30 18:25 -------- d-----w- c:\users\Teresa\AppData\Local\ElevatedDiagnostics
2012-05-09 21:50 . 2012-05-30 14:09 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-30 20:28 . 2012-04-03 18:20 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-30 20:28 . 2011-09-17 18:42 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-30 20:27 . 2012-04-15 17:28 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-04 14:56 . 2011-04-30 10:16 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-20 19:44 . 2012-03-20 19:44 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 19:44 . 2012-03-20 19:44 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{8769adce-dba5-48e9-afb5-67b12cdf2e61}]
2012-05-18 19:44 85288 ----a-w- c:\program files (x86)\blekkotb_031\blekkotb_019X.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{8769adce-dba5-48e9-afb5-67b12cdf2e61}"= "c:\program files (x86)\blekkotb_031\blekkotb_019X.dll" [2012-05-18 85288]
.
[HKEY_CLASSES_ROOT\clsid\{8769adce-dba5-48e9-afb5-67b12cdf2e61}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Teresa\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Teresa\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Teresa\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-20 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2010-03-15 2499584]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-05-03 217256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-10 559616]
.
c:\users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]
Dropbox.lnk - c:\users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 257696]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-02 89600]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2010-03-15 9216]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 20:28]
.
2012-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 20:35]
.
2012-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 20:35]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1308780347-3018791662-52600780-1000Core.job
- c:\users\Teresa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-20 18:04]
.
2012-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1308780347-3018791662-52600780-1000UA.job
- c:\users\Teresa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-20 18:04]
.
2012-05-30 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
2012-06-08 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Teresa\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Teresa\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Teresa\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-06 384296]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-02-25 487424]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-21 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-21 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-21 365592]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.ie/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\4ge3qayx.default\
FF - prefs.js: browser.search.selectedEngine - Blekko
FF - prefs.js: browser.startup.homepage - hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=0DAFCE1E115456CC664D534FC7DF59EC&tbp=homepage
FF - prefs.js: keyword.URL - hxxp://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_031&u=USERGUID&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
.
**************************************************************************
.
Completion time: 2012-06-08 21:11:44 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-08 20:11
.
Pre-Run: 425,986,625,536 bytes free
Post-Run: 425,734,008,832 bytes free
.
- - End Of File - - 65DDB71083DE8C3933762EE4E7077F8D

Will wait on further instructions as to whether issue is resolved, as indicated above windows defender appears to be missing.
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105

PostPosted: Sat Jun 09, 2012 3:31 am    Post subject: Reply with quote

Hi partnership,

Unfortunately, the FSS4.txt logfile is still incomplete. Sad

Please open the file in Notepad and search for the first line starting with (-including the quotes):
Code:
"{941dad9d-7b1a-4354-997b-00cf1aa9b35c}"

and post that line and the remainder of the contents in your next reply. Copy and Paste the remainder of the FSS4.txt logfile in chunks, if necessary. Wink

Again, please remember to read the instructions below carefully before executing and perform the steps, in the order given.
If you have any questions about or problems executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before proceeding please make sure any open programs are closed.

Step 1:
Show Hidden Files & Folders

Please Enable the Show Hidden Files and Folders option, as follows:
  1. Close all open program windows so that you are returned to your Desktop.
  2. Click on Start > Computer.
  3. From the Organise menu select Folder and search options.
  4. Click on the View tab.
  5. Under the Hidden files and folders heading select the Show hidden files, folders and drives option.
  6. Uncheck the Hide extensions for known file types. option.
  7. Uncheck the Hide protected operating system files (Recommended) option.
  8. Click on the Apply button to confirm the settings.
  9. Then click on the OK button to close the window.
Your system is now configured to show all hidden files, folders and drives.

Step 2:
SystemLook
  1. Right-click on SystemLook_x64.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  2. Copy and Paste the text in the code box below into SystemLook's main text entry window - excluding Code: from the command:
    Code:
    :dir
    c:\windows\Temp678CEF2C-4B39-4B24-F5B1-8323F946A43B-Signatures /s

    :contents
    %userprofile%\AppData\Local\Google\Chrome\User Data\Default\Preferences


  3. Click on the Look button to start the scan.
    When SystemLook has completed its task a Notepad window will open showing the results of the scan.
    A log file will be created on your Desktop named SystemLook.txt.
  4. Please post the contents of the SystemLook.txt file in your next reply.
Step 3:
Windows Defender - Repair

Let's see if this will clear the Windows Defender 0x80070424 error. Wink
  1. Click Start, type CMD in search.
  2. Under the returned results, right-click Command Prompt select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  3. Type the following command - again excluding Code: from the command - and then press Enter:
    Code:
    winmgmt /verifyrepository

  4. When the system returns the "WMI repository is not consistent" message, type the following command - again excluding Code: from the command - and then press Enter:
    Code:
    winmgmt /salvagerepository

    This will perform a consistency check on the WMI repository and should resolve the issue.
  5. Restart the computer.
Please Note: You may experience an error saying winmgmt /salvagerepository has failed. Please ignore the message, and re-run the winmgmt /salvagerepository command 1-2 times. This error is due to Windows services.

Step 4:
FSS - Re-Run Scan
  1. Please re-run FSS as previously and rename the resulting log file as FSS5.txt.
  2. Copy and Paste the entire contents of the FSS5.txt log into your next reply.
Step 5:
Include in Next Post
  1. Did you have any problems carrying out the instructions?
  2. The remainder of the FSS4.txt logfile.
  3. SystemLook.txt.
  4. FSS5.txt.
  5. How is the computer now running?

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed

_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:38 am    Post subject: Reply with quote

Will do in chunks

"{941dad9d-7b1a-4354-997b-00cf1aa9b35c}"=hex:01,10,08,00,cc,cc,cc,cc,80,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,0a,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,04,00,02,00,00,00,00,00,e8,00,01,00,00,\
00,00,00,04,00,00,00,04,00,00,00,08,00,02,00,02,00,00,00,01,00,00,00,0c,00,\
02,00,01,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,00,00,01,00,00,00,09,00,00,00,08,00,00,00,03,00,00,00,\
03,00,00,00,00,00,0c,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\Callout]
"{22001ee0-8e87-4f75-ba58-248f5918a63a}"=hex:01,10,08,00,cc,cc,cc,cc,58,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,d0,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,d0,00,00,00,01,10,08,00,cc,cc,cc,cc,c0,00,00,00,00,00,00,00,00,\
00,02,00,e0,1e,00,22,87,8e,75,4f,ba,58,24,8f,59,18,a6,3a,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,3c,65,89,3b,70,c1,e4,\
49,b1,cd,e0,ee,ee,e1,9a,3e,16,01,00,00,16,00,00,00,00,00,00,00,16,00,00,00,\
4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,00,20,00,56,00,34,\
00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,16,00,00,00,00,00,\
00,00,16,00,00,00,4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,\
00,20,00,56,00,34,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,\
3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,00,01,00,04,8c,50,\
01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,\
18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,\
00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,\
ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,\
ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,\
00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,\
56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,\
45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,\
06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,\
c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,\
00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,\
f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,\
3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,\
00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,\
05,12,00,00,00
"{79f2a265-b693-4cc9-b480-cbcd87bd4747}"=hex:01,10,08,00,cc,cc,cc,cc,58,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,d0,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,d0,00,00,00,01,10,08,00,cc,cc,cc,cc,c0,00,00,00,00,00,00,00,00,\
00,02,00,65,a2,f2,79,93,b6,c9,4c,b4,80,cb,cd,87,bd,47,47,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,7a,13,c9,47,c4,7e,b3,\
46,b6,e4,48,e9,26,b1,ed,a4,17,01,00,00,16,00,00,00,00,00,00,00,16,00,00,00,\
4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,00,20,00,56,00,36,\
00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,16,00,00,00,00,00,\
00,00,16,00,00,00,4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,\
00,20,00,56,00,36,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,\
3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,00,01,00,04,8c,50,\
01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,\
18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,\
00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,\
ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,\
ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,\
00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,\
56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,\
45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,\
06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,\
c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,\
00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,\
f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,\
3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,\
00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,\
05,12,00,00,00
"{c4b50f21-503e-4d7a-abd4-ed0a823a2453}"=hex:01,10,08,00,cc,cc,cc,cc,90,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,08,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,08,01,00,00,01,10,08,00,cc,cc,cc,cc,f8,00,00,00,00,00,00,00,00,\
00,02,00,21,0f,b5,c4,3e,50,7a,4d,ab,d4,ed,0a,82,3a,24,53,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,0a,47,80,af,96,55,13,\
4c,99,92,53,9e,6f,e5,79,67,18,01,00,00,24,00,00,00,00,00,00,00,24,00,00,00,\
4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,46,00,6c,00,6f,00,77,00,20,\
00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,00,64,00,20,00,\
56,00,34,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,24,00,00,\
00,00,00,00,00,24,00,00,00,4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,\
46,00,6c,00,6f,00,77,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,\
00,68,00,65,00,64,00,20,00,56,00,34,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,\
75,00,74,00,00,00,3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,\
00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,\
09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,\
00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,\
b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,\
8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,\
00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,\
54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,\
00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,\
39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,\
bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,\
01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,\
01,00,00,00,00,00,05,12,00,00,00
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:38 am    Post subject: Reply with quote

"{91e902db-2cef-4040-b8e2-02fe4fd49c25}"=hex:01,10,08,00,cc,cc,cc,cc,90,02,00,\
00,00,00,00,00,00,00,02,00,04,00,00,00,08,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,08,01,00,00,01,10,08,00,cc,cc,cc,cc,f8,00,00,00,00,00,00,00,00,\
00,02,00,db,02,e9,91,ef,2c,40,40,b8,e2,02,fe,4f,d4,9c,25,04,00,02,00,08,00,\
02,00,00,00,01,00,0c,00,02,00,00,00,00,00,00,00,00,00,b3,d2,21,70,a4,df,6e,\
40,af,eb,6a,fa,f7,e7,0e,fd,19,01,00,00,24,00,00,00,00,00,00,00,24,00,00,00,\
4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,46,00,6c,00,6f,00,77,00,20,\
00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,00,64,00,20,00,\
56,00,36,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,75,00,74,00,00,00,24,00,00,\
00,00,00,00,00,24,00,00,00,4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,\
46,00,6c,00,6f,00,77,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,\
00,68,00,65,00,64,00,20,00,56,00,36,00,20,00,43,00,61,00,6c,00,6c,00,6f,00,\
75,00,74,00,00,00,3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,01,00,\
00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,\
09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,\
00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,\
b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,\
8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,\
00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,\
54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,\
00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,\
39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,\
bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,\
01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,\
01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\Filter]
"{dc95b53e-01cf-4058-821d-350b3d0d4676}"=hex:01,10,08,00,cc,cc,cc,cc,c0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,a0,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,a0,01,00,00,01,10,08,00,cc,cc,cc,cc,90,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,3e,b5,95,dc,cf,01,58,40,82,1d,35,0b,3d,0d,46,76,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,02,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,2b,ef,\
71,39,3e,62,9a,4f,8c,b1,6e,79,b8,06,b9,a7,00,00,00,00,01,00,00,00,01,00,00,\
00,3a,00,00,00,af,a1,1b,0c,65,57,3f,45,af,22,a8,f7,91,ac,77,5b,00,00,00,00,\
02,00,00,00,02,00,00,00,87,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,\
00,00,00
"{f444c576-6e60-4ea2-9faa-80d57ed12cd2}"=hex:01,10,08,00,cc,cc,cc,cc,c0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,a0,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,a0,01,00,00,01,10,08,00,cc,cc,cc,cc,90,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,76,c5,44,f4,60,6e,a2,4e,9f,aa,80,d5,7e,d1,2c,d2,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,02,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,2b,ef,\
71,39,3e,62,9a,4f,8c,b1,6e,79,b8,06,b9,a7,00,00,00,00,01,00,00,00,01,00,00,\
00,3a,00,00,00,af,a1,1b,0c,65,57,3f,45,af,22,a8,f7,91,ac,77,5b,00,00,00,00,\
02,00,00,00,02,00,00,00,87,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,\
00,00,00
"{0c41d586-9c19-4e01-9d66-b5b98a97576e}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,86,d5,41,0c,19,9c,01,4e,9d,66,b5,b9,8a,97,57,6e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:39 am    Post subject: Reply with quote

"{12c38916-82ac-4737-8f38-b6957ffebad6}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,16,89,c3,12,ac,82,37,47,8f,38,b6,95,7f,fe,ba,d6,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{c970a45d-57f9-4e32-a5bd-886a9662641e}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,5d,a4,70,c9,f9,57,32,4e,a5,bd,88,6a,96,62,64,1e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,05,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,1b,e0,3b,0c,70,fe,c4,4c,89,dc,c0,79,96,b6,7e,6d,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,06,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{4d9581d2-aef8-4993-84cd-b986ced80d42}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,d2,81,95,4d,f8,ae,93,49,84,cd,b9,86,ce,d8,0d,42,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,07,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:40 am    Post subject: Reply with quote

"{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,f4,bd,7c,be,92,b1,a5,4a,94,f8,1f,b5,c5,ee,07,bc,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{716b48eb-0a35-4a76-92ab-1d987230d288}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,eb,48,6b,71,35,0a,76,4a,92,ab,1d,98,72,30,d2,88,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,09,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{1165065e-4996-4338-abaf-4b8556b4d431}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,5e,06,65,11,96,49,38,43,ab,af,4b,85,56,b4,d4,31,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0a,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{07a24961-a760-4e80-b263-6d275e1b09cb}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,61,49,a2,07,60,a7,80,4e,b2,63,6d,27,5e,1b,09,cb,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,00,01,39,\
41,4c,56,32,4b,bc,1d,71,80,48,35,4d,7c,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0b,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,e2,b2,0c,5b,87,ab,74,49,9f,1c,2f,22,a6,54,ee,b9,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,60,3b,b0,\
7f,8d,7b,fa,4d,ba,dd,98,01,76,fc,4e,12,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0c,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,61,ca,b2,b6,98,fb,22,44,ad,c2,e7,cf,56,b3,68,0c,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,d1,57,8d,\
c3,a7,05,33,4c,90,4f,7f,bc,ee,e6,0e,82,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0d,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
"{0aa7fff8-919f-453c-928c-28a12122ba38}"=hex:01,10,08,00,cc,cc,cc,cc,a0,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,80,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,80,01,00,00,01,10,08,00,cc,cc,cc,cc,70,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,f8,ff,a7,0a,9f,91,3c,45,92,8c,28,a1,21,22,ba,38,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,3b,39,72,\
4a,9f,31,bc,44,84,c3,ba,54,dc,b3,b6,b4,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,04,00,00,00,04,00,00,00,14,00,02,00,01,00,00,00,18,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0e,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,1c,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,\
2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,\
00,01,00,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:44 am    Post subject: Reply with quote

"{074f7f68-ee10-428a-89d1-ba78f6c327ca}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,68,7f,4f,07,10,ee,8a,42,89,d1,ba,78,f6,c3,27,ca,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0f,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,5c,10,16,c0,34,eb,19,45,a5,fd,5f,4e,4a,d4,d1,8e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,10,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{a47525e2-725b-4888-8af1-ba5a60c04f4d}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,e2,25,75,a4,5b,72,88,48,8a,f1,ba,5a,60,c0,4f,4d,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,11,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,a3,96,cc,0c,5c,8c,e2,45,b8,0e,7e,37,b1,6c,c1,ad,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,12,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{91ffecf0-0a9e-4572-95f1-a7111af86967}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,f0,ec,ff,91,9e,0a,72,45,95,f1,a7,11,1a,f8,69,67,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,90,99,49,\
61,b6,3c,84,4e,b9,50,53,b9,4b,69,64,f3,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,13,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{64e55933-15a5-495d-a928-ccca43d44875}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,33,59,e5,64,a5,15,5d,49,a9,28,cc,ca,43,d4,48,75,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,ff,bd,f9,\
65,2d,3b,5d,4e,b8,c6,c7,20,65,1f,e8,98,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{13bfd422-6f75-4408-8924-9400ec0cb19c}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,22,d4,bf,13,75,6f,08,44,89,24,94,00,ec,0c,b1,9c,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,15,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}"=hex:01,10,08,00,cc,cc,cc,cc,78,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,db,56,fb,cb,85,3c,43,45,9b,c2,76,ea,28,cd,d7,4e,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,16,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
"{2dd96961-5757-434f-b617-34e732517c0e}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,61,69,d9,2d,57,57,4f,43,b6,17,34,e7,32,51,7c,0e,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
0e,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,0c,01,00,00,00,00,00,\
00,00
"{375fb39b-08c6-40f2-bdf2-08fa63f970a2}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,9b,b3,5f,37,c6,08,f2,40,bd,f2,08,fa,63,f9,70,a2,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,18,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
0e,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,0c,01,00,00,00,00,00,\
00,00
"{2db25e6c-f07a-44f4-b6c8-50a330d2790b}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,6c,5e,b2,2d,7a,f0,f4,44,b6,c8,50,a3,30,d2,79,0b,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,19,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,0c,01,00,00,00,00,00,\
00,00
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:45 am    Post subject: Reply with quote

"{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,d6,1c,2f,c4,95,3a,e2,4a,a5,13,79,3c,3a,e6,10,c7,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,1a,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,18,04,00,00,00,00,00,\
00,00
"{b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,6b,ab,fd,b6,c6,dc,e3,43,99,ce,7a,ec,a6,50,63,a4,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,1b,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,0c,01,00,00,00,00,00,\
00,00
"{3697a558-3ed3-49be-a4c1-c1a4448653b4}"=hex:01,10,08,00,cc,cc,cc,cc,d8,01,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,b8,01,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,b8,01,00,00,01,10,08,00,cc,cc,cc,cc,a8,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,58,a5,97,36,d3,3e,be,49,a4,c1,c1,a4,44,86,53,b4,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,66,dc,69,ba,76,51,79,49,9c,89,26,a7,\
b4,6a,83,27,01,00,00,00,01,00,00,00,00,00,00,00,03,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,1c,00,00,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,\
7c,95,58,29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,dc,66,11,\
51,8c,7a,a7,4a,b5,33,95,ab,59,fb,03,40,00,00,00,00,03,00,00,00,03,00,00,00,\
01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,4a,a8,0c,08,00,00,00,03,\
00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,00,00,00,18,04,00,00,00,00,00,\
00,00
"{935b7f48-0ede-44dd-9bc2-e00bb635cda3}"=hex:01,10,08,00,cc,cc,cc,cc,00,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,78,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,78,01,00,00,01,10,08,00,cc,cc,cc,cc,68,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,48,7f,5b,93,de,0e,dd,44,9b,c2,e0,0b,b6,35,cd,a3,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,24,cc,2a,\
a8,e1,4e,e1,4e,b4,65,fd,1d,25,cb,10,a4,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e7,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,\
e9,03,68,4a,a8,0c,08,00,00,00,03,00,00,00,03,00,00,00,00,00,0c,00,00,00,00,\
00,02,00,00,00,00,00,00,00,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,\
00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,\
02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,\
00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,\
00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,\
84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,\
59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,\
02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,\
68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,\
50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,\
10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,\
0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,\
00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,\
04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,\
01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00
"{941dad9d-7b1a-4354-997b-00cf1aa9b35c}"=hex:01,10,08,00,cc,cc,cc,cc,00,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,78,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,78,01,00,00,01,10,08,00,cc,cc,cc,cc,68,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,9d,ad,1d,94,1a,7b,54,43,99,7b,00,cf,1a,a9,b3,5c,04,00,\
02,00,08,00,02,00,02,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,18,48,96,\
7b,c7,19,3a,49,b7,1f,83,2c,36,84,d2,8c,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,01,01,00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,18,00,00,00,00,00,00,00,18,00,00,00,\
40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,35,00,00,00,18,00,\
00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,\
00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,\
35,00,30,00,36,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,\
00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,\
e9,03,68,4a,a8,0c,08,00,00,00,03,00,00,00,03,00,00,00,00,00,0c,00,00,00,00,\
00,02,00,00,00,00,00,00,00,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,\
00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,\
02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,\
00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,\
00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,\
84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,\
59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,\
02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,\
68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,\
50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,\
10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,\
0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,\
00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,\
04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,\
01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00
"{b02a4013-b6b5-4859-9168-1e3299e43b24}"=hex:01,10,08,00,cc,cc,cc,cc,e0,02,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,13,40,2a,b0,b5,b6,59,48,91,68,1e,32,99,e4,3b,24,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,02,01,00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e9,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,1f,00,00,00,00,00,00,00,1f,00,00,00,\
49,00,6e,00,74,00,65,00,72,00,66,00,61,00,63,00,65,00,20,00,55,00,6e,00,2d,\
00,71,00,75,00,61,00,72,00,61,00,6e,00,74,00,69,00,6e,00,65,00,20,00,66,00,\
69,00,6c,00,74,00,65,00,72,00,00,00,00,00,01,00,00,00,00,00,00,00,01,00,00,\
00,00,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,00,00,00,\
ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,\
4a,a8,0c,08,00,00,00,03,00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,02,00,\
00,00,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,\
00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,\
20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,\
00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,\
00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,\
dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,\
00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,\
70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,\
b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,\
6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,\
00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,\
00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,\
13,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00
"{d870c96c-75ee-46a6-8a02-8e4401a73423}"=hex:01,10,08,00,cc,cc,cc,cc,e0,02,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,6c,c9,70,d8,ee,75,a6,46,8a,02,8e,44,01,a7,34,23,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,02,01,00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,14,00,02,00,01,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ea,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,1f,00,00,00,00,00,00,00,1f,00,00,00,\
49,00,6e,00,74,00,65,00,72,00,66,00,61,00,63,00,65,00,20,00,55,00,6e,00,2d,\
00,71,00,75,00,61,00,72,00,61,00,6e,00,74,00,69,00,6e,00,65,00,20,00,66,00,\
69,00,6c,00,74,00,65,00,72,00,00,00,00,00,01,00,00,00,00,00,00,00,01,00,00,\
00,00,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,00,00,00,\
ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,3b,e2,2c,63,67,51,5c,43,86,d7,e9,03,68,\
4a,a8,0c,08,00,00,00,03,00,00,00,03,00,00,00,01,00,00,00,00,00,00,00,08,00,\
00,00,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,\
00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,\
20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,\
00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,\
00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,\
dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,\
00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,\
70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,\
b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,\
6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,\
00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,\
00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,\
13,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00
"{8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}"=hex:01,10,08,00,cc,cc,cc,cc,e0,02,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,ec,e2,50,8b,f0,7c,71,4b,b4,2e,5b,05,36,f6,ca,b8,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,02,01,00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,14,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,eb,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,1f,00,00,00,00,00,00,00,1f,00,00,00,\
49,00,6e,00,74,00,65,00,72,00,66,00,61,00,63,00,65,00,20,00,55,00,6e,00,2d,\
00,71,00,75,00,61,00,72,00,61,00,6e,00,74,00,69,00,6e,00,65,00,20,00,66,00,\
69,00,6c,00,74,00,65,00,72,00,00,00,00,00,01,00,00,00,00,00,00,00,01,00,00,\
00,00,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,00,00,00,\
ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,7c,95,58,\
29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,00,00,00,08,00,00,\
00,10,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,\
00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,\
20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,\
00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,\
00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,\
dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,\
00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,\
70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,\
b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,\
6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,\
00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,\
00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,\
13,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:46 am    Post subject: Reply with quote

"{4137b143-2770-43d4-91a2-55bb0a069830}"=hex:01,10,08,00,cc,cc,cc,cc,e0,02,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,58,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,58,01,00,00,01,10,08,00,cc,cc,cc,cc,48,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,43,b1,37,41,70,27,d4,43,91,a2,55,bb,0a,06,98,30,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,02,01,00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,14,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ec,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,1f,00,00,00,00,00,00,00,1f,00,00,00,\
49,00,6e,00,74,00,65,00,72,00,66,00,61,00,63,00,65,00,20,00,55,00,6e,00,2d,\
00,71,00,75,00,61,00,72,00,61,00,6e,00,74,00,69,00,6e,00,65,00,20,00,66,00,\
69,00,6c,00,74,00,65,00,72,00,00,00,00,00,01,00,00,00,00,00,00,00,01,00,00,\
00,00,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,00,00,00,\
ff,ff,ff,ff,ff,ff,ff,ff,01,00,00,00,de,90,f9,89,98,e7,6d,4e,ab,76,7c,95,58,\
29,2e,6f,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,00,00,00,20,00,00,\
00,10,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,\
00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,\
20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,\
00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,\
00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,\
dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,\
00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,\
70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,\
b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,\
6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,\
00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,\
00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,\
13,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00
"{3180114b-8338-4740-9a16-444134ad62f4}"=hex:01,10,08,00,cc,cc,cc,cc,00,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,78,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,78,01,00,00,01,10,08,00,cc,cc,cc,cc,68,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,4b,11,80,31,38,83,40,47,9a,16,44,41,34,ad,62,f4,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,02,01,00,00,00,01,00,00,00,01,00,00,00,02,00,00,00,14,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ed,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,1f,00,00,00,00,00,00,00,1f,00,00,00,\
49,00,6e,00,74,00,65,00,72,00,66,00,61,00,63,00,65,00,20,00,55,00,6e,00,2d,\
00,71,00,75,00,61,00,72,00,61,00,6e,00,74,00,69,00,6e,00,65,00,20,00,66,00,\
69,00,6c,00,74,00,65,00,72,00,00,00,00,00,01,00,00,00,00,00,00,00,01,00,00,\
00,00,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,00,00,00,\
ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,6c,7c,53,97,a3,d9,67,47,a3,81,e9,42,67,\
5c,d9,20,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,3b,e2,2c,63,67,51,\
5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,00,04,00,00,\
00,00,00,00,08,02,00,00,10,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,\
00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,\
02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,\
00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,\
00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,\
84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,\
59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,\
02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,\
68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,\
50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,\
10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,\
0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,\
00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,\
04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,\
01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00
"{17043d46-fac2-4561-bca1-0c7a05e95f5f}"=hex:01,10,08,00,cc,cc,cc,cc,00,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,78,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,78,01,00,00,01,10,08,00,cc,cc,cc,cc,68,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,46,3d,04,17,c2,fa,61,45,bc,a1,0c,7a,05,e9,5f,5f,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,02,01,00,00,00,01,00,00,00,01,00,00,00,02,00,00,00,14,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ee,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,1f,00,00,00,00,00,00,00,1f,00,00,00,\
49,00,6e,00,74,00,65,00,72,00,66,00,61,00,63,00,65,00,20,00,55,00,6e,00,2d,\
00,71,00,75,00,61,00,72,00,61,00,6e,00,74,00,69,00,6e,00,65,00,20,00,66,00,\
69,00,6c,00,74,00,65,00,72,00,00,00,00,00,01,00,00,00,00,00,00,00,01,00,00,\
00,00,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,00,00,00,\
ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,6c,7c,53,97,a3,d9,67,47,a3,81,e9,42,67,\
5c,d9,20,00,00,00,00,03,00,00,00,03,00,00,00,83,00,00,00,3b,e2,2c,63,67,51,\
5c,43,86,d7,e9,03,68,4a,a8,0c,06,00,00,00,03,00,00,00,03,00,00,00,04,00,00,\
00,00,00,00,20,08,00,00,10,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,\
00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,\
02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,\
00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,\
00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,\
84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,\
59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,\
02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,\
68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,\
50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,\
10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,\
0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,\
00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,\
04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,\
01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00
"{567d3836-3f5b-4067-b9c4-952f677010a2}"=hex:01,10,08,00,cc,cc,cc,cc,00,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,78,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,78,01,00,00,01,10,08,00,cc,cc,cc,cc,68,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,36,38,7d,56,5b,3f,67,40,b9,c4,95,2f,67,70,10,a2,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,02,01,00,00,00,01,00,00,00,01,00,00,00,02,00,00,00,14,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ef,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,1f,00,00,00,00,00,00,00,1f,00,00,00,\
49,00,6e,00,74,00,65,00,72,00,66,00,61,00,63,00,65,00,20,00,55,00,6e,00,2d,\
00,71,00,75,00,61,00,72,00,61,00,6e,00,74,00,69,00,6e,00,65,00,20,00,66,00,\
69,00,6c,00,74,00,65,00,72,00,00,00,00,00,01,00,00,00,00,00,00,00,01,00,00,\
00,00,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,00,00,00,\
ff,ff,ff,ff,ff,ff,ff,ff,02,00,00,00,2b,ef,71,39,3e,62,9a,4f,8c,b1,6e,79,b8,\
06,b9,a7,00,00,00,00,01,00,00,00,01,00,00,00,3a,00,00,00,af,a1,1b,0c,65,57,\
3f,45,af,22,a8,f7,91,ac,77,5b,00,00,00,00,02,00,00,00,02,00,00,00,87,00,00,\
00,00,00,00,00,00,e0,00,10,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,\
00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,\
02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,\
00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,\
00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,\
84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,\
59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,\
02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,\
68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,\
50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,\
10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,\
0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,\
00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,\
04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,\
01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00
"{4e718c57-c397-4221-9fbb-14fd51701d6a}"=hex:01,10,08,00,cc,cc,cc,cc,20,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,98,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,98,01,00,00,01,10,08,00,cc,cc,cc,cc,88,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,57,8c,71,4e,97,c3,21,42,9f,bb,14,fd,51,70,1d,6a,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,e7,9f,cd,\
e1,b5,f4,73,42,96,c0,59,2e,48,7b,86,50,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,02,01,00,00,00,01,00,00,00,01,00,00,00,03,00,00,00,14,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,f0,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,1f,00,00,00,00,00,00,00,1f,00,00,00,\
49,00,6e,00,74,00,65,00,72,00,66,00,61,00,63,00,65,00,20,00,55,00,6e,00,2d,\
00,71,00,75,00,61,00,72,00,61,00,6e,00,74,00,69,00,6e,00,65,00,20,00,66,00,\
69,00,6c,00,74,00,65,00,72,00,00,00,00,00,01,00,00,00,00,00,00,00,01,00,00,\
00,00,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,00,00,00,\
ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,2b,ef,71,39,3e,62,9a,4f,8c,b1,6e,79,b8,\
06,b9,a7,00,00,00,00,01,00,00,00,01,00,00,00,11,00,00,00,af,a1,1b,0c,65,57,\
3f,45,af,22,a8,f7,91,ac,77,5b,00,00,00,00,02,00,00,00,02,00,00,00,44,00,00,\
00,4d,60,5a,c3,2b,d2,1a,4e,91,b4,68,f6,74,ee,67,4b,00,00,00,00,02,00,00,00,\
02,00,00,00,43,00,00,00,00,00,00,00,00,83,07,10,68,01,00,00,01,00,04,8c,50,\
01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,\
18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,\
00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,\
ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,\
ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,\
00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,\
56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,\
45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,\
06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,\
c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,\
00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,\
f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,\
3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,\
00,01,00,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,00,00,\
05,13,00,00,00
"{3a90a266-1519-4d23-911b-e84cd0f02ab8}"=hex:01,10,08,00,cc,cc,cc,cc,20,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,98,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,98,01,00,00,01,10,08,00,cc,cc,cc,cc,88,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,66,a2,90,3a,19,15,23,4d,91,1b,e8,4c,d0,f0,2a,b8,04,00,\
02,00,08,00,02,00,01,00,00,00,0c,00,02,00,08,00,00,00,10,00,02,00,97,2c,b4,\
a3,04,9f,72,46,b8,7e,ce,e9,c4,83,25,7f,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,\
08,ff,23,02,01,00,00,00,01,00,00,00,01,00,00,00,03,00,00,00,14,00,02,00,02,\
10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,f1,00,01,00,00,00,00,\
00,04,00,00,00,04,00,00,00,18,00,02,00,1f,00,00,00,00,00,00,00,1f,00,00,00,\
49,00,6e,00,74,00,65,00,72,00,66,00,61,00,63,00,65,00,20,00,55,00,6e,00,2d,\
00,71,00,75,00,61,00,72,00,61,00,6e,00,74,00,69,00,6e,00,65,00,20,00,66,00,\
69,00,6c,00,74,00,65,00,72,00,00,00,00,00,01,00,00,00,00,00,00,00,01,00,00,\
00,00,00,00,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,08,00,00,00,\
ff,ff,ff,ff,ff,ff,ff,ff,03,00,00,00,2b,ef,71,39,3e,62,9a,4f,8c,b1,6e,79,b8,\
06,b9,a7,00,00,00,00,01,00,00,00,01,00,00,00,11,00,00,00,af,a1,1b,0c,65,57,\
3f,45,af,22,a8,f7,91,ac,77,5b,00,00,00,00,02,00,00,00,02,00,00,00,22,02,00,\
00,4d,60,5a,c3,2b,d2,1a,4e,91,b4,68,f6,74,ee,67,4b,00,00,00,00,02,00,00,00,\
02,00,00,00,23,02,00,00,00,00,00,00,c0,e1,00,10,68,01,00,00,01,00,04,8c,50,\
01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,\
18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,\
00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,\
ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,\
ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,\
00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,\
56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,\
45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,\
06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,\
c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,\
00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,\
f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,\
3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,\
00,01,00,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,00,00,\
05,13,00,00,00
"{56b4fdc4-bb4e-4c42-a9d8-f627ee15ac21}"=hex:01,10,08,00,cc,cc,cc,cc,c8,02,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,40,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,40,01,00,00,01,10,08,00,cc,cc,cc,cc,30,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,c4,fd,b4,56,4e,bb,42,4c,a9,d8,f6,27,ee,15,ac,21,04,00,\
02,00,08,00,02,00,11,00,00,00,0c,00,02,00,00,00,00,00,00,00,00,00,3c,65,89,\
3b,70,c1,e4,49,b1,cd,e0,ee,ee,e1,9a,3e,46,b3,36,8c,0c,4e,49,40,8b,55,52,95,\
ac,35,56,7c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,05,40,00,00,00,\
40,00,00,e0,1e,00,22,87,8e,75,4f,ba,58,24,8f,59,18,a6,3a,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0b,d7,12,00,00,00,00,\
00,04,00,00,00,04,00,00,00,10,00,02,00,15,00,00,00,00,00,00,00,15,00,00,00,\
4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,00,20,00,56,00,34,\
00,20,00,46,00,69,00,6c,00,74,00,65,00,72,00,00,00,00,00,15,00,00,00,00,00,\
00,00,15,00,00,00,4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,\
00,20,00,56,00,34,00,20,00,46,00,69,00,6c,00,74,00,65,00,72,00,00,00,00,00,\
3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,00,00,00,00,00,00,00,00,00,\
00,00,00,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,\
00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,\
05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,\
20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,\
00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,\
28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,\
55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,\
00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,\
e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,\
78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,\
00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,\
d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,\
00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,\
14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,\
05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:46 am    Post subject: Reply with quote

"{1ba41ed8-151d-4577-9272-317856bc637c}"=hex:01,10,08,00,cc,cc,cc,cc,c8,02,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,40,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,40,01,00,00,01,10,08,00,cc,cc,cc,cc,30,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,d8,1e,a4,1b,1d,15,77,45,92,72,31,78,56,bc,63,7c,04,00,\
02,00,08,00,02,00,11,00,00,00,0c,00,02,00,00,00,00,00,00,00,00,00,7a,13,c9,\
47,c4,7e,b3,46,b6,e4,48,e9,26,b1,ed,a4,46,b3,36,8c,0c,4e,49,40,8b,55,52,95,\
ac,35,56,7c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,05,40,00,00,00,\
40,00,00,65,a2,f2,79,93,b6,c9,4c,b4,80,cb,cd,87,bd,47,47,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0c,d7,12,00,00,00,00,\
00,04,00,00,00,04,00,00,00,10,00,02,00,15,00,00,00,00,00,00,00,15,00,00,00,\
4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,00,20,00,56,00,36,\
00,20,00,46,00,69,00,6c,00,74,00,65,00,72,00,00,00,00,00,15,00,00,00,00,00,\
00,00,15,00,00,00,4e,00,49,00,53,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,\
00,20,00,56,00,36,00,20,00,46,00,69,00,6c,00,74,00,65,00,72,00,00,00,00,00,\
3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,00,00,00,00,00,00,00,00,00,\
00,00,00,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,\
00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,\
05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,\
20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,\
00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,\
28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,\
55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,\
00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,\
e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,\
78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,\
00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,\
d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,\
00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,\
14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,\
05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
"{9248d57e-f843-4159-807d-3813173e2096}"=hex:01,10,08,00,cc,cc,cc,cc,00,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,78,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,78,01,00,00,01,10,08,00,cc,cc,cc,cc,68,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,7e,d5,48,92,43,f8,59,41,80,7d,38,13,17,3e,20,96,04,00,\
02,00,08,00,02,00,11,00,00,00,0c,00,02,00,00,00,00,00,00,00,00,00,0a,47,80,\
af,96,55,13,4c,99,92,53,9e,6f,e5,79,67,46,b3,36,8c,0c,4e,49,40,8b,55,52,95,\
ac,35,56,7c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,05,40,00,00,00,\
40,00,00,21,0f,b5,c4,3e,50,7a,4d,ab,d4,ed,0a,82,3a,24,53,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0d,d7,12,00,00,00,00,\
00,04,00,00,00,04,00,00,00,10,00,02,00,23,00,00,00,00,00,00,00,23,00,00,00,\
4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,46,00,6c,00,6f,00,77,00,20,\
00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,00,64,00,20,00,\
56,00,34,00,20,00,46,00,69,00,6c,00,74,00,65,00,72,00,00,00,00,00,23,00,00,\
00,00,00,00,00,23,00,00,00,4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,\
46,00,6c,00,6f,00,77,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,\
00,68,00,65,00,64,00,20,00,56,00,34,00,20,00,46,00,69,00,6c,00,74,00,65,00,\
72,00,00,00,00,00,3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,00,00,00,\
00,00,00,00,00,00,00,00,00,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,\
00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,\
02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,\
00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,\
00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,\
84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,\
59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,\
02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,\
68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,\
50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,\
10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,\
0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,\
00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,\
04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,\
01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
"{4658cd86-525d-44ed-98a5-791a7b8655f1}"=hex:01,10,08,00,cc,cc,cc,cc,00,03,00,\
00,00,00,00,00,00,00,02,00,05,00,00,00,78,01,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,78,01,00,00,01,10,08,00,cc,cc,cc,cc,68,01,00,00,00,00,00,00,00,\
00,02,00,00,00,00,00,86,cd,58,46,5d,52,ed,44,98,a5,79,1a,7b,86,55,f1,04,00,\
02,00,08,00,02,00,11,00,00,00,0c,00,02,00,00,00,00,00,00,00,00,00,b3,d2,21,\
70,a4,df,6e,40,af,eb,6a,fa,f7,e7,0e,fd,46,b3,36,8c,0c,4e,49,40,8b,55,52,95,\
ac,35,56,7c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,05,40,00,00,00,\
40,00,00,db,02,e9,91,ef,2c,40,40,b8,e2,02,fe,4f,d4,9c,25,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0e,d7,12,00,00,00,00,\
00,04,00,00,00,04,00,00,00,10,00,02,00,23,00,00,00,00,00,00,00,23,00,00,00,\
4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,46,00,6c,00,6f,00,77,00,20,\
00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,00,64,00,20,00,\
56,00,36,00,20,00,46,00,69,00,6c,00,74,00,65,00,72,00,00,00,00,00,23,00,00,\
00,00,00,00,00,23,00,00,00,4e,00,49,00,53,00,20,00,41,00,4c,00,45,00,20,00,\
46,00,6c,00,6f,00,77,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,\
00,68,00,65,00,64,00,20,00,56,00,36,00,20,00,46,00,69,00,6c,00,74,00,65,00,\
72,00,00,00,00,00,3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,00,00,00,\
00,00,00,00,00,00,00,00,00,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,\
00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,\
02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,\
00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,\
00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,\
84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,\
59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,\
02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,\
68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,\
50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,\
10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,\
0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,\
00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,\
04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,\
01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\Provider]
"{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}"=hex:01,10,08,00,cc,cc,cc,cc,f0,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,d0,00,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,d0,00,00,00,01,10,08,00,cc,cc,cc,cc,c0,00,00,00,00,00,00,00,00,\
00,02,00,ca,16,cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,04,00,02,00,08,00,\
02,00,01,00,00,00,00,00,00,00,00,00,00,00,0c,00,02,00,18,00,00,00,00,00,00,\
00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,\
50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,31,\
00,00,00,18,00,00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,\
77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,\
00,32,00,33,00,35,00,30,00,32,00,00,00,07,00,00,00,00,00,00,00,07,00,00,00,\
6d,00,70,00,73,00,73,00,76,00,63,00,00,00,00,00,00,00,00,00
"{4b153735-1049-4480-aab4-d1b9bdc03710}"=hex:01,10,08,00,cc,cc,cc,cc,f0,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,d0,00,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,d0,00,00,00,01,10,08,00,cc,cc,cc,cc,c0,00,00,00,00,00,00,00,00,\
00,02,00,35,37,15,4b,49,10,80,44,aa,b4,d1,b9,bd,c0,37,10,04,00,02,00,08,00,\
02,00,01,00,00,00,00,00,00,00,00,00,00,00,0c,00,02,00,18,00,00,00,00,00,00,\
00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,\
50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,30,00,31,\
00,00,00,18,00,00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,\
77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,\
00,32,00,33,00,35,00,30,00,32,00,00,00,07,00,00,00,00,00,00,00,07,00,00,00,\
6d,00,70,00,73,00,73,00,76,00,63,00,00,00,00,00,00,00,00,00
"{1bebc969-61a5-4732-a177-847a0817862a}"=hex:01,10,08,00,cc,cc,cc,cc,58,02,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,d0,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,d0,00,00,00,01,10,08,00,cc,cc,cc,cc,c0,00,00,00,00,00,00,00,00,\
00,02,00,69,c9,eb,1b,a5,61,32,47,a1,77,84,7a,08,17,86,2a,04,00,02,00,08,00,\
02,00,01,00,00,00,00,00,00,00,00,00,00,00,0c,00,02,00,18,00,00,00,00,00,00,\
00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,6c,00,41,00,\
50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,00,32,00,31,\
00,00,00,18,00,00,00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,\
77,00,61,00,6c,00,6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,\
00,32,00,33,00,35,00,32,00,32,00,00,00,07,00,00,00,00,00,00,00,07,00,00,00,\
4d,00,50,00,53,00,53,00,56,00,43,00,00,00,00,00,68,01,00,00,01,00,04,8c,50,\
01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,\
18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,\
00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,\
ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,\
ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,\
00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,\
56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,\
45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,\
06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,\
c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,\
00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,\
f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,\
3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,\
00,01,00,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,00,00,\
05,13,00,00,00
"{42ff0794-3627-44c1-9886-765010075254}"=hex:01,10,08,00,cc,cc,cc,cc,70,02,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,e8,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,e8,00,00,00,01,10,08,00,cc,cc,cc,cc,d8,00,00,00,00,00,00,00,00,\
00,02,00,94,07,ff,42,27,36,c1,44,98,86,76,50,10,07,52,54,04,00,02,00,08,00,\
02,00,01,00,00,00,00,00,00,00,00,00,00,00,0c,00,02,00,16,00,00,00,00,00,00,\
00,16,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,\
41,00,6e,00,74,00,69,00,6d,00,61,00,6c,00,77,00,61,00,72,00,65,00,00,00,16,\
00,00,00,00,00,00,00,16,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,\
66,00,74,00,20,00,41,00,6e,00,74,00,69,00,6d,00,61,00,6c,00,77,00,61,00,72,\
00,65,00,00,00,16,00,00,00,00,00,00,00,16,00,00,00,4d,00,69,00,63,00,72,00,\
6f,00,73,00,6f,00,66,00,74,00,20,00,41,00,6e,00,74,00,69,00,6d,00,61,00,6c,\
00,77,00,61,00,72,00,65,00,00,00,00,00,00,00,68,01,00,00,01,00,04,8c,50,01,\
00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,\
00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,\
ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,\
07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,\
0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,\
05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,\
00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,\
ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,\
00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,\
5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,\
0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,\
03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,\
45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,\
01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,\
12,00,00,00
"{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}"=hex:01,10,08,00,cc,cc,cc,cc,50,02,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,c8,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,c8,00,00,00,01,10,08,00,cc,cc,cc,cc,b8,00,00,00,00,00,00,00,00,\
00,02,00,87,7d,6a,aa,8f,7f,2a,4d,be,53,fd,a5,55,cd,5f,e3,04,00,02,00,08,00,\
02,00,01,00,00,00,00,00,00,00,00,00,00,00,0c,00,02,00,14,00,00,00,00,00,00,\
00,14,00,00,00,40,00,70,00,6f,00,6c,00,73,00,74,00,6f,00,72,00,65,00,2e,00,\
64,00,6c,00,6c,00,2c,00,2d,00,35,00,30,00,31,00,33,00,00,00,14,00,00,00,00,\
00,00,00,14,00,00,00,40,00,70,00,6f,00,6c,00,73,00,74,00,6f,00,72,00,65,00,\
2e,00,64,00,6c,00,6c,00,2c,00,2d,00,35,00,30,00,31,00,34,00,00,00,0c,00,00,\
00,00,00,00,00,0c,00,00,00,50,00,6f,00,6c,00,69,00,63,00,79,00,61,00,67,00,\
65,00,6e,00,74,00,00,00,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,\
00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,\
00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,00,\
00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,00,\
00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,\
4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,\
9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,\
00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,\
f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,\
00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,\
28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,\
18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,\
00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,\
58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,01,\
00,00,00,00,00,05,14,00,00,00,01,01,00,00,00,00,00,05,14,00,00,00
"{839cd73f-1907-49ea-9aa5-0e6be9048087}"=hex:01,10,08,00,cc,cc,cc,cc,40,02,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,b8,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,b8,00,00,00,01,10,08,00,cc,cc,cc,cc,a8,00,00,00,00,00,00,00,00,\
00,02,00,3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,04,00,02,00,08,00,\
02,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,\
00,04,00,00,00,4e,00,49,00,53,00,00,00,2b,00,00,00,00,00,00,00,2b,00,00,00,\
4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,4e,00,65,00,74,\
00,77,00,6f,00,72,00,6b,00,20,00,49,00,6e,00,73,00,70,00,65,00,63,00,74,00,\
69,00,6f,00,6e,00,20,00,53,00,79,00,73,00,74,00,65,00,6d,00,20,00,44,00,72,\
00,69,00,76,00,65,00,72,00,00,00,00,00,00,00,00,00,68,01,00,00,01,00,04,8c,\
50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,\
10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,\
18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,\
00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,\
a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,\
00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,\
13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,\
bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,\
01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,\
1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,\
00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,\
00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,\
4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,\
00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,\
00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\SubLayer]
"{b3cdd441-af90-41ba-a745-7c6008ff2300}"=hex:01,10,08,00,cc,cc,cc,cc,c0,00,00,\
00,00,00,00,00,00,00,02,00,02,00,00,00,a0,00,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,a0,00,00,00,01,10,08,00,cc,cc,cc,cc,90,00,00,00,00,00,00,00,00,\
00,02,00,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,08,ff,23,00,04,00,02,00,08,00,\
02,00,01,00,00,00,0c,00,02,00,00,00,00,00,00,00,00,00,03,00,00,00,18,00,00,\
00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,\
6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,\
00,30,00,31,00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,35,37,\
15,4b,49,10,80,44,aa,b4,d1,b9,bd,c0,37,10,00,00,00,00,00,00,00,00
"{b3cdd441-af90-41ba-a745-7c6008ff2301}"=hex:01,10,08,00,cc,cc,cc,cc,c0,00,00,\
00,00,00,00,00,00,00,02,00,02,00,00,00,a0,00,00,00,04,00,02,00,00,00,00,00,\
00,00,00,00,a0,00,00,00,01,10,08,00,cc,cc,cc,cc,90,00,00,00,00,00,00,00,00,\
00,02,00,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,08,ff,23,01,04,00,02,00,08,00,\
02,00,01,00,00,00,0c,00,02,00,00,00,00,00,00,00,00,00,02,00,00,00,18,00,00,\
00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,\
6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,\
00,30,00,31,00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,ca,16,\
cc,de,33,3f,46,43,be,1e,8f,b4,ae,0f,3d,62,00,00,00,00,00,00,00,00
"{b3cdd441-af90-41ba-a745-7c6008ff2302}"=hex:01,10,08,00,cc,cc,cc,cc,28,02,00,\
00,00,00,00,00,00,00,02,00,02,00,00,00,a0,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,a0,00,00,00,01,10,08,00,cc,cc,cc,cc,90,00,00,00,00,00,00,00,00,\
00,02,00,41,d4,cd,b3,90,af,ba,41,a7,45,7c,60,08,ff,23,02,04,00,02,00,08,00,\
02,00,01,00,00,00,0c,00,02,00,00,00,00,00,00,00,00,00,04,00,00,00,18,00,00,\
00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,\
6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,\
00,30,00,31,00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,35,37,\
15,4b,49,10,80,44,aa,b4,d1,b9,bd,c0,37,10,00,00,00,00,68,01,00,00,01,00,04,\
8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,\
00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,\
10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,\
28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,\
57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,\
00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,\
42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,\
41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,\
00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,\
ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,\
00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,\
28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,\
b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,\
00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,\
00,00,05,13,00,00,00
"{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}"=hex:01,10,08,00,cc,cc,cc,cc,28,02,00,\
00,00,00,00,00,00,00,02,00,02,00,00,00,a0,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,a0,00,00,00,01,10,08,00,cc,cc,cc,cc,90,00,00,00,00,00,00,00,00,\
00,02,00,13,00,a3,9b,4e,c8,e5,47,ac,6e,1e,1a,ed,72,fa,69,04,00,02,00,08,00,\
02,00,01,00,00,00,0c,00,02,00,00,00,00,00,00,00,00,00,01,a0,00,00,18,00,00,\
00,00,00,00,00,18,00,00,00,40,00,46,00,69,00,72,00,65,00,77,00,61,00,6c,00,\
6c,00,41,00,50,00,49,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,32,00,33,00,35,\
00,32,00,31,00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,69,c9,\
eb,1b,a5,61,32,47,a1,77,84,7a,08,17,86,2a,00,00,00,00,68,01,00,00,01,00,04,\
8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,\
00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,\
10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,\
28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,\
57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,\
00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,\
42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,\
41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,\
00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,\
ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,\
00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,\
28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,\
b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,\
00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,01,01,00,00,00,\
00,00,05,13,00,00,00
"{4224eab7-7d61-4fe0-9264-6d6568d2ddff}"=hex:01,10,08,00,cc,cc,cc,cc,20,02,00,\
00,00,00,00,00,00,00,02,00,02,00,00,00,98,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,98,00,00,00,01,10,08,00,cc,cc,cc,cc,88,00,00,00,00,00,00,00,00,\
00,02,00,b7,ea,24,42,61,7d,e0,4f,92,64,6d,65,68,d2,dd,ff,04,00,02,00,08,00,\
02,00,01,00,00,00,0c,00,02,00,00,00,00,00,00,00,00,00,06,00,00,00,16,00,00,\
00,00,00,00,00,16,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,\
74,00,20,00,41,00,6e,00,74,00,69,00,6d,00,61,00,6c,00,77,00,61,00,72,00,65,\
00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,94,07,ff,42,27,36,\
c1,44,98,86,76,50,10,07,52,54,68,01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,\
00,00,00,00,00,14,00,00,00,02,00,3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,\
01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,10,18,00,ff,07,03,00,01,\
02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,\
00,00,00,00,00,05,50,00,00,00,f1,41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,\
42,84,4f,11,31,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,\
49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,\
03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,\
92,68,f4,ad,64,8f,d5,e6,70,e9,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,\
05,50,00,00,00,79,09,78,b5,af,a1,ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,\
00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,\
c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,\
00,00,00,00,00,05,50,00,00,00,6e,bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,\
27,04,58,d8,6b,00,10,14,00,50,00,00,00,01,01,00,00,00,00,00,01,00,00,00,00,\
01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
"{8c36b346-4e0c-4049-8b55-5295ac35567c}"=hex:01,10,08,00,cc,cc,cc,cc,60,02,00,\
00,00,00,00,00,00,00,02,00,02,00,00,00,d8,00,00,00,04,00,02,00,68,01,00,00,\
08,00,02,00,d8,00,00,00,01,10,08,00,cc,cc,cc,cc,c8,00,00,00,00,00,00,00,00,\
00,02,00,46,b3,36,8c,0c,4e,49,40,8b,55,52,95,ac,35,56,7c,04,00,02,00,08,00,\
02,00,01,00,00,00,0c,00,02,00,00,00,00,00,00,00,00,00,ff,ff,00,00,1b,00,00,\
00,00,00,00,00,1b,00,00,00,4e,00,49,00,53,00,20,00,48,00,69,00,67,00,68,00,\
20,00,50,00,72,00,69,00,6f,00,72,00,69,00,74,00,79,00,20,00,53,00,75,00,62,\
00,6c,00,61,00,79,00,65,00,72,00,00,00,00,00,1b,00,00,00,00,00,00,00,1b,00,\
00,00,4e,00,49,00,53,00,20,00,48,00,69,00,67,00,68,00,20,00,50,00,72,00,69,\
00,6f,00,72,00,69,00,74,00,79,00,20,00,53,00,75,00,62,00,6c,00,61,00,79,00,\
65,00,72,00,00,00,00,00,3f,d7,9c,83,07,19,ea,49,9a,a5,0e,6b,e9,04,80,87,68,\
01,00,00,01,00,04,8c,50,01,00,00,5c,01,00,00,00,00,00,00,14,00,00,00,02,00,\
3c,01,09,00,00,00,00,10,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,\
00,20,02,00,00,00,10,18,00,ff,07,03,00,01,02,00,00,00,00,00,05,20,00,00,00,\
2c,02,00,00,00,10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,f1,\
41,10,b8,36,fc,4d,57,a8,ae,0b,70,25,21,04,42,84,4f,11,31,00,10,28,00,ff,07,\
03,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,\
0e,a7,8b,eb,ca,7b,42,13,56,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,\
50,00,00,00,44,3e,41,bb,45,ba,a8,7a,6c,bd,92,68,f4,ad,64,8f,d5,e6,70,e9,00,\
10,28,00,ff,07,03,00,01,06,00,00,00,00,00,05,50,00,00,00,79,09,78,b5,af,a1,\
ed,d8,54,5e,32,f4,ff,1b,c4,5f,fd,d9,e0,4a,00,10,28,00,ff,07,03,00,01,06,00,\
00,00,00,00,05,50,00,00,00,0a,d8,62,3a,d9,c6,0f,18,1b,65,b5,eb,d6,6d,2f,8b,\
78,83,39,5c,00,10,28,00,f4,03,02,00,01,06,00,00,00,00,00,05,50,00,00,00,6e,\
bf,1b,bb,45,ef,d2,b1,4a,3b,45,db,50,5b,43,27,04,58,d8,6b,00,10,14,00,50,00,\
00,00,01,01,00,00,00,00,00,01,00,00,00,00,01,01,00,00,00,00,00,05,12,00,00,\
00,01,01,00,00,00,00,00,05,12,00,00,00
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:47 am    Post subject: Reply with quote

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\wscsvc]
"DisplayName"="@%SystemRoot%\\System32\\wscsvc.dll,-200"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,73,00,74,00,\
72,00,69,00,63,00,74,00,65,00,64,00,00,00
"Start"=dword:00000002
"Type"=dword:00000020
"Description"="@%SystemRoot%\\System32\\wscsvc.dll,-201"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,57,00,69,00,6e,00,\
4d,00,67,00,6d,00,74,00,00,00,00,00
"ObjectName"="NT AUTHORITY\\LocalService"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,00,00
"DelayedAutoStart"=dword:00000001
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\wscsvc\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
77,00,73,00,63,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\wscsvc\Security]
"Security"=hex:01,00,14,80,c8,00,00,00,d4,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,98,00,06,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\
00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,\
00,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,28,00,15,00,00,00,01,06,00,\
00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,\
7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,\
00,00,00
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:57 am    Post subject: Reply with quote

Step 1 hidden files

Show hidden files already checked
Hode extension and hide protected operating system already unchecked.
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 4:59 am    Post subject: Reply with quote

Step 2
system look.txt report


SystemLook 30.07.11 by jpshortstuff
Log created at 13:58 on 09/06/2012 by Teresa
Administrator - Elevation successful

========== dir ==========

c:\windows\Temp678CEF2C-4B39-4B24-F5B1-8323F946A43B-Signatures - Parameters: "/s "

---Files---
mpasbase.vdm --a---- 14492664 bytes [20:17 30/05/2012] [20:46 17/05/2012]
mpasdlta.vdm --a---- 675840 bytes [20:17 30/05/2012] [20:09 30/05/2012]
mpavbase.vdm --a---- 45155320 bytes [20:17 30/05/2012] [20:46 17/05/2012]
mpavdlta.vdm --a---- 1675264 bytes [20:17 30/05/2012] [20:09 30/05/2012]
mpengine.dll --a---- 8955792 bytes [20:17 30/05/2012] [17:02 08/05/2012]

No folders found.

========== contents ==========

C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Preferences - Opened succesfully.

{
"webkit": {
"webprefs": {
"allow_running_insecure_content": true
}
},
"browser": {
"window_placement": {
"bottom": 1025,
"left": 306,
"maximized": true,
"right": 1356,
"top": 317,
"work_area_bottom": 728,
"work_area_left": 0,
"work_area_right": 1366,
"work_area_top": 0
}
},
"countryid_at_install": 18242,
"default_search_provider": {
"enabled": true,
"encodings": "UTF-8",
"icon_url": "http://www.google.com/favicon.ico",
"id": "2",
"instant_url": "{google:baseURL}webhp?{google:RLZ}sourceid=chrome-instant&ie={inputEncoding}&ion=1{searchTerms}&nord=1",
"keyword": "google.ie",
"name": "Google",
"prepopulate_id": "1",
"search_url": "{google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}",
"suggest_url": "{google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}"
},
"distribution": {
"make_chrome_default_for_user": true
},
"dns_prefetching": {
"host_referral_list": [2, ["http://0.90.channel.facebook.com/", ["chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/", 0.595000, "http://static.ak.fbcdn.net/", 0.425000]], ["http://ad-emea.doubleclick.net/", ["http://s0.2mdn.net/", 0.085000]], ["http://ad.doubleclick.net/", ["http://s0.2mdn.net/", 0.170000]], ["http://googleads.g.doubleclick.net/", ["http://pagead2.googlesyndication.com/", 0.239695]], ["http://s.ytimg.com/", ["http://ad-emea.doubleclick.net/", 0.425000, "http://googleads.g.doubleclick.net/", 0.340000, "http://i1.ytimg.com/", 0.085000, "http://s.youtube.com/", 0.425000, "http://s0.2mdn.net/", 0.595000, "http://s2.youtube.com/", 0.510000, "http://v19.lscache8.c.youtube.com/", 0.255000, "http://v21.lscache5.c.youtube.com/", 0.085000, "http://v5.lscache2.c.youtube.com/", 0.085000, "http://www.youtube.com/", 1.020000]], ["http://www.365online.ie/", ["chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/", 0.987700]], ["http://www.facebook.com/", ["chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/", 0.595000, "http://external.ak.fbcdn.net/", 0.425000, "http://photos-a.ak.fbcdn.net/", 0.255000, "http://photos-c.ak.fbcdn.net/", 0.425000, "http://photos-e.ak.fbcdn.net/", 0.255000, "http://photos-f.ak.fbcdn.net/", 0.170000, "http://photos-g.ak.fbcdn.net/", 0.085000, "http://platform.ak.fbcdn.net/", 0.255000, "http://profile.ak.fbcdn.net/", 9.520000, "http://static.ak.fbcdn.net/", 8.330000]], ["http://www.google.com/", ["chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/", 0.061535, "http://www.google.ie/", 0.141100]], ["http://www.google.ie/", ["chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/", 0.987700, "http://clients1.google.ie/", 0.141100]], ["http://www.jumbletown.ie/", ["chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/", 0.259182, "http://www.google-analytics.com/", 0.074052]], ["http://www.rte.ie/", ["chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/", 0.595000, "http://ad.ie.doubleclick.net/", 0.425000, "http://b.scorecardresearch.com/", 0.255000, "http://dj.rte.ie/", 0.170000, "http://dnn506yrbagrg.cloudfront.net/", 0.085000, "http://ie-stat.bmmetrix.com/", 0.170000, "http://img.rasset.ie/", 3.145000, "http://s0.2mdn.net/", 0.510000, "http://static.rasset.ie/", 0.255000, "http://t.bmmetrix.com/", 0.085000]], ["http://www.youtube.com/", ["http://csi.gstatic.com/", 0.170000, "http://googleads.g.doubleclick.net/", 0.255000, "http://i1.ytimg.com/", 0.425000, "http://i2.ytimg.com/", 0.707438, "http://i3.ytimg.com/", 0.367200, "http://i4.ytimg.com/", 0.367200, "http://pagead2.googlesyndication.com/", 0.085000, "http://s.ytimg.com/", 0.141100, "http://suggestqueries.google.com/", 0.603364, "http://www.google.com/", 0.170000]], ["https://mail.google.com/", ["https://chatenabled.mail.google.com/", 0.085000, "https://pagead2.googleadservices.com/", 0.085000, "https://www.google.com/", 0.085000]], ["https://www.adobe.com/", ["https://adobe.tt.omtrdc.net/", 1.020000, "https://sstats.adobe.com/", 0.850000, "https://tt11.adobe.com/", 0.170000, "https://www.adobe.com/", 18.700000]], ["https://www.google.com/", ["https://mail.google.com/", 0.168300, "https://ssl.google-analytics.com/", 0.112200]]],
"startup_list": [1, "http://www.adobe.com/", "https://adobe.tt.omtrdc.net/", "https://sstats.adobe.com/", "https://tt11.adobe.com/", "https://www.adobe.com/"]
},
"download": {
"directory_upgrade": true,
"extensions_to_open": ""
},
"extensions": {
"autoupdate": {
"last_check": "12947422456713649",
"next_check": "12949448692380608"
},
"chrome_url_overrides": {
"bookmarks": ["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]
},
"settings": {
},
"toolbar": [],
"toolbarsize": -1
},
"google": {
"services": {
"username": ""
}
},
"homepage": "http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=0DAFCE1E115456CC664D534FC7DF59EC&tbp=homepage",
"homepage_is_newtabpage": false,
"ntp": {
"alt_logo_end": 0,
"alt_logo_resource_server": "https://www.google.com/support/chrome/bin/topic/30248/inproduct",
"alt_logo_start": 0,
"pref_version": 3,
"promo_build": 2,
"promo_closed": false,
"promo_end": 1299830340,
"promo_group": 5,
"promo_group_timeslice": 0,
"promo_line": "Use Chrome on another computer? Take your bookmarks and more with you.",
"promo_resource_cache_update": "1304974020.481637",
"promo_start": 1299830280,
"shown_sections": 1,
"web_resource_cache_update": "1287598078.604567"
},
"plugins": {
"enabled_internal_pdf3": true,
"last_internal_directory": "C:\\Users\\Teresa\\AppData\\Local\\Google\\Chrome\\Application\\11.0.696.65",
"plugins_list": [{
"enabled": true,
"name": "Shockwave Flash",
"path": "C:\\Users\\Teresa\\AppData\\Local\\Google\\Chrome\\Application\\11.0.696.65\\gcswf32.dll",
"version": "10,2,154,25"
}, {
"enabled": true,
"name": "Java Deployment Toolkit 6.0.220.4",
"path": "C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npdeployJava1.dll",
"version": "6.0.220.4"
}, {
"enabled": true,
"name": "Java(TM) Platform SE 6 U22",
"path": "C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npjp2.dll",
"version": "6.0.220.4"
}, {
"enabled": false,
"name": "Adobe Acrobat",
"path": "C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Browser\\nppdf32.dll",
"version": "9.4.3.231"
}, {
"enabled": true,
"name": "Silverlight Plug-In",
"path": "c:\\Program Files (x86)\\Microsoft Silverlight\\4.0.60129.0\\npctrl.dll",
"version": "4.0.60129.0"
}, {
"enabled": true,
"name": "Chrome PDF Viewer",
"path": "C:\\Users\\Teresa\\AppData\\Local\\Google\\Chrome\\Application\\11.0.696.65\\pdf.dll",
"version": ""
}, {
"enabled": true,
"name": "Google Gears 0.5.33.0",
"path": "C:\\Users\\Teresa\\AppData\\Local\\Google\\Chrome\\Application\\11.0.696.65\\gears.dll",
"version": "0.5.33.0"
}, {
"enabled": true,
"name": "Skype Toolbars",
"path": "C:\\Users\\Teresa\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\lifbcibllhkdhoafpjfnlhfpfgnpldfl\\5.0.0.6778_0\\npSkypeChromePlugin.dll",
"version": "5.0.0.6778"
}, {
"enabled": true,
"name": "Google Update",
"path": "C:\\Program Files (x86)\\Google\\Update\\1.2.183.39\\npGoogleOneClick8.dll",
"version": "1.2.183.39"
}, {
"enabled": true,
"name": "Windows Live™ Photo Gallery",
"path": "C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll",
"version": "15.4.3508.1109_ship.wlx.w4m4 (ship)"
}, {
"enabled": true,
"name": "Default Plug-in",
"path": "default_plugin",
"version": "1"
}, {
"enabled": true,
"name": "Flash"
}, {
"enabled": true,
"name": "Java 6"
}, {
"enabled": false,
"name": "Adobe Acrobat"
}, {
"enabled": true,
"name": "Silverlight"
}, {
"enabled": true,
"name": "Chrome PDF Viewer"
}, {
"enabled": true,
"name": "Google Gears 0.5.33.0"
}, {
"enabled": true,
"name": "Skype Toolbars"
}, {
"enabled": true,
"name": "Google Update"
}, {
"enabled": true,
"name": "Windows Live™ Photo Gallery"
}, {
"enabled": true,
"name": "Default Plug-in"
}]
},
"profile": {
"content_settings": {
"pref_version": 1
},
"exited_cleanly": true,
"multiple_profile_prefs_version": 1
},
"tabs": {
"use_vertical_tabs": false
},
"session": {
"urls_to_restore_on_startup": ["http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=0DAFCE1E115456CC664D534FC7DF59EC&tbp=homepage"],
"restore_on_startup": 4
},
"backup": {
"homepage": "http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=0DAFCE1E115456CC664D534FC7DF59EC&tbp=homepage",
"homepage_is_newtabpage": false,
"session": {
"urls_to_restore_on_startup": ["http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=0DAFCE1E115456CC664D534FC7DF59EC&tbp=homepage"],
"restore_on_startup": 4
}
}
}


-= EOF =-
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 5:02 am    Post subject: Reply with quote

step 3 windows defender

Ran the first part winmgmt/verifyrepository and it came up that it is consistant so have not run the next part as you said it would say not consistant

will hold off on next steps until this is clarified by you.
Back to top
View user's profile Send private message
partnership
Warrior


Joined: 01 Jun 2012
Last Visit: 25 Jun 2013
Posts: 55

PostPosted: Sat Jun 09, 2012 10:46 am    Post subject: Reply with quote

Another update

I use Calibre as a book management system to transfer books to my reader and I have just noticed that it will not open - this is only since I started this thread.
It says python function terminated unexpectedly cannot import name qvariant error code 1. I don't want to go to calibre help or redownload without checking with you first. It is a free software programme not an illegal one.
Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics All times are GMT - 8 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group