Page 1 of 4 1234 LastLast
Results 1 to 10 of 33

Thread: win32.androm.bmne found by ZA - unable to update Spybot Professional

  1. 2014-02-11, 01:24 #1
    CleanTech
    CleanTech is offline
    Member CleanTech's Avatar
    Join Date
    Jan 2014
    Posts
    35

    Default win32.androm.bmne found by ZA - unable to update Spybot Professional

    Hi,
    Last week Zone Alarm detected 'backdoor.win32.androm.bmne' - treatment showed as 'treated' - ZA log showed it was located in a Thunderbird email attachment. New ZA logs show nothing. However, I am unable to update Spybot Prof (upgraded today) or Malwarebytes. Also receiving error messages from Chrome and system overall is VERY sluggish. Unable to run ERUNT or DSS - receiving error message "this file is not compatible with this version of Windows" (=Win 7 64-bit). I was able to run aswMBR which log is shown below:

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2014-02-10 15:36:16
    -----------------------------
    15:36:16.333 OS Version: Windows x64 6.1.7601 Service Pack 1
    15:36:16.333 Number of processors: 4 586 0x100
    15:36:16.334 ComputerName: ONSCREENOFFICE UserName: KIP
    15:36:17.901 Initialize success
    15:36:43.996 AVAST engine download error: 0
    15:36:47.130 The log file has been saved successfully to "C:\Users\KIP.OnscreenOffice\Desktop\aswMBR.txt"


    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2014-02-10 15:36:16
    -----------------------------
    15:36:16.333 OS Version: Windows x64 6.1.7601 Service Pack 1
    15:36:16.333 Number of processors: 4 586 0x100
    15:36:16.334 ComputerName: ONSCREENOFFICE UserName: KIP
    15:36:17.901 Initialize success
    15:36:43.996 AVAST engine download error: 0
    15:36:47.130 The log file has been saved successfully to "C:\Users\KIP.OnscreenOffice\Desktop\aswMBR.txt"
    15:37:04.233 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    15:37:04.239 Disk 0 Vendor: ST31000524AS JC4B Size: 953869MB BusType: 3
    15:37:04.336 Disk 0 MBR read successfully
    15:37:04.340 Disk 0 MBR scan
    15:37:04.343 Disk 0 Windows 7 default MBR code
    15:37:04.351 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    15:37:04.362 Disk 0 Partition 2 00 1B Hidd FAT32 NTFS 14524 MB offset 206848
    15:37:04.367 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 381546 MB offset 29952000
    15:37:04.394 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 557696 MB offset 811358226
    15:37:04.424 Disk 0 scanning C:\windows\system32\drivers
    15:37:11.636 Service scanning
    15:37:24.562 Modules scanning
    15:37:24.581 Disk 0 trace - called modules:
    15:37:24.606 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
    15:37:24.613 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007504060]
    15:37:24.619 3 CLASSPNP.SYS[fffff8800261743f] -> nt!IofCallDriver -> [0xfffffa800723ee40]
    15:37:24.625 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80071be680]
    15:37:24.632 Scan finished successfully
    15:37:31.146 Disk 0 MBR has been saved successfully to "C:\Users\KIP.OnscreenOffice\Desktop\MBR.dat"
    15:37:31.151 The log file has been saved successfully to "C:\Users\KIP.OnscreenOffice\Desktop\aswMBR.txt"

    Thank you for your assistance.
  2. 2014-02-11, 15:19 #2
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Hi and welcome

    Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
    There are 6 different versions. If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click and choose Run as Admin
    You only need to get one of them to run, not all of them.
    1. rkill.exe
    2. rkill.com
    3. rkill.scr
    4. rkill.pif
    5. WiNlOgOn.exe
    6. uSeRiNiT.exe


    ******************************

    Please download http://www.bleepingcomputer.com/down...ery-scan-tool/ and save it to your Desktop.

    (use correct version for your system.....Which system am I using?)


    and Tutorial

    http://www.geekstogo.com/forum/topic...ery-scan-tool/



    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
  3. 2014-02-11, 19:19 #3
    CleanTech
    CleanTech is offline
    Member CleanTech's Avatar
    Join Date
    Jan 2014
    Posts
    35

    Default win32.androm.bmne found by ZA - unable to update Spybot Professional

    Hi Juliet,
    Thank you for our response.
    I will be posting the logs in 2 separate replies - as together they appear to have too many characters (received error message).

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 01
    Ran by KIP (administrator) on ONSCREENOFFICE on 11-02-2014 10:04:45
    Running from C:\Users\KIP.OnscreenOffice\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AMD) C:\windows\system32\atiesrxx.exe
    (AMD) C:\windows\system32\atieclxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
    () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
    () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe
    (ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
    (Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe
    (Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToMyPC\g2comm.exe
    (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
    (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
    (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
    (Nalpeiron Ltd.) C:\windows\SysWOW64\NLSSRV32.EXE
    (PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
    (Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToMyPC\g2pre.exe
    (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    (Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    (Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToMyPC\g2tray.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    () C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe
    (VIA Technologies, Inc.) C:\windows\system32\viakaraokesrv.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    (Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\Dashlane.exe
    (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    (Dropbox, Inc.) C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (SonicWALL, Inc.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\MailFrontier\mantispm.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Nitro PDF) C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
    (Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\windows\system32\prevhost.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    (Microsoft Corporation) C:\windows\splwow64.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\windows\sysWow64\SearchProtocolHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Farbar) C:\Users\KIP.OnscreenOffice\Desktop\FRST64 (1).exe


    ==================== Registry (Whitelisted) ==================

    HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [3037296 2011-05-06] (VIA)
    HKLM-x32\...\Run: [RunAIShell] - C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
    HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-28] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Intuit SyncManager] - C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2829624 2013-11-08] (Intuit Inc. All rights reserved.)
    HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2013-11-27] (LeapFrog Enterprises, Inc.)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
    HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-10-25] (Check Point Software Technologies LTD)
    HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-426381243-3783371907-2229632007-1004\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
    HKU\S-1-5-21-426381243-3783371907-2229632007-1004\...\Run: [Dashlane] - C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\Dashlane.exe [277688 2014-01-07] ()
    Startup: C:\Users\KIP.OnscreenOffice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\Onscreen Office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x836A169ED425CF01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKCU - DefaultScope {ADA593D8-66F8-4326-AEDC-98566322BAA5} URL = https://www.google.com/search?q={searchTerms}
    SearchScopes: HKCU - {ADA593D8-66F8-4326-AEDC-98566322BAA5} URL = https://www.google.com/search?q={searchTerms}
    BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll No File
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Dashlane BHO - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\ie\Dashlanei.dll (Dashlane)
    BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
    BHO-x32: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
    BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll No File
    Toolbar: HKLM-x32 - PackageTracer - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69bar.dll No File
    Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\ie\KWIEBar.dll (Dashlane)
    Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - No File
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll No File
    Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
    Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
    Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll No File
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

    FireFox:
    ========
    FF ProfilePath: C:\Users\KIP.OnscreenOffice\AppData\Roaming\Mozilla\Firefox\Profiles\84i2qbr9.default
    FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
    FF Plugin-x32: @nitropdf.com/NitroPDF.PrevVerNPR - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
    FF Plugin-x32: @PackageTracer_69.com/Plugin - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\NP69Stub.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\KIP.OnscreenOffice\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
    FF Plugin ProgramFiles/Appdata: C:\Users\KIP.OnscreenOffice\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
    FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
    FF HKLM-x32\...\Firefox\Extensions: [69ffxtbr@PackageTracer_69.com] - C:\Program Files (x86)\PackageTracer_69\bar\1.bin
    FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

    Chrome:
    =======
    CHR Extension: (Google Docs) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-05]
    CHR Extension: (Google Drive) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-05]
    CHR Extension: (YouTube) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-05]
    CHR Extension: (Google Search) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-05]
    CHR Extension: (Dashlane) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjojgglmmcghgaiknnpgjgldgaocjfd [2013-12-30]
    CHR Extension: (Google Wallet) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
    CHR Extension: (Gmail) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-05]
    CHR HKCU\...\Chrome\Extension: [mkjojgglmmcghgaiknnpgjgldgaocjfd] - C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\2.3.3.52783\bin\Chrome_Extension\kwift.crx [2014-01-07]

    ==================== Services (Whitelisted) =================

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-06-28] (Advanced Micro Devices, Inc.)
    R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
    R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
    R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
    R2 Carbonite-Mirror-Image-Svc; C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe [6443072 2013-04-18] (Carbonite, Inc.)
    R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-07-24] (Nitro PDF Software)
    R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
    R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.)
    R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
    R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
    R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
    R2 UDisk Monitor; C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe [517960 2012-04-20] ()
    R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-03-29] (VIA Technologies, Inc.)
    R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2445816 2013-10-25] (Check Point Software Technologies LTD)
    R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [50704 2013-10-15] (Check Point Software Technologies, Ltd.)

    ==================== Drivers (Whitelisted) ====================

    R0 23451690; C:\Windows\System32\DRIVERS\23451690.sys [460888 2013-12-03] (Kaspersky Lab ZAO)
    R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-26] ()
    R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
    R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [46368 2013-11-20] (AVG Technologies)
    S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [128328 2012-04-20] (Incorporated)
    R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-07-17] (Kaspersky Lab ZAO)
    R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2012-01-09] (Kaspersky Lab ZAO)
    R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [489568 2013-10-09] (Kaspersky Lab ZAO)
    R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-08] (Kaspersky Lab ZAO)
    R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2012-11-15] (Kaspersky Lab)
    R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177760 2013-07-17] (Kaspersky Lab ZAO)
    R2 monblanking; C:\Windows\System32\DRIVERS\monblanking.sys [34048 2013-03-13] (Citrix Systems, Inc.)
    S3 mr97310c; C:\Windows\System32\DRIVERS\mr97310c.sys [143872 2008-03-27] (Mars Semiconductor Corp.)
    R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
    R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [454168 2013-10-23] (Check Point Software Technologies LTD)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-10-09] (Kaspersky Lab ZAO)
    U3 aswMBR; \??\C:\Users\KIP~1.ONS\AppData\Local\Temp\aswMBR.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-02-11 10:03 - 2014-02-11 10:03 - 02151424 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Desktop\FRST64 (1).exe
    2014-02-11 10:00 - 2014-02-11 10:00 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Desktop\rkill
    2014-02-11 09:59 - 2014-02-11 10:01 - 00004170 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Rkill.txt
    2014-02-11 09:59 - 2014-02-11 09:59 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill64.exe
    2014-02-11 09:58 - 2014-02-11 09:59 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill (1).exe
    2014-02-11 09:58 - 2014-02-11 09:58 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill.exe
    2014-02-10 16:38 - 2014-02-10 16:38 - 00053081 _____ () C:\Users\KIP.OnscreenOffice\Desktop\FRST2-10-14.txt
    2014-02-10 16:38 - 2014-02-10 16:38 - 00045326 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Addition2-10-14.txt
    2014-02-10 15:37 - 2014-02-10 15:37 - 00000512 _____ () C:\Users\KIP.OnscreenOffice\Desktop\MBR.dat
    2014-02-10 15:36 - 2014-02-10 15:37 - 00002508 _____ () C:\Users\KIP.OnscreenOffice\Desktop\aswMBR.txt
    2014-02-10 15:36 - 2014-02-10 15:36 - 04745728 _____ (AVAST Software) C:\Users\KIP.OnscreenOffice\Downloads\aswMBR.exe
    2014-02-10 15:35 - 2014-02-10 15:35 - 00688992 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds (2).com
    2014-02-10 15:18 - 2013-12-11 09:21 - 00000027 _____ () C:\windows\system32\Drivers\etc\hosts.20140210-151804.backup
    2014-02-10 15:16 - 2014-02-10 15:16 - 00559296 _____ (Safer-Networking Ltd. ) C:\Users\KIP.OnscreenOffice\Downloads\spybot2-license (1).exe
    2014-02-10 15:14 - 2014-02-10 15:14 - 00176332 _____ () C:\Users\KIP.OnscreenOffice\Downloads\spybot2-license.exe
    2014-02-10 11:53 - 2014-02-10 11:53 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0(2).exe
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{D68B3733-4757-43C4-B318-7F3C34511AA0}
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{B4B77F70-7975-46A8-9CD7-36EACA51FFE8}
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{5B5B485E-F7B1-4799-8D12-DCC9D158F308}
    2014-02-09 14:26 - 2014-02-09 14:26 - 00002994 _____ () C:\windows\System32\Tasks\{ADDB5998-1E29-43D8-91B7-AC3417A07022}
    2014-02-09 14:26 - 2014-02-09 14:26 - 00002994 _____ () C:\windows\System32\Tasks\{1878B3E5-12F1-4F88-BADB-C4B653D508A8}
    2014-02-09 14:16 - 2014-02-09 14:24 - 24657142 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup 27.0 (1).exe
    2014-02-09 14:07 - 2014-02-09 14:16 - 24657142 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup 27.0.exe
    2014-02-09 13:35 - 2014-02-09 13:35 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0(1).exe
    2014-02-09 13:23 - 2014-02-09 13:23 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-02-09 12:59 - 2014-02-09 12:59 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-02-09 12:59 - 2014-02-09 12:59 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Mozilla
    2014-02-09 12:58 - 2014-02-09 12:56 - 00847344 _____ (Google Inc.) C:\Users\KIP.OnscreenOffice\Downloads\ChromeSetup.exe
    2014-02-09 12:57 - 2013-02-22 13:00 - 20564496 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup 19.0.exe
    2014-02-09 12:34 - 2014-02-09 12:41 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0.exe
    2014-02-07 16:14 - 2014-02-07 16:14 - 00792600 _____ () C:\Users\KIP.OnscreenOffice\Downloads\FileOpenInstaller.exe
    2014-02-07 11:19 - 2014-02-07 11:19 - 00007611 _____ () C:\Users\KIP.OnscreenOffice\AppData\Local\Resmon.ResmonCfg
    2014-02-06 09:59 - 2014-02-06 09:59 - 00308841 _____ () C:\Users\KIP.OnscreenOffice\Desktop\TeamSpybot-20140206-095937.cab
    2014-02-06 09:42 - 2014-02-06 09:42 - 00791709 _____ () C:\Users\KIP.OnscreenOffice\Downloads\erunt-setup.exe
    2014-02-05 19:36 - 2014-02-05 19:36 - 00036405 _____ () C:\Users\KIP.OnscreenOffice\Downloads\AlphaDelta Document Index_2-3-14.xlsx
    2014-02-05 16:58 - 2014-02-05 17:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
    2014-02-04 16:08 - 2014-02-10 16:38 - 00045326 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Addition.txt
    2014-02-04 16:07 - 2014-02-11 10:05 - 00022957 _____ () C:\Users\KIP.OnscreenOffice\Desktop\FRST.txt
    2014-02-04 16:03 - 2014-02-10 16:35 - 02151424 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Desktop\FRST64.exe
    2014-02-04 16:03 - 2014-02-04 16:03 - 02080256 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Downloads\FRST64.exe
    2014-02-04 13:23 - 2014-02-04 13:23 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds (1).com
    2014-02-04 13:18 - 2014-02-04 13:18 - 00001631 _____ () C:\Users\KIP.OnscreenOffice\Desktop\v5.0 NSHP CECPV Calculator.lnk
    2014-02-04 13:18 - 2014-02-04 13:18 - 00000000 ____D () C:\CECPV50
    2014-02-04 11:53 - 2014-02-04 11:53 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Desktop\dds (1).com
    2014-02-04 11:50 - 2014-02-04 11:50 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds.com
    2014-02-03 17:42 - 2014-02-03 17:42 - 00035152 _____ () C:\Users\KIP.OnscreenOffice\Downloads\AlphaDelta Document Index_1-29-14.xlsx
    2014-02-03 16:25 - 2014-02-03 16:25 - 00000922 _____ () C:\Users\Public\Desktop\AutoDWG DWG2PDF Converter 2013.lnk
    2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\KIP~1~ONS
    2014-02-03 16:25 - 2005-10-25 19:17 - 03194880 _____ () C:\windows\SysWOW64\gsdll321.dll
    2014-02-03 16:25 - 2002-11-21 22:13 - 03907640 _____ () C:\windows\SysWOW64\gsdll32.dll
    2014-02-03 16:24 - 2014-02-03 16:24 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\AutoDWG
    2014-02-03 16:19 - 2014-02-03 16:25 - 00000000 ____D () C:\windows\SysWOW64\shxfont
    2014-02-03 16:19 - 2014-02-03 16:25 - 00000000 ____D () C:\windows\SysWOW64\ps
    2014-02-03 16:19 - 2014-02-03 16:25 - 00000000 ____D () C:\Program Files (x86)\AutoDWG
    2014-02-03 16:19 - 2014-02-03 16:19 - 00000956 _____ () C:\Users\Public\Desktop\DWGSee Pro 2013.lnk
    2014-02-03 16:19 - 2014-02-03 16:19 - 00000030 _____ () C:\windows\DWGSeePro.INI
    2014-02-03 16:15 - 2014-02-03 16:19 - 22987152 _____ (AutoDWG) C:\Users\KIP.OnscreenOffice\Downloads\DWG2PDF2013.exe
    2014-02-03 16:13 - 2014-02-03 16:16 - 20361704 _____ (Acresso Software Inc. ) C:\Users\KIP.OnscreenOffice\Downloads\DWGSeePro2013.exe
    2014-02-03 16:12 - 2014-02-03 16:14 - 00402294 _____ () C:\Users\KIP.OnscreenOffice\Downloads\SoftonicDownloader_for_free-dwg-viewer.exe
    2014-02-03 10:23 - 2014-02-03 10:24 - 00000022 _____ () C:\Users\KIP.OnscreenOffice\Downloads\filechck_7_3_6.zip
    2014-02-03 09:43 - 2014-02-03 09:43 - 01905915 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Documents.zip
    2014-01-31 15:34 - 2014-01-31 15:36 - 87327510 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Don’t Get Burned. Learn About New Fire Code (UL 1703) Requirements and Compliance Options 1-31-14, 11.00 AM.mov
    2014-01-31 10:55 - 2014-02-11 09:34 - 00000610 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-426381243-3783371907-2229632007-1004.job
    2014-01-31 10:55 - 2014-01-31 10:55 - 00003644 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-426381243-3783371907-2229632007-1004
    2014-01-31 09:54 - 2014-01-31 09:55 - 17557408 _____ (Barnes & Noble, Inc.) C:\Users\KIP.OnscreenOffice\Downloads\bndr2_setup_latest.exe
    2014-01-31 08:37 - 2014-01-31 08:37 - 00000981 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (4).qbo
    2014-01-30 15:38 - 2014-01-30 15:38 - 00003073 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Don-t Get Burned. Learn About New Fire Code (UL 1703) Requirements and Compliance Options.ics
    2014-01-30 11:43 - 2014-01-30 11:43 - 00053248 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Bronze SD.xls
    2014-01-30 11:16 - 2014-01-30 11:16 - 00001640 _____ () C:\Users\KIP.OnscreenOffice\Downloads\BillHistory (1).csv
    2014-01-30 11:13 - 2014-01-30 11:13 - 00001149 _____ () C:\Users\KIP.OnscreenOffice\Downloads\BillHistory.csv
    2014-01-29 21:35 - 2014-01-29 21:35 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-01-29 21:34 - 2014-01-29 21:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-01-29 21:34 - 2014-01-29 21:35 - 00000000 ____D () C:\Program Files\iTunes
    2014-01-29 21:34 - 2014-01-29 21:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-01-29 21:34 - 2014-01-29 21:34 - 00000000 ____D () C:\Program Files\iPod
    2014-01-29 12:08 - 2014-01-29 12:08 - 00000981 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (3).qbo
    2014-01-29 10:11 - 2014-01-29 10:11 - 02470578 _____ () C:\Users\KIP.OnscreenOffice\Downloads\GAET (1).zip
    2014-01-28 16:13 - 2014-02-09 12:31 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
    2014-01-28 16:04 - 2014-02-09 12:31 - 00000000 ____D () C:\1099 Misc - Excel Upload
    2014-01-28 16:02 - 2014-01-28 16:02 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Downloaded Installations
    2014-01-28 16:00 - 2014-01-28 16:00 - 10730223 _____ () C:\Users\KIP.OnscreenOffice\Downloads\1099 Misc Excel-Upload.zip
    2014-01-28 11:50 - 2014-01-28 11:50 - 00006144 _____ () C:\Users\KIP.OnscreenOffice\Downloads\DocumentListExport.xls
    2014-01-28 11:35 - 2014-01-28 11:36 - 55915216 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\IE11-Windows6.1-x64-en-us.exe
    2014-01-28 11:35 - 2014-01-28 11:36 - 24859352 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\Windows-KB890830-x64-V5.8.exe
    2014-01-28 11:35 - 2014-01-28 11:35 - 01005568 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\dotNetFx45_Full_setup.exe
    2014-01-28 10:55 - 2014-01-28 10:55 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\ProcAlyzer Dumps
    2014-01-27 17:45 - 2014-01-27 17:45 - 00009166 _____ () C:\Users\KIP.OnscreenOffice\Desktop\PV Clients.xlsm
    2014-01-27 16:45 - 2014-01-27 16:45 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
    2014-01-27 16:43 - 2014-02-10 15:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-01-27 16:43 - 2014-01-27 16:43 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-01-27 16:43 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
    2014-01-27 15:23 - 2014-01-27 15:24 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\KIP.OnscreenOffice\Downloads\spybot-2.2.exe
    2014-01-27 08:27 - 2014-01-27 08:33 - 07508364 _____ () C:\Users\KIP.OnscreenOffice\Downloads\CECPV4_1.msi
    2014-01-27 08:26 - 2014-01-27 08:27 - 08264704 _____ () C:\Users\KIP.OnscreenOffice\Downloads\CECPV5_0.msi
    2014-01-26 12:01 - 2014-01-26 12:01 - 00021432 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Essentials_Checking.csv
    2014-01-26 12:00 - 2014-01-26 12:00 - 00004266 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Onscreen_Business_Essentials_Checking (1).qbo
    2014-01-24 19:03 - 2014-01-24 19:03 - 00000396 _____ () C:\Users\KIP.OnscreenOffice\Downloads\solar_estimate_leads_20140124.csv
    2014-01-23 15:29 - 2014-01-23 15:31 - 126709834 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Poseidon (Alethea Solar IV, LLC) (PJM# W2-050).zip
    2014-01-22 12:37 - 2014-01-31 15:59 - 00015360 _____ () C:\Users\KIP.OnscreenOffice\Documents\InfoSheet.xlsx
    2014-01-21 15:45 - 2014-01-21 15:45 - 00060083 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Project Contacts.xlsx
    2014-01-21 09:22 - 2014-01-21 09:22 - 00000980 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (2).qbo
    2014-01-16 15:32 - 2014-01-16 15:32 - 00312744 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00189352 _____ (Oracle Corporation) C:\windows\system32\java.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
    2014-01-16 15:32 - 2014-01-16 15:32 - 00000000 ____D () C:\Program Files\Java
    2014-01-16 14:28 - 2014-01-16 14:28 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Macromedia
    2014-01-16 09:54 - 2014-01-16 09:55 - 85923441 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Leaf Cali FIT 2013.zip
    2014-01-15 17:11 - 2014-01-15 17:11 - 00156373 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Essentials_Checking.qbo
    2014-01-15 09:28 - 2014-01-15 09:28 - 00001812 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2014-01-15 09:02 - 2014-01-15 09:03 - 29406136 _____ (SUPERAntiSpyware) C:\Users\KIP.OnscreenOffice\Downloads\SUPERAntiSpyware (2).exe
    2014-01-14 21:10 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
    2014-01-14 21:10 - 2013-11-26 02:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2014-01-14 21:09 - 2013-11-26 03:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
    2014-01-13 13:01 - 2014-01-13 13:01 - 00000980 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (1).qbo

    ==================== One Month Modified Files and Folders =======

    2014-02-11 10:05 - 2014-02-04 16:07 - 00022957 _____ () C:\Users\KIP.OnscreenOffice\Desktop\FRST.txt
    2014-02-11 10:04 - 2013-12-10 08:20 - 00000000 ____D () C:\FRST
    2014-02-11 10:03 - 2014-02-11 10:03 - 02151424 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Desktop\FRST64 (1).exe
    2014-02-11 10:01 - 2014-02-11 09:59 - 00004170 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Rkill.txt
    2014-02-11 10:00 - 2014-02-11 10:00 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Desktop\rkill
    2014-02-11 09:59 - 2014-02-11 09:59 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill64.exe
    2014-02-11 09:59 - 2014-02-11 09:58 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill (1).exe
    2014-02-11 09:58 - 2014-02-11 09:58 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill.exe
    2014-02-11 09:53 - 2012-05-09 08:24 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
    2014-02-11 09:37 - 2013-07-09 08:57 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\Outlook Files
    2014-02-11 09:34 - 2014-01-31 10:55 - 00000610 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-426381243-3783371907-2229632007-1004.job
    2014-02-11 09:27 - 2012-06-03 05:18 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-02-10 23:19 - 2012-04-08 05:46 - 01782614 _____ () C:\windows\WindowsUpdate.log
    2014-02-10 18:09 - 2013-07-05 17:27 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dropbox
    2014-02-10 16:38 - 2014-02-10 16:38 - 00053081 _____ () C:\Users\KIP.OnscreenOffice\Desktop\FRST2-10-14.txt
    2014-02-10 16:38 - 2014-02-10 16:38 - 00045326 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Addition2-10-14.txt
    2014-02-10 16:38 - 2014-02-04 16:08 - 00045326 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Addition.txt
    2014-02-10 16:35 - 2014-02-04 16:03 - 02151424 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Desktop\FRST64.exe
    2014-02-10 16:35 - 2013-12-11 08:36 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Desktop\FRST-OlderVersion
    2014-02-10 15:37 - 2014-02-10 15:37 - 00000512 _____ () C:\Users\KIP.OnscreenOffice\Desktop\MBR.dat
    2014-02-10 15:37 - 2014-02-10 15:36 - 00002508 _____ () C:\Users\KIP.OnscreenOffice\Desktop\aswMBR.txt
    2014-02-10 15:36 - 2014-02-10 15:36 - 04745728 _____ (AVAST Software) C:\Users\KIP.OnscreenOffice\Downloads\aswMBR.exe
    2014-02-10 15:35 - 2014-02-10 15:35 - 00688992 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds (2).com
    2014-02-10 15:27 - 2012-06-03 05:17 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-02-10 15:20 - 2014-01-27 16:43 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-02-10 15:16 - 2014-02-10 15:16 - 00559296 _____ (Safer-Networking Ltd. ) C:\Users\KIP.OnscreenOffice\Downloads\spybot2-license (1).exe
    2014-02-10 15:14 - 2014-02-10 15:14 - 00176332 _____ () C:\Users\KIP.OnscreenOffice\Downloads\spybot2-license.exe
    2014-02-10 11:59 - 2013-06-28 14:02 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-02-10 11:53 - 2014-02-10 11:53 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0(2).exe
    2014-02-10 11:53 - 2013-12-02 09:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-02-09 16:19 - 2013-07-05 17:31 - 00000000 ___RD () C:\Users\KIP.OnscreenOffice\Dropbox
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{D68B3733-4757-43C4-B318-7F3C34511AA0}
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{B4B77F70-7975-46A8-9CD7-36EACA51FFE8}
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{5B5B485E-F7B1-4799-8D12-DCC9D158F308}
    2014-02-09 14:26 - 2014-02-09 14:26 - 00002994 _____ () C:\windows\System32\Tasks\{ADDB5998-1E29-43D8-91B7-AC3417A07022}
    2014-02-09 14:26 - 2014-02-09 14:26 - 00002994 _____ () C:\windows\System32\Tasks\{1878B3E5-12F1-4F88-BADB-C4B653D508A8}
    2014-02-09 14:24 - 2014-02-09 14:16 - 24657142 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup 27.0 (1).exe
    2014-02-09 14:16 - 2014-02-09 14:07 - 24657142 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup 27.0.exe
    2014-02-09 13:35 - 2014-02-09 13:35 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0(1).exe
    2014-02-09 13:23 - 2014-02-09 13:23 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-02-09 13:23 - 2012-06-03 05:17 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-02-09 12:59 - 2014-02-09 12:59 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-02-09 12:59 - 2014-02-09 12:59 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Mozilla
    2014-02-09 12:59 - 2013-07-08 14:24 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Mozilla
    2014-02-09 12:59 - 2013-07-08 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-02-09 12:57 - 2013-12-30 12:08 - 00008409 ____H () C:\windows\SysWOW64\BTImages.dat
    2014-02-09 12:56 - 2014-02-09 12:58 - 00847344 _____ (Google Inc.) C:\Users\KIP.OnscreenOffice\Downloads\ChromeSetup.exe
    2014-02-09 12:41 - 2014-02-09 12:34 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0.exe
    2014-02-09 12:36 - 2013-12-10 15:01 - 00000000 ____D () C:\Program Files (x86)\Constant Contact
    2014-02-09 12:31 - 2014-01-28 16:13 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
    2014-02-09 12:31 - 2014-01-28 16:04 - 00000000 ____D () C:\1099 Misc - Excel Upload
    2014-02-09 12:29 - 2013-12-02 18:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
    2014-02-09 12:23 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\NDF
    2014-02-07 16:14 - 2014-02-07 16:14 - 00792600 _____ () C:\Users\KIP.OnscreenOffice\Downloads\FileOpenInstaller.exe
    2014-02-07 13:17 - 2009-07-13 20:45 - 00016976 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-02-07 13:17 - 2009-07-13 20:45 - 00016976 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-02-07 13:08 - 2009-07-13 21:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2014-02-07 13:07 - 2013-07-01 18:33 - 00016391 _____ () C:\windows\setupact.log
    2014-02-07 11:45 - 2009-07-13 21:13 - 00802218 _____ () C:\windows\system32\PerfStringBackup.INI
    2014-02-07 11:19 - 2014-02-07 11:19 - 00007611 _____ () C:\Users\KIP.OnscreenOffice\AppData\Local\Resmon.ResmonCfg
    2014-02-06 17:37 - 2013-07-01 18:33 - 00285228 _____ () C:\windows\PFRO.log
    2014-02-06 09:59 - 2014-02-06 09:59 - 00308841 _____ () C:\Users\KIP.OnscreenOffice\Desktop\TeamSpybot-20140206-095937.cab
    2014-02-06 09:42 - 2014-02-06 09:42 - 00791709 _____ () C:\Users\KIP.OnscreenOffice\Downloads\erunt-setup.exe
    2014-02-05 19:36 - 2014-02-05 19:36 - 00036405 _____ () C:\Users\KIP.OnscreenOffice\Downloads\AlphaDelta Document Index_2-3-14.xlsx
    2014-02-05 17:04 - 2014-02-05 16:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
    2014-02-04 18:53 - 2012-05-09 08:24 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2014-02-04 18:53 - 2012-05-09 08:24 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
    2014-02-04 18:53 - 2011-11-16 15:34 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-02-04 16:03 - 2014-02-04 16:03 - 02080256 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Downloads\FRST64.exe
    2014-02-04 13:23 - 2014-02-04 13:23 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds (1).com
    2014-02-04 13:18 - 2014-02-04 13:18 - 00001631 _____ () C:\Users\KIP.OnscreenOffice\Desktop\v5.0 NSHP CECPV Calculator.lnk
    2014-02-04 13:18 - 2014-02-04 13:18 - 00000000 ____D () C:\CECPV50
    2014-02-04 13:02 - 2013-07-12 11:37 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Nitro PDF
    2014-02-04 11:53 - 2014-02-04 11:53 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Desktop\dds (1).com
    2014-02-04 11:50 - 2014-02-04 11:50 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds.com
    2014-02-04 09:38 - 2013-12-26 17:38 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\Onscreen
    2014-02-04 09:38 - 2013-08-24 16:41 - 00000000 ____D () C:\windows\pss
    2014-02-04 09:38 - 2013-07-05 17:23 - 00000000 ___RD () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2014-02-03 17:42 - 2014-02-03 17:42 - 00035152 _____ () C:\Users\KIP.OnscreenOffice\Downloads\AlphaDelta Document Index_1-29-14.xlsx
    2014-02-03 16:25 - 2014-02-03 16:25 - 00000922 _____ () C:\Users\Public\Desktop\AutoDWG DWG2PDF Converter 2013.lnk
    2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\KIP~1~ONS
    2014-02-03 16:25 - 2014-02-03 16:19 - 00000000 ____D () C:\windows\SysWOW64\shxfont
    2014-02-03 16:25 - 2014-02-03 16:19 - 00000000 ____D () C:\windows\SysWOW64\ps
    2014-02-03 16:25 - 2014-02-03 16:19 - 00000000 ____D () C:\Program Files (x86)\AutoDWG
    2014-02-03 16:25 - 2011-11-16 15:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-02-03 16:24 - 2014-02-03 16:24 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\AutoDWG
    2014-02-03 16:19 - 2014-02-03 16:19 - 00000956 _____ () C:\Users\Public\Desktop\DWGSee Pro 2013.lnk
    2014-02-03 16:19 - 2014-02-03 16:19 - 00000030 _____ () C:\windows\DWGSeePro.INI
    2014-02-03 16:19 - 2014-02-03 16:15 - 22987152 _____ (AutoDWG) C:\Users\KIP.OnscreenOffice\Downloads\DWG2PDF2013.exe
    2014-02-03 16:16 - 2014-02-03 16:13 - 20361704 _____ (Acresso Software Inc. ) C:\Users\KIP.OnscreenOffice\Downloads\DWGSeePro2013.exe
    2014-02-03 16:14 - 2014-02-03 16:12 - 00402294 _____ () C:\Users\KIP.OnscreenOffice\Downloads\SoftonicDownloader_for_free-dwg-viewer.exe
    2014-02-03 10:24 - 2014-02-03 10:23 - 00000022 _____ () C:\Users\KIP.OnscreenOffice\Downloads\filechck_7_3_6.zip
    2014-02-03 09:43 - 2014-02-03 09:43 - 01905915 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Documents.zip
    2014-01-31 15:59 - 2014-01-22 12:37 - 00015360 _____ () C:\Users\KIP.OnscreenOffice\Documents\InfoSheet.xlsx
    2014-01-31 15:36 - 2014-01-31 15:34 - 87327510 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Don’t Get Burned. Learn About New Fire Code (UL 1703) Requirements and Compliance Options 1-31-14, 11.00 AM.mov
    2014-01-31 11:02 - 2013-07-05 17:31 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\DBOX_BU
    2014-01-31 10:55 - 2014-01-31 10:55 - 00003644 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-426381243-3783371907-2229632007-1004
    2014-01-31 09:55 - 2014-01-31 09:54 - 17557408 _____ (Barnes & Noble, Inc.) C:\Users\KIP.OnscreenOffice\Downloads\bndr2_setup_latest.exe
    2014-01-31 08:37 - 2014-01-31 08:37 - 00000981 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (4).qbo
    2014-01-30 15:38 - 2014-01-30 15:38 - 00003073 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Don-t Get Burned. Learn About New Fire Code (UL 1703) Requirements and Compliance Options.ics
    2014-01-30 11:43 - 2014-01-30 11:43 - 00053248 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Bronze SD.xls
    2014-01-30 11:16 - 2014-01-30 11:16 - 00001640 _____ () C:\Users\KIP.OnscreenOffice\Downloads\BillHistory (1).csv
    2014-01-30 11:13 - 2014-01-30 11:13 - 00001149 _____ () C:\Users\KIP.OnscreenOffice\Downloads\BillHistory.csv
    2014-01-30 09:07 - 2013-07-20 09:19 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\Energy Projects
    2014-01-30 09:00 - 2013-10-15 07:39 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Citrix
    2014-01-29 21:35 - 2014-01-29 21:35 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-01-29 21:35 - 2014-01-29 21:34 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-01-29 21:35 - 2014-01-29 21:34 - 00000000 ____D () C:\Program Files\iTunes
    2014-01-29 21:35 - 2014-01-29 21:34 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-01-29 21:34 - 2014-01-29 21:34 - 00000000 ____D () C:\Program Files\iPod
    2014-01-29 12:08 - 2014-01-29 12:08 - 00000981 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (3).qbo
    2014-01-29 11:34 - 2013-08-13 15:09 - 00001966 _____ () C:\Users\Public\Desktop\Nitro Pro 8.lnk
    2014-01-29 10:11 - 2014-01-29 10:11 - 02470578 _____ () C:\Users\KIP.OnscreenOffice\Downloads\GAET (1).zip
    2014-01-28 16:02 - 2014-01-28 16:02 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Downloaded Installations
    2014-01-28 16:00 - 2014-01-28 16:00 - 10730223 _____ () C:\Users\KIP.OnscreenOffice\Downloads\1099 Misc Excel-Upload.zip
    2014-01-28 11:50 - 2014-01-28 11:50 - 00006144 _____ () C:\Users\KIP.OnscreenOffice\Downloads\DocumentListExport.xls
    2014-01-28 11:37 - 2013-12-11 03:08 - 00009285 _____ () C:\windows\IE11_main.log
    2014-01-28 11:36 - 2014-01-28 11:35 - 55915216 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\IE11-Windows6.1-x64-en-us.exe
    2014-01-28 11:36 - 2014-01-28 11:35 - 24859352 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\Windows-KB890830-x64-V5.8.exe
    2014-01-28 11:35 - 2014-01-28 11:35 - 01005568 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\dotNetFx45_Full_setup.exe
    2014-01-28 10:55 - 2014-01-28 10:55 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\ProcAlyzer Dumps
    2014-01-28 09:24 - 2013-09-04 13:31 - 00000000 ____D () C:\ProgramData\Apple
    2014-01-27 17:45 - 2014-01-27 17:45 - 00009166 _____ () C:\Users\KIP.OnscreenOffice\Desktop\PV Clients.xlsm
    2014-01-27 16:45 - 2014-01-27 16:45 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
    2014-01-27 16:43 - 2014-01-27 16:43 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-01-27 15:24 - 2014-01-27 15:23 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\KIP.OnscreenOffice\Downloads\spybot-2.2.exe
    2014-01-27 08:33 - 2014-01-27 08:27 - 07508364 _____ () C:\Users\KIP.OnscreenOffice\Downloads\CECPV4_1.msi
    2014-01-27 08:27 - 2014-01-27 08:26 - 08264704 _____ () C:\Users\KIP.OnscreenOffice\Downloads\CECPV5_0.msi
    2014-01-26 12:01 - 2014-01-26 12:01 - 00021432 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Essentials_Checking.csv
    2014-01-26 12:00 - 2014-01-26 12:00 - 00004266 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Onscreen_Business_Essentials_Checking (1).qbo
    2014-01-26 11:56 - 2013-11-12 12:24 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\Money Matters
    2014-01-24 19:03 - 2014-01-24 19:03 - 00000396 _____ () C:\Users\KIP.OnscreenOffice\Downloads\solar_estimate_leads_20140124.csv
    2014-01-23 15:31 - 2014-01-23 15:29 - 126709834 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Poseidon (Alethea Solar IV, LLC) (PJM# W2-050).zip
    2014-01-22 18:33 - 2012-12-18 17:34 - 00001057 _____ () C:\Users\Onscreen Office\Desktop\Dropbox.lnk
    2014-01-22 18:33 - 2012-12-18 17:34 - 00000000 ___RD () C:\Users\Onscreen Office\Dropbox
    2014-01-22 18:33 - 2012-12-18 17:23 - 00000000 ____D () C:\Users\Onscreen Office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2014-01-22 18:33 - 2012-12-18 17:22 - 00000000 ____D () C:\Users\Onscreen Office\AppData\Roaming\Dropbox
    2014-01-22 18:33 - 2012-04-08 05:50 - 00000000 ___RD () C:\Users\Onscreen Office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2014-01-22 09:34 - 2012-05-29 10:16 - 00000000 ____D () C:\ProgramData\Intuit
    2014-01-21 15:45 - 2014-01-21 15:45 - 00060083 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Project Contacts.xlsx
    2014-01-21 09:22 - 2014-01-21 09:22 - 00000980 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (2).qbo
    2014-01-16 15:32 - 2014-01-16 15:32 - 00312744 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00189352 _____ (Oracle Corporation) C:\windows\system32\java.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
    2014-01-16 15:32 - 2014-01-16 15:32 - 00000000 ____D () C:\Program Files\Java
    2014-01-16 14:28 - 2014-01-16 14:28 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Macromedia
    2014-01-16 09:55 - 2014-01-16 09:54 - 85923441 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Leaf Cali FIT 2013.zip
    2014-01-15 17:11 - 2014-01-15 17:11 - 00156373 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Essentials_Checking.qbo
    2014-01-15 16:11 - 2013-07-05 17:31 - 00001066 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Dropbox.lnk
    2014-01-15 16:11 - 2013-07-05 17:30 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2014-01-15 09:29 - 2012-05-17 16:27 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2014-01-15 09:28 - 2014-01-15 09:28 - 00001812 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2014-01-15 09:03 - 2014-01-15 09:02 - 29406136 _____ (SUPERAntiSpyware) C:\Users\KIP.OnscreenOffice\Downloads\SUPERAntiSpyware (2).exe
    2014-01-15 03:21 - 2009-07-13 20:45 - 00442792 _____ () C:\windows\system32\FNTCACHE.DAT
    2014-01-15 03:03 - 2013-08-02 02:00 - 00000000 ____D () C:\windows\system32\MRT
    2014-01-14 11:02 - 2013-12-30 13:57 - 00002066 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Dashlane.lnk
    2014-01-14 11:02 - 2013-12-30 13:56 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane
    2014-01-13 13:01 - 2014-01-13 13:01 - 00000980 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (1).qbo

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-02-08 00:47

    ==================== End Of Log ============================
  4. 2014-02-11, 19:21 #4
    CleanTech
    CleanTech is offline
    Member CleanTech's Avatar
    Join Date
    Jan 2014
    Posts
    35

    Default win32.androm.bmne found by ZA - unable to update Spybot Professional

    Addition log:

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 01
    Ran by KIP (administrator) on ONSCREENOFFICE on 11-02-2014 10:04:45
    Running from C:\Users\KIP.OnscreenOffice\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AMD) C:\windows\system32\atiesrxx.exe
    (AMD) C:\windows\system32\atieclxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
    () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
    () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe
    (ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
    (Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe
    (Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToMyPC\g2comm.exe
    (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
    (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
    (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
    (Nalpeiron Ltd.) C:\windows\SysWOW64\NLSSRV32.EXE
    (PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
    (Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToMyPC\g2pre.exe
    (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    (Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    (Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToMyPC\g2tray.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    () C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe
    (VIA Technologies, Inc.) C:\windows\system32\viakaraokesrv.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    (Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\Dashlane.exe
    (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    (Dropbox, Inc.) C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (SonicWALL, Inc.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\MailFrontier\mantispm.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Nitro PDF) C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
    (Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\windows\system32\prevhost.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    (Microsoft Corporation) C:\windows\splwow64.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\windows\sysWow64\SearchProtocolHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Farbar) C:\Users\KIP.OnscreenOffice\Desktop\FRST64 (1).exe


    ==================== Registry (Whitelisted) ==================

    HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [3037296 2011-05-06] (VIA)
    HKLM-x32\...\Run: [RunAIShell] - C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
    HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-28] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Intuit SyncManager] - C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2829624 2013-11-08] (Intuit Inc. All rights reserved.)
    HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2013-11-27] (LeapFrog Enterprises, Inc.)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
    HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-10-25] (Check Point Software Technologies LTD)
    HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-426381243-3783371907-2229632007-1004\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
    HKU\S-1-5-21-426381243-3783371907-2229632007-1004\...\Run: [Dashlane] - C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\Dashlane.exe [277688 2014-01-07] ()
    Startup: C:\Users\KIP.OnscreenOffice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\Onscreen Office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x836A169ED425CF01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKCU - DefaultScope {ADA593D8-66F8-4326-AEDC-98566322BAA5} URL = https://www.google.com/search?q={searchTerms}
    SearchScopes: HKCU - {ADA593D8-66F8-4326-AEDC-98566322BAA5} URL = https://www.google.com/search?q={searchTerms}
    BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll No File
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Dashlane BHO - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\ie\Dashlanei.dll (Dashlane)
    BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
    BHO-x32: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
    BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll No File
    Toolbar: HKLM-x32 - PackageTracer - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69bar.dll No File
    Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\ie\KWIEBar.dll (Dashlane)
    Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - No File
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll No File
    Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
    Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
    Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll No File
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

    FireFox:
    ========
    FF ProfilePath: C:\Users\KIP.OnscreenOffice\AppData\Roaming\Mozilla\Firefox\Profiles\84i2qbr9.default
    FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
    FF Plugin-x32: @nitropdf.com/NitroPDF.PrevVerNPR - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
    FF Plugin-x32: @PackageTracer_69.com/Plugin - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\NP69Stub.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\KIP.OnscreenOffice\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
    FF Plugin ProgramFiles/Appdata: C:\Users\KIP.OnscreenOffice\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
    FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
    FF HKLM-x32\...\Firefox\Extensions: [69ffxtbr@PackageTracer_69.com] - C:\Program Files (x86)\PackageTracer_69\bar\1.bin
    FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

    Chrome:
    =======
    CHR Extension: (Google Docs) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-05]
    CHR Extension: (Google Drive) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-05]
    CHR Extension: (YouTube) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-05]
    CHR Extension: (Google Search) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-05]
    CHR Extension: (Dashlane) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjojgglmmcghgaiknnpgjgldgaocjfd [2013-12-30]
    CHR Extension: (Google Wallet) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
    CHR Extension: (Gmail) - C:\Users\KIP.OnscreenOffice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-05]
    CHR HKCU\...\Chrome\Extension: [mkjojgglmmcghgaiknnpgjgldgaocjfd] - C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\2.3.3.52783\bin\Chrome_Extension\kwift.crx [2014-01-07]

    ==================== Services (Whitelisted) =================

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-06-28] (Advanced Micro Devices, Inc.)
    R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
    R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
    R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
    R2 Carbonite-Mirror-Image-Svc; C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe [6443072 2013-04-18] (Carbonite, Inc.)
    R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-07-24] (Nitro PDF Software)
    R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
    R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.)
    R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
    R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
    R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
    R2 UDisk Monitor; C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe [517960 2012-04-20] ()
    R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-03-29] (VIA Technologies, Inc.)
    R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2445816 2013-10-25] (Check Point Software Technologies LTD)
    R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [50704 2013-10-15] (Check Point Software Technologies, Ltd.)

    ==================== Drivers (Whitelisted) ====================

    R0 23451690; C:\Windows\System32\DRIVERS\23451690.sys [460888 2013-12-03] (Kaspersky Lab ZAO)
    R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-26] ()
    R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
    R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [46368 2013-11-20] (AVG Technologies)
    S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [128328 2012-04-20] (Incorporated)
    R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-07-17] (Kaspersky Lab ZAO)
    R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2012-01-09] (Kaspersky Lab ZAO)
    R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [489568 2013-10-09] (Kaspersky Lab ZAO)
    R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-08] (Kaspersky Lab ZAO)
    R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2012-11-15] (Kaspersky Lab)
    R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177760 2013-07-17] (Kaspersky Lab ZAO)
    R2 monblanking; C:\Windows\System32\DRIVERS\monblanking.sys [34048 2013-03-13] (Citrix Systems, Inc.)
    S3 mr97310c; C:\Windows\System32\DRIVERS\mr97310c.sys [143872 2008-03-27] (Mars Semiconductor Corp.)
    R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
    R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [454168 2013-10-23] (Check Point Software Technologies LTD)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-10-09] (Kaspersky Lab ZAO)
    U3 aswMBR; \??\C:\Users\KIP~1.ONS\AppData\Local\Temp\aswMBR.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-02-11 10:03 - 2014-02-11 10:03 - 02151424 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Desktop\FRST64 (1).exe
    2014-02-11 10:00 - 2014-02-11 10:00 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Desktop\rkill
    2014-02-11 09:59 - 2014-02-11 10:01 - 00004170 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Rkill.txt
    2014-02-11 09:59 - 2014-02-11 09:59 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill64.exe
    2014-02-11 09:58 - 2014-02-11 09:59 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill (1).exe
    2014-02-11 09:58 - 2014-02-11 09:58 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill.exe
    2014-02-10 16:38 - 2014-02-10 16:38 - 00053081 _____ () C:\Users\KIP.OnscreenOffice\Desktop\FRST2-10-14.txt
    2014-02-10 16:38 - 2014-02-10 16:38 - 00045326 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Addition2-10-14.txt
    2014-02-10 15:37 - 2014-02-10 15:37 - 00000512 _____ () C:\Users\KIP.OnscreenOffice\Desktop\MBR.dat
    2014-02-10 15:36 - 2014-02-10 15:37 - 00002508 _____ () C:\Users\KIP.OnscreenOffice\Desktop\aswMBR.txt
    2014-02-10 15:36 - 2014-02-10 15:36 - 04745728 _____ (AVAST Software) C:\Users\KIP.OnscreenOffice\Downloads\aswMBR.exe
    2014-02-10 15:35 - 2014-02-10 15:35 - 00688992 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds (2).com
    2014-02-10 15:18 - 2013-12-11 09:21 - 00000027 _____ () C:\windows\system32\Drivers\etc\hosts.20140210-151804.backup
    2014-02-10 15:16 - 2014-02-10 15:16 - 00559296 _____ (Safer-Networking Ltd. ) C:\Users\KIP.OnscreenOffice\Downloads\spybot2-license (1).exe
    2014-02-10 15:14 - 2014-02-10 15:14 - 00176332 _____ () C:\Users\KIP.OnscreenOffice\Downloads\spybot2-license.exe
    2014-02-10 11:53 - 2014-02-10 11:53 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0(2).exe
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{D68B3733-4757-43C4-B318-7F3C34511AA0}
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{B4B77F70-7975-46A8-9CD7-36EACA51FFE8}
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{5B5B485E-F7B1-4799-8D12-DCC9D158F308}
    2014-02-09 14:26 - 2014-02-09 14:26 - 00002994 _____ () C:\windows\System32\Tasks\{ADDB5998-1E29-43D8-91B7-AC3417A07022}
    2014-02-09 14:26 - 2014-02-09 14:26 - 00002994 _____ () C:\windows\System32\Tasks\{1878B3E5-12F1-4F88-BADB-C4B653D508A8}
    2014-02-09 14:16 - 2014-02-09 14:24 - 24657142 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup 27.0 (1).exe
    2014-02-09 14:07 - 2014-02-09 14:16 - 24657142 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup 27.0.exe
    2014-02-09 13:35 - 2014-02-09 13:35 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0(1).exe
    2014-02-09 13:23 - 2014-02-09 13:23 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-02-09 12:59 - 2014-02-09 12:59 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-02-09 12:59 - 2014-02-09 12:59 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Mozilla
    2014-02-09 12:58 - 2014-02-09 12:56 - 00847344 _____ (Google Inc.) C:\Users\KIP.OnscreenOffice\Downloads\ChromeSetup.exe
    2014-02-09 12:57 - 2013-02-22 13:00 - 20564496 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup 19.0.exe
    2014-02-09 12:34 - 2014-02-09 12:41 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0.exe
    2014-02-07 16:14 - 2014-02-07 16:14 - 00792600 _____ () C:\Users\KIP.OnscreenOffice\Downloads\FileOpenInstaller.exe
    2014-02-07 11:19 - 2014-02-07 11:19 - 00007611 _____ () C:\Users\KIP.OnscreenOffice\AppData\Local\Resmon.ResmonCfg
    2014-02-06 09:59 - 2014-02-06 09:59 - 00308841 _____ () C:\Users\KIP.OnscreenOffice\Desktop\TeamSpybot-20140206-095937.cab
    2014-02-06 09:42 - 2014-02-06 09:42 - 00791709 _____ () C:\Users\KIP.OnscreenOffice\Downloads\erunt-setup.exe
    2014-02-05 19:36 - 2014-02-05 19:36 - 00036405 _____ () C:\Users\KIP.OnscreenOffice\Downloads\AlphaDelta Document Index_2-3-14.xlsx
    2014-02-05 16:58 - 2014-02-05 17:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
    2014-02-04 16:08 - 2014-02-10 16:38 - 00045326 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Addition.txt
    2014-02-04 16:07 - 2014-02-11 10:05 - 00022957 _____ () C:\Users\KIP.OnscreenOffice\Desktop\FRST.txt
    2014-02-04 16:03 - 2014-02-10 16:35 - 02151424 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Desktop\FRST64.exe
    2014-02-04 16:03 - 2014-02-04 16:03 - 02080256 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Downloads\FRST64.exe
    2014-02-04 13:23 - 2014-02-04 13:23 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds (1).com
    2014-02-04 13:18 - 2014-02-04 13:18 - 00001631 _____ () C:\Users\KIP.OnscreenOffice\Desktop\v5.0 NSHP CECPV Calculator.lnk
    2014-02-04 13:18 - 2014-02-04 13:18 - 00000000 ____D () C:\CECPV50
    2014-02-04 11:53 - 2014-02-04 11:53 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Desktop\dds (1).com
    2014-02-04 11:50 - 2014-02-04 11:50 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds.com
    2014-02-03 17:42 - 2014-02-03 17:42 - 00035152 _____ () C:\Users\KIP.OnscreenOffice\Downloads\AlphaDelta Document Index_1-29-14.xlsx
    2014-02-03 16:25 - 2014-02-03 16:25 - 00000922 _____ () C:\Users\Public\Desktop\AutoDWG DWG2PDF Converter 2013.lnk
    2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\KIP~1~ONS
    2014-02-03 16:25 - 2005-10-25 19:17 - 03194880 _____ () C:\windows\SysWOW64\gsdll321.dll
    2014-02-03 16:25 - 2002-11-21 22:13 - 03907640 _____ () C:\windows\SysWOW64\gsdll32.dll
    2014-02-03 16:24 - 2014-02-03 16:24 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\AutoDWG
    2014-02-03 16:19 - 2014-02-03 16:25 - 00000000 ____D () C:\windows\SysWOW64\shxfont
    2014-02-03 16:19 - 2014-02-03 16:25 - 00000000 ____D () C:\windows\SysWOW64\ps
    2014-02-03 16:19 - 2014-02-03 16:25 - 00000000 ____D () C:\Program Files (x86)\AutoDWG
    2014-02-03 16:19 - 2014-02-03 16:19 - 00000956 _____ () C:\Users\Public\Desktop\DWGSee Pro 2013.lnk
    2014-02-03 16:19 - 2014-02-03 16:19 - 00000030 _____ () C:\windows\DWGSeePro.INI
    2014-02-03 16:15 - 2014-02-03 16:19 - 22987152 _____ (AutoDWG) C:\Users\KIP.OnscreenOffice\Downloads\DWG2PDF2013.exe
    2014-02-03 16:13 - 2014-02-03 16:16 - 20361704 _____ (Acresso Software Inc. ) C:\Users\KIP.OnscreenOffice\Downloads\DWGSeePro2013.exe
    2014-02-03 16:12 - 2014-02-03 16:14 - 00402294 _____ () C:\Users\KIP.OnscreenOffice\Downloads\SoftonicDownloader_for_free-dwg-viewer.exe
    2014-02-03 10:23 - 2014-02-03 10:24 - 00000022 _____ () C:\Users\KIP.OnscreenOffice\Downloads\filechck_7_3_6.zip
    2014-02-03 09:43 - 2014-02-03 09:43 - 01905915 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Documents.zip
    2014-01-31 15:34 - 2014-01-31 15:36 - 87327510 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Don’t Get Burned. Learn About New Fire Code (UL 1703) Requirements and Compliance Options 1-31-14, 11.00 AM.mov
    2014-01-31 10:55 - 2014-02-11 09:34 - 00000610 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-426381243-3783371907-2229632007-1004.job
    2014-01-31 10:55 - 2014-01-31 10:55 - 00003644 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-426381243-3783371907-2229632007-1004
    2014-01-31 09:54 - 2014-01-31 09:55 - 17557408 _____ (Barnes & Noble, Inc.) C:\Users\KIP.OnscreenOffice\Downloads\bndr2_setup_latest.exe
    2014-01-31 08:37 - 2014-01-31 08:37 - 00000981 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (4).qbo
    2014-01-30 15:38 - 2014-01-30 15:38 - 00003073 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Don-t Get Burned. Learn About New Fire Code (UL 1703) Requirements and Compliance Options.ics
    2014-01-30 11:43 - 2014-01-30 11:43 - 00053248 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Bronze SD.xls
    2014-01-30 11:16 - 2014-01-30 11:16 - 00001640 _____ () C:\Users\KIP.OnscreenOffice\Downloads\BillHistory (1).csv
    2014-01-30 11:13 - 2014-01-30 11:13 - 00001149 _____ () C:\Users\KIP.OnscreenOffice\Downloads\BillHistory.csv
    2014-01-29 21:35 - 2014-01-29 21:35 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-01-29 21:34 - 2014-01-29 21:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-01-29 21:34 - 2014-01-29 21:35 - 00000000 ____D () C:\Program Files\iTunes
    2014-01-29 21:34 - 2014-01-29 21:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-01-29 21:34 - 2014-01-29 21:34 - 00000000 ____D () C:\Program Files\iPod
    2014-01-29 12:08 - 2014-01-29 12:08 - 00000981 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (3).qbo
    2014-01-29 10:11 - 2014-01-29 10:11 - 02470578 _____ () C:\Users\KIP.OnscreenOffice\Downloads\GAET (1).zip
    2014-01-28 16:13 - 2014-02-09 12:31 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
    2014-01-28 16:04 - 2014-02-09 12:31 - 00000000 ____D () C:\1099 Misc - Excel Upload
    2014-01-28 16:02 - 2014-01-28 16:02 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Downloaded Installations
    2014-01-28 16:00 - 2014-01-28 16:00 - 10730223 _____ () C:\Users\KIP.OnscreenOffice\Downloads\1099 Misc Excel-Upload.zip
    2014-01-28 11:50 - 2014-01-28 11:50 - 00006144 _____ () C:\Users\KIP.OnscreenOffice\Downloads\DocumentListExport.xls
    2014-01-28 11:35 - 2014-01-28 11:36 - 55915216 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\IE11-Windows6.1-x64-en-us.exe
    2014-01-28 11:35 - 2014-01-28 11:36 - 24859352 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\Windows-KB890830-x64-V5.8.exe
    2014-01-28 11:35 - 2014-01-28 11:35 - 01005568 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\dotNetFx45_Full_setup.exe
    2014-01-28 10:55 - 2014-01-28 10:55 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\ProcAlyzer Dumps
    2014-01-27 17:45 - 2014-01-27 17:45 - 00009166 _____ () C:\Users\KIP.OnscreenOffice\Desktop\PV Clients.xlsm
    2014-01-27 16:45 - 2014-01-27 16:45 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
    2014-01-27 16:43 - 2014-02-10 15:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-01-27 16:43 - 2014-01-27 16:43 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-01-27 16:43 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
    2014-01-27 15:23 - 2014-01-27 15:24 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\KIP.OnscreenOffice\Downloads\spybot-2.2.exe
    2014-01-27 08:27 - 2014-01-27 08:33 - 07508364 _____ () C:\Users\KIP.OnscreenOffice\Downloads\CECPV4_1.msi
    2014-01-27 08:26 - 2014-01-27 08:27 - 08264704 _____ () C:\Users\KIP.OnscreenOffice\Downloads\CECPV5_0.msi
    2014-01-26 12:01 - 2014-01-26 12:01 - 00021432 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Essentials_Checking.csv
    2014-01-26 12:00 - 2014-01-26 12:00 - 00004266 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Onscreen_Business_Essentials_Checking (1).qbo
    2014-01-24 19:03 - 2014-01-24 19:03 - 00000396 _____ () C:\Users\KIP.OnscreenOffice\Downloads\solar_estimate_leads_20140124.csv
    2014-01-23 15:29 - 2014-01-23 15:31 - 126709834 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Poseidon (Alethea Solar IV, LLC) (PJM# W2-050).zip
    2014-01-22 12:37 - 2014-01-31 15:59 - 00015360 _____ () C:\Users\KIP.OnscreenOffice\Documents\InfoSheet.xlsx
    2014-01-21 15:45 - 2014-01-21 15:45 - 00060083 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Project Contacts.xlsx
    2014-01-21 09:22 - 2014-01-21 09:22 - 00000980 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (2).qbo
    2014-01-16 15:32 - 2014-01-16 15:32 - 00312744 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00189352 _____ (Oracle Corporation) C:\windows\system32\java.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
    2014-01-16 15:32 - 2014-01-16 15:32 - 00000000 ____D () C:\Program Files\Java
    2014-01-16 14:28 - 2014-01-16 14:28 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Macromedia
    2014-01-16 09:54 - 2014-01-16 09:55 - 85923441 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Leaf Cali FIT 2013.zip
    2014-01-15 17:11 - 2014-01-15 17:11 - 00156373 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Essentials_Checking.qbo
    2014-01-15 09:28 - 2014-01-15 09:28 - 00001812 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2014-01-15 09:02 - 2014-01-15 09:03 - 29406136 _____ (SUPERAntiSpyware) C:\Users\KIP.OnscreenOffice\Downloads\SUPERAntiSpyware (2).exe
    2014-01-14 21:10 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
    2014-01-14 21:10 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
    2014-01-14 21:10 - 2013-11-26 02:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2014-01-14 21:09 - 2013-11-26 03:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
    2014-01-13 13:01 - 2014-01-13 13:01 - 00000980 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (1).qbo

    ==================== One Month Modified Files and Folders =======

    2014-02-11 10:05 - 2014-02-04 16:07 - 00022957 _____ () C:\Users\KIP.OnscreenOffice\Desktop\FRST.txt
    2014-02-11 10:04 - 2013-12-10 08:20 - 00000000 ____D () C:\FRST
    2014-02-11 10:03 - 2014-02-11 10:03 - 02151424 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Desktop\FRST64 (1).exe
    2014-02-11 10:01 - 2014-02-11 09:59 - 00004170 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Rkill.txt
    2014-02-11 10:00 - 2014-02-11 10:00 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Desktop\rkill
    2014-02-11 09:59 - 2014-02-11 09:59 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill64.exe
    2014-02-11 09:59 - 2014-02-11 09:58 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill (1).exe
    2014-02-11 09:58 - 2014-02-11 09:58 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\KIP.OnscreenOffice\Downloads\rkill.exe
    2014-02-11 09:53 - 2012-05-09 08:24 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
    2014-02-11 09:37 - 2013-07-09 08:57 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\Outlook Files
    2014-02-11 09:34 - 2014-01-31 10:55 - 00000610 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-426381243-3783371907-2229632007-1004.job
    2014-02-11 09:27 - 2012-06-03 05:18 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-02-10 23:19 - 2012-04-08 05:46 - 01782614 _____ () C:\windows\WindowsUpdate.log
    2014-02-10 18:09 - 2013-07-05 17:27 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dropbox
    2014-02-10 16:38 - 2014-02-10 16:38 - 00053081 _____ () C:\Users\KIP.OnscreenOffice\Desktop\FRST2-10-14.txt
    2014-02-10 16:38 - 2014-02-10 16:38 - 00045326 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Addition2-10-14.txt
    2014-02-10 16:38 - 2014-02-04 16:08 - 00045326 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Addition.txt
    2014-02-10 16:35 - 2014-02-04 16:03 - 02151424 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Desktop\FRST64.exe
    2014-02-10 16:35 - 2013-12-11 08:36 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Desktop\FRST-OlderVersion
    2014-02-10 15:37 - 2014-02-10 15:37 - 00000512 _____ () C:\Users\KIP.OnscreenOffice\Desktop\MBR.dat
    2014-02-10 15:37 - 2014-02-10 15:36 - 00002508 _____ () C:\Users\KIP.OnscreenOffice\Desktop\aswMBR.txt
    2014-02-10 15:36 - 2014-02-10 15:36 - 04745728 _____ (AVAST Software) C:\Users\KIP.OnscreenOffice\Downloads\aswMBR.exe
    2014-02-10 15:35 - 2014-02-10 15:35 - 00688992 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds (2).com
    2014-02-10 15:27 - 2012-06-03 05:17 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-02-10 15:20 - 2014-01-27 16:43 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-02-10 15:16 - 2014-02-10 15:16 - 00559296 _____ (Safer-Networking Ltd. ) C:\Users\KIP.OnscreenOffice\Downloads\spybot2-license (1).exe
    2014-02-10 15:14 - 2014-02-10 15:14 - 00176332 _____ () C:\Users\KIP.OnscreenOffice\Downloads\spybot2-license.exe
    2014-02-10 11:59 - 2013-06-28 14:02 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-02-10 11:53 - 2014-02-10 11:53 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0(2).exe
    2014-02-10 11:53 - 2013-12-02 09:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-02-09 16:19 - 2013-07-05 17:31 - 00000000 ___RD () C:\Users\KIP.OnscreenOffice\Dropbox
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{D68B3733-4757-43C4-B318-7F3C34511AA0}
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{B4B77F70-7975-46A8-9CD7-36EACA51FFE8}
    2014-02-09 14:27 - 2014-02-09 14:27 - 00002994 _____ () C:\windows\System32\Tasks\{5B5B485E-F7B1-4799-8D12-DCC9D158F308}
    2014-02-09 14:26 - 2014-02-09 14:26 - 00002994 _____ () C:\windows\System32\Tasks\{ADDB5998-1E29-43D8-91B7-AC3417A07022}
    2014-02-09 14:26 - 2014-02-09 14:26 - 00002994 _____ () C:\windows\System32\Tasks\{1878B3E5-12F1-4F88-BADB-C4B653D508A8}
    2014-02-09 14:24 - 2014-02-09 14:16 - 24657142 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup 27.0 (1).exe
    2014-02-09 14:16 - 2014-02-09 14:07 - 24657142 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup 27.0.exe
    2014-02-09 13:35 - 2014-02-09 13:35 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0(1).exe
    2014-02-09 13:23 - 2014-02-09 13:23 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-02-09 13:23 - 2012-06-03 05:17 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-02-09 12:59 - 2014-02-09 12:59 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-02-09 12:59 - 2014-02-09 12:59 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Mozilla
    2014-02-09 12:59 - 2013-07-08 14:24 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Mozilla
    2014-02-09 12:59 - 2013-07-08 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-02-09 12:57 - 2013-12-30 12:08 - 00008409 ____H () C:\windows\SysWOW64\BTImages.dat
    2014-02-09 12:56 - 2014-02-09 12:58 - 00847344 _____ (Google Inc.) C:\Users\KIP.OnscreenOffice\Downloads\ChromeSetup.exe
    2014-02-09 12:41 - 2014-02-09 12:34 - 00282960 _____ (Mozilla) C:\Users\KIP.OnscreenOffice\Downloads\Firefox Setup Stub 27.0.exe
    2014-02-09 12:36 - 2013-12-10 15:01 - 00000000 ____D () C:\Program Files (x86)\Constant Contact
    2014-02-09 12:31 - 2014-01-28 16:13 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
    2014-02-09 12:31 - 2014-01-28 16:04 - 00000000 ____D () C:\1099 Misc - Excel Upload
    2014-02-09 12:29 - 2013-12-02 18:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
    2014-02-09 12:23 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\NDF
    2014-02-07 16:14 - 2014-02-07 16:14 - 00792600 _____ () C:\Users\KIP.OnscreenOffice\Downloads\FileOpenInstaller.exe
    2014-02-07 13:17 - 2009-07-13 20:45 - 00016976 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-02-07 13:17 - 2009-07-13 20:45 - 00016976 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-02-07 13:08 - 2009-07-13 21:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2014-02-07 13:07 - 2013-07-01 18:33 - 00016391 _____ () C:\windows\setupact.log
    2014-02-07 11:45 - 2009-07-13 21:13 - 00802218 _____ () C:\windows\system32\PerfStringBackup.INI
    2014-02-07 11:19 - 2014-02-07 11:19 - 00007611 _____ () C:\Users\KIP.OnscreenOffice\AppData\Local\Resmon.ResmonCfg
    2014-02-06 17:37 - 2013-07-01 18:33 - 00285228 _____ () C:\windows\PFRO.log
    2014-02-06 09:59 - 2014-02-06 09:59 - 00308841 _____ () C:\Users\KIP.OnscreenOffice\Desktop\TeamSpybot-20140206-095937.cab
    2014-02-06 09:42 - 2014-02-06 09:42 - 00791709 _____ () C:\Users\KIP.OnscreenOffice\Downloads\erunt-setup.exe
    2014-02-05 19:36 - 2014-02-05 19:36 - 00036405 _____ () C:\Users\KIP.OnscreenOffice\Downloads\AlphaDelta Document Index_2-3-14.xlsx
    2014-02-05 17:04 - 2014-02-05 16:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
    2014-02-04 18:53 - 2012-05-09 08:24 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2014-02-04 18:53 - 2012-05-09 08:24 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
    2014-02-04 18:53 - 2011-11-16 15:34 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-02-04 16:03 - 2014-02-04 16:03 - 02080256 _____ (Farbar) C:\Users\KIP.OnscreenOffice\Downloads\FRST64.exe
    2014-02-04 13:23 - 2014-02-04 13:23 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds (1).com
    2014-02-04 13:18 - 2014-02-04 13:18 - 00001631 _____ () C:\Users\KIP.OnscreenOffice\Desktop\v5.0 NSHP CECPV Calculator.lnk
    2014-02-04 13:18 - 2014-02-04 13:18 - 00000000 ____D () C:\CECPV50
    2014-02-04 13:02 - 2013-07-12 11:37 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Nitro PDF
    2014-02-04 11:53 - 2014-02-04 11:53 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Desktop\dds (1).com
    2014-02-04 11:50 - 2014-02-04 11:50 - 00689196 _____ () C:\Users\KIP.OnscreenOffice\Downloads\dds.com
    2014-02-04 09:38 - 2013-12-26 17:38 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\Onscreen
    2014-02-04 09:38 - 2013-08-24 16:41 - 00000000 ____D () C:\windows\pss
    2014-02-04 09:38 - 2013-07-05 17:23 - 00000000 ___RD () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2014-02-03 17:42 - 2014-02-03 17:42 - 00035152 _____ () C:\Users\KIP.OnscreenOffice\Downloads\AlphaDelta Document Index_1-29-14.xlsx
    2014-02-03 16:25 - 2014-02-03 16:25 - 00000922 _____ () C:\Users\Public\Desktop\AutoDWG DWG2PDF Converter 2013.lnk
    2014-02-03 16:25 - 2014-02-03 16:25 - 00000000 ____D () C:\Users\KIP~1~ONS
    2014-02-03 16:25 - 2014-02-03 16:19 - 00000000 ____D () C:\windows\SysWOW64\shxfont
    2014-02-03 16:25 - 2014-02-03 16:19 - 00000000 ____D () C:\windows\SysWOW64\ps
    2014-02-03 16:25 - 2014-02-03 16:19 - 00000000 ____D () C:\Program Files (x86)\AutoDWG
    2014-02-03 16:25 - 2011-11-16 15:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-02-03 16:24 - 2014-02-03 16:24 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\AutoDWG
    2014-02-03 16:19 - 2014-02-03 16:19 - 00000956 _____ () C:\Users\Public\Desktop\DWGSee Pro 2013.lnk
    2014-02-03 16:19 - 2014-02-03 16:19 - 00000030 _____ () C:\windows\DWGSeePro.INI
    2014-02-03 16:19 - 2014-02-03 16:15 - 22987152 _____ (AutoDWG) C:\Users\KIP.OnscreenOffice\Downloads\DWG2PDF2013.exe
    2014-02-03 16:16 - 2014-02-03 16:13 - 20361704 _____ (Acresso Software Inc. ) C:\Users\KIP.OnscreenOffice\Downloads\DWGSeePro2013.exe
    2014-02-03 16:14 - 2014-02-03 16:12 - 00402294 _____ () C:\Users\KIP.OnscreenOffice\Downloads\SoftonicDownloader_for_free-dwg-viewer.exe
    2014-02-03 10:24 - 2014-02-03 10:23 - 00000022 _____ () C:\Users\KIP.OnscreenOffice\Downloads\filechck_7_3_6.zip
    2014-02-03 09:43 - 2014-02-03 09:43 - 01905915 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Documents.zip
    2014-01-31 15:59 - 2014-01-22 12:37 - 00015360 _____ () C:\Users\KIP.OnscreenOffice\Documents\InfoSheet.xlsx
    2014-01-31 15:36 - 2014-01-31 15:34 - 87327510 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Don’t Get Burned. Learn About New Fire Code (UL 1703) Requirements and Compliance Options 1-31-14, 11.00 AM.mov
    2014-01-31 11:02 - 2013-07-05 17:31 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\DBOX_BU
    2014-01-31 10:55 - 2014-01-31 10:55 - 00003644 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-426381243-3783371907-2229632007-1004
    2014-01-31 09:55 - 2014-01-31 09:54 - 17557408 _____ (Barnes & Noble, Inc.) C:\Users\KIP.OnscreenOffice\Downloads\bndr2_setup_latest.exe
    2014-01-31 08:37 - 2014-01-31 08:37 - 00000981 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (4).qbo
    2014-01-30 15:38 - 2014-01-30 15:38 - 00003073 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Don-t Get Burned. Learn About New Fire Code (UL 1703) Requirements and Compliance Options.ics
    2014-01-30 11:43 - 2014-01-30 11:43 - 00053248 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Bronze SD.xls
    2014-01-30 11:16 - 2014-01-30 11:16 - 00001640 _____ () C:\Users\KIP.OnscreenOffice\Downloads\BillHistory (1).csv
    2014-01-30 11:13 - 2014-01-30 11:13 - 00001149 _____ () C:\Users\KIP.OnscreenOffice\Downloads\BillHistory.csv
    2014-01-30 09:07 - 2013-07-20 09:19 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\Energy Projects
    2014-01-30 09:00 - 2013-10-15 07:39 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Citrix
    2014-01-29 21:35 - 2014-01-29 21:35 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-01-29 21:35 - 2014-01-29 21:34 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-01-29 21:35 - 2014-01-29 21:34 - 00000000 ____D () C:\Program Files\iTunes
    2014-01-29 21:35 - 2014-01-29 21:34 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-01-29 21:34 - 2014-01-29 21:34 - 00000000 ____D () C:\Program Files\iPod
    2014-01-29 12:08 - 2014-01-29 12:08 - 00000981 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (3).qbo
    2014-01-29 11:34 - 2013-08-13 15:09 - 00001966 _____ () C:\Users\Public\Desktop\Nitro Pro 8.lnk
    2014-01-29 10:11 - 2014-01-29 10:11 - 02470578 _____ () C:\Users\KIP.OnscreenOffice\Downloads\GAET (1).zip
    2014-01-28 16:02 - 2014-01-28 16:02 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Downloaded Installations
    2014-01-28 16:00 - 2014-01-28 16:00 - 10730223 _____ () C:\Users\KIP.OnscreenOffice\Downloads\1099 Misc Excel-Upload.zip
    2014-01-28 11:50 - 2014-01-28 11:50 - 00006144 _____ () C:\Users\KIP.OnscreenOffice\Downloads\DocumentListExport.xls
    2014-01-28 11:37 - 2013-12-11 03:08 - 00009285 _____ () C:\windows\IE11_main.log
    2014-01-28 11:36 - 2014-01-28 11:35 - 55915216 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\IE11-Windows6.1-x64-en-us.exe
    2014-01-28 11:36 - 2014-01-28 11:35 - 24859352 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\Windows-KB890830-x64-V5.8.exe
    2014-01-28 11:35 - 2014-01-28 11:35 - 01005568 _____ (Microsoft Corporation) C:\Users\KIP.OnscreenOffice\Downloads\dotNetFx45_Full_setup.exe
    2014-01-28 10:55 - 2014-01-28 10:55 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\ProcAlyzer Dumps
    2014-01-28 09:24 - 2013-09-04 13:31 - 00000000 ____D () C:\ProgramData\Apple
    2014-01-27 17:45 - 2014-01-27 17:45 - 00009166 _____ () C:\Users\KIP.OnscreenOffice\Desktop\PV Clients.xlsm
    2014-01-27 16:45 - 2014-01-27 16:45 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
    2014-01-27 16:43 - 2014-01-27 16:43 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-01-27 15:24 - 2014-01-27 15:23 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\KIP.OnscreenOffice\Downloads\spybot-2.2.exe
    2014-01-27 08:33 - 2014-01-27 08:27 - 07508364 _____ () C:\Users\KIP.OnscreenOffice\Downloads\CECPV4_1.msi
    2014-01-27 08:27 - 2014-01-27 08:26 - 08264704 _____ () C:\Users\KIP.OnscreenOffice\Downloads\CECPV5_0.msi
    2014-01-26 12:01 - 2014-01-26 12:01 - 00021432 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Essentials_Checking.csv
    2014-01-26 12:00 - 2014-01-26 12:00 - 00004266 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Onscreen_Business_Essentials_Checking (1).qbo
    2014-01-26 11:56 - 2013-11-12 12:24 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\Documents\Money Matters
    2014-01-24 19:03 - 2014-01-24 19:03 - 00000396 _____ () C:\Users\KIP.OnscreenOffice\Downloads\solar_estimate_leads_20140124.csv
    2014-01-23 15:31 - 2014-01-23 15:29 - 126709834 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Poseidon (Alethea Solar IV, LLC) (PJM# W2-050).zip
    2014-01-22 18:33 - 2012-12-18 17:34 - 00001057 _____ () C:\Users\Onscreen Office\Desktop\Dropbox.lnk
    2014-01-22 18:33 - 2012-12-18 17:34 - 00000000 ___RD () C:\Users\Onscreen Office\Dropbox
    2014-01-22 18:33 - 2012-12-18 17:23 - 00000000 ____D () C:\Users\Onscreen Office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2014-01-22 18:33 - 2012-12-18 17:22 - 00000000 ____D () C:\Users\Onscreen Office\AppData\Roaming\Dropbox
    2014-01-22 18:33 - 2012-04-08 05:50 - 00000000 ___RD () C:\Users\Onscreen Office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2014-01-22 09:34 - 2012-05-29 10:16 - 00000000 ____D () C:\ProgramData\Intuit
    2014-01-21 15:45 - 2014-01-21 15:45 - 00060083 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Project Contacts.xlsx
    2014-01-21 09:22 - 2014-01-21 09:22 - 00000980 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (2).qbo
    2014-01-16 15:32 - 2014-01-16 15:32 - 00312744 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00189352 _____ (Oracle Corporation) C:\windows\system32\java.exe
    2014-01-16 15:32 - 2014-01-16 15:32 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
    2014-01-16 15:32 - 2014-01-16 15:32 - 00000000 ____D () C:\Program Files\Java
    2014-01-16 14:28 - 2014-01-16 14:28 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Local\Macromedia
    2014-01-16 09:55 - 2014-01-16 09:54 - 85923441 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Leaf Cali FIT 2013.zip
    2014-01-15 17:11 - 2014-01-15 17:11 - 00156373 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Essentials_Checking.qbo
    2014-01-15 16:11 - 2013-07-05 17:31 - 00001066 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Dropbox.lnk
    2014-01-15 16:11 - 2013-07-05 17:30 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2014-01-15 09:29 - 2012-05-17 16:27 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2014-01-15 09:28 - 2014-01-15 09:28 - 00001812 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2014-01-15 09:03 - 2014-01-15 09:02 - 29406136 _____ (SUPERAntiSpyware) C:\Users\KIP.OnscreenOffice\Downloads\SUPERAntiSpyware (2).exe
    2014-01-15 03:21 - 2009-07-13 20:45 - 00442792 _____ () C:\windows\system32\FNTCACHE.DAT
    2014-01-15 03:03 - 2013-08-02 02:00 - 00000000 ____D () C:\windows\system32\MRT
    2014-01-14 11:02 - 2013-12-30 13:57 - 00002066 _____ () C:\Users\KIP.OnscreenOffice\Desktop\Dashlane.lnk
    2014-01-14 11:02 - 2013-12-30 13:56 - 00000000 ____D () C:\Users\KIP.OnscreenOffice\AppData\Roaming\Dashlane
    2014-01-13 13:01 - 2014-01-13 13:01 - 00000980 _____ () C:\Users\KIP.OnscreenOffice\Downloads\Business_Savings (1).qbo

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-02-08 00:47

    ==================== End Of Log ============================
  5. 2014-02-11, 21:02 #5
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    win32.androm.bmne found by ZA <-- can you open the program and locate which file this refers to?



    Did you run ComboFix?
    I would like to see the log it produces and would like to see the items removed.
    How about c:\Combofix\combofix.txt <-- is it here?
    C:\qoobox\quarantined_files.txt <-- is this file present? If so -- please post its contents.

    ***********************

    Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

    start
    BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll No File
    Toolbar: HKLM-x32 - PackageTracer - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69bar.dll No File
    Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - No File
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll No File
    Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll No File
    FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    U3 aswMBR; \??\C:\Users\KIP~1.ONS\AppData\Local\Temp\aswMBR.sys [X]
    end
    Run FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system


    *****************************

    -AdwCleaner-by Xplode

    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

    Do not click on any links in the top Advertisment.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan.
    • After the scan is complete click on "Clean"
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.


    ~~~~~~~~~~~

    In your next reply please post
    Fixlog.txt
    C:\AdwCleaner[S1].txt
    JRT.txt

    May need to make multiple post
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
  6. 2014-02-12, 00:06 #6
    CleanTech
    CleanTech is offline
    Member CleanTech's Avatar
    Join Date
    Jan 2014
    Posts
    35

    Default win32.androm.bmne found by ZA - unable to update Spybot Professional

    Combofix log - Part 1

    ComboFix 14-02-11.01 - KIP 02/11/2014 14:35:40.4.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7657.4543 [GMT -8:00]
    Running from: c:\users\KIP.OnscreenOffice\Desktop\ComboFix.exe
    AV: Spybot - Search and Destroy *Disabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
    FW: ZoneAlarm Extreme Security Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
    SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: ZoneAlarm Extreme Security Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10600AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10600CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10600CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10600CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10600CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10816AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10816CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10816CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10816CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10816CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\13520AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\13520CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\13520CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\13520CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\13520CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2372AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2372CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2372CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2372CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2372CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2536AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2536CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2536CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2536CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2536CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2620CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2620CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2620CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2620CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2860AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2860CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2860CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2860CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2860CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4436AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4436CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4436CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4436CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4436CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4492AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4492CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4492CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4492CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4492CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5124AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5124CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5124CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5124CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5124CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5144AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5144CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5144CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5144CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5144CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5212AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5212CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5212CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5212CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5212CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5404AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5404CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5404CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5404CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5404CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5444AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5444CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5444CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5444CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5444CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5476AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5476CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5476CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5476CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5476CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5704AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5704CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5704CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5704CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5704CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6332AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6332CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6332CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6332CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6332CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6952AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6952CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6952CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6952CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6952CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7388AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7388CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7388CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7388CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7388CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7560AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7560CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7560CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7560CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7560CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\8872AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\8872CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\8872CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\8872CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\8872CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9136AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9136CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9136CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9136CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9136CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9296CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9296CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9296CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9296CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9812AccountantCenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9812CleanTech20130630pffcenter.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9812CleanTech20130630reviewDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9812CleanTech20130630reviewNotesPopUp.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9812CleanTech20130630taskNotesDialog.html
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\ac.css
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\ac.js
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\close_pop.png
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\jq.css
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\jquery.corner.js
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\jquery.min.js
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\mootools.svn.js
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\pffCenter.css
    c:\users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\pffCenter.js
    c:\users\KIP.OnscreenOffice\Documents\~WRL1149.tmp
    .
    .
    ((((((((((((((((((((((((( Files Created from 2014-01-11 to 2014-02-11 )))))))))))))))))))))))))))))))
    .
    .
    2014-02-11 22:42 . 2014-02-11 22:42 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
    2014-02-11 22:42 . 2014-02-11 22:42 -------- d-----w- c:\users\Public\AppData\Local\temp
    2014-02-11 22:42 . 2014-02-11 22:42 -------- d-----w- c:\users\KIP\AppData\Local\temp
    2014-02-11 22:42 . 2014-02-11 22:42 -------- d-----w- c:\users\Default\AppData\Local\temp
    2014-02-11 18:08 . 2014-02-11 18:08 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DDF5D5D4-65D4-40F3-A84D-D1231BE4B2CA}\offreg.dll
    2014-02-11 07:18 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DDF5D5D4-65D4-40F3-A84D-D1231BE4B2CA}\mpengine.dll
    2014-02-06 00:58 . 2014-02-06 01:04 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
    2014-02-04 21:18 . 2014-02-04 21:18 -------- d-----w- C:\CECPV50
    2014-02-04 00:25 . 2005-10-26 03:17 3194880 ----a-w- c:\windows\SysWow64\gsdll321.dll
    2014-02-04 00:25 . 2002-11-22 06:13 3907640 ----a-w- c:\windows\SysWow64\gsdll32.dll
    2014-02-04 00:25 . 2014-02-04 00:25 -------- d-----w- c:\users\KIP~1~ONS
    2014-02-04 00:24 . 2014-02-04 00:24 -------- d-----w- c:\users\KIP.OnscreenOffice\AppData\Roaming\AutoDWG
    2014-02-04 00:19 . 2014-02-04 00:25 -------- d-----w- c:\windows\SysWow64\shxfont
    2014-02-04 00:19 . 2014-02-04 00:25 -------- d-----w- c:\windows\SysWow64\ps
    2014-02-04 00:19 . 2014-02-04 00:25 -------- d-----w- c:\program files (x86)\AutoDWG
    2014-02-03 22:50 . 2014-02-04 02:03 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
    2014-01-30 05:34 . 2014-01-30 05:35 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-01-30 05:34 . 2014-01-30 05:35 -------- d-----w- c:\program files\iTunes
    2014-01-30 05:34 . 2014-01-30 05:35 -------- d-----w- c:\program files (x86)\iTunes
    2014-01-30 05:34 . 2014-01-30 05:34 -------- d-----w- c:\program files\iPod
    2014-01-29 00:13 . 2014-02-09 20:31 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
    2014-01-29 00:04 . 2014-02-09 20:31 -------- d-----w- C:\1099 Misc - Excel Upload
    2014-01-29 00:02 . 2014-01-29 00:02 -------- d-----w- c:\users\KIP.OnscreenOffice\AppData\Local\Downloaded Installations
    2014-01-28 00:43 . 2013-09-20 18:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
    2014-01-28 00:43 . 2014-02-10 23:20 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
    2014-01-16 23:32 . 2014-01-16 23:32 312744 ----a-w- c:\windows\system32\javaws.exe
    2014-01-16 23:32 . 2014-01-16 23:32 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
    2014-01-16 23:32 . 2014-01-16 23:32 189352 ----a-w- c:\windows\system32\javaw.exe
    2014-01-16 23:32 . 2014-01-16 23:32 189352 ----a-w- c:\windows\system32\java.exe
    2014-01-16 23:32 . 2014-01-16 23:32 -------- d-----w- c:\program files\Java
    2014-01-16 22:28 . 2014-01-16 22:28 -------- d-----w- c:\users\KIP.OnscreenOffice\AppData\Local\Macromedia
    2014-01-15 05:10 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
    2014-01-15 05:10 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
    2014-01-15 05:10 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
    2014-01-15 05:10 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
    2014-01-15 05:10 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
    2014-01-15 05:10 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
    2014-01-15 05:10 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
    2014-01-15 05:10 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
    2014-01-15 05:09 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-02-05 02:53 . 2012-05-09 16:24 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2014-02-05 02:53 . 2011-11-16 23:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-02-04 03:40 . 2012-11-14 23:44 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2014-01-07 00:20 . 2012-06-20 01:11 86054176 ----a-w- c:\windows\system32\MRT.exe
    2013-12-18 14:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
    2013-12-11 11:10 . 2013-12-11 11:10 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
    2013-12-11 11:10 . 2013-12-11 11:10 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
    2013-12-11 11:10 . 2013-12-11 11:10 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2013-12-11 11:10 . 2013-12-11 11:10 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
    2013-12-11 11:10 . 2013-12-11 11:10 235008 ----a-w- c:\windows\system32\elshyph.dll
    2013-12-11 11:10 . 2013-12-11 11:10 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
    2013-12-11 11:10 . 2013-12-11 11:10 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
    2013-12-11 11:10 . 2013-12-11 11:10 337408 ----a-w- c:\windows\SysWow64\html.iec
    2013-12-11 11:10 . 2013-12-11 11:10 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2013-12-11 11:10 . 2013-12-11 11:10 182272 ----a-w- c:\windows\SysWow64\msls31.dll
    2013-12-11 11:10 . 2013-12-11 11:10 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2013-12-11 11:10 . 2013-12-11 11:10 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
    2013-12-11 11:10 . 2013-12-11 11:10 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
    2013-12-11 11:10 . 2013-12-11 11:10 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
    2013-12-11 11:10 . 2013-12-11 11:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
    2013-12-11 11:10 . 2013-12-11 11:10 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
    2013-12-11 11:10 . 2013-12-11 11:10 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
    2013-12-11 11:10 . 2013-12-11 11:10 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
    2013-12-11 11:10 . 2013-12-11 11:10 139264 ----a-w- c:\windows\SysWow64\wextract.exe
    2013-12-11 11:10 . 2013-12-11 11:10 13312 ----a-w- c:\windows\SysWow64\mshta.exe
    2013-12-11 11:10 . 2013-12-11 11:10 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
    2013-12-11 11:10 . 2013-12-11 11:10 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
    2013-12-11 11:10 . 2013-12-11 11:10 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
    2013-12-11 11:10 . 2013-12-11 11:10 942592 ----a-w- c:\windows\system32\jsIntl.dll
    2013-12-11 11:10 . 2013-12-11 11:10 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2013-12-11 11:10 . 2013-12-11 11:10 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2013-12-11 11:10 . 2013-12-11 11:10 247808 ----a-w- c:\windows\system32\msls31.dll
    2013-12-11 11:10 . 2013-12-11 11:10 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2013-12-11 11:10 . 2013-12-11 11:10 77312 ----a-w- c:\windows\system32\tdc.ocx
    2013-12-11 11:10 . 2013-12-11 11:10 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
    2013-12-11 11:10 . 2013-12-11 11:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2013-12-11 11:10 . 2013-12-11 11:10 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
    2013-12-11 11:10 . 2013-12-11 11:10 195584 ----a-w- c:\windows\system32\msrating.dll
    2013-12-11 11:10 . 2013-12-11 11:10 13312 ----a-w- c:\windows\system32\msfeedssync.exe
    2013-12-11 11:10 . 2013-12-11 11:10 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
    2013-12-11 11:10 . 2013-12-11 11:10 105984 ----a-w- c:\windows\system32\iesysprep.dll
    2013-12-11 11:10 . 2013-12-11 11:10 84992 ----a-w- c:\windows\system32\mshtmled.dll
    2013-12-11 11:10 . 2013-12-11 11:10 81408 ----a-w- c:\windows\system32\icardie.dll
    2013-12-11 11:10 . 2013-12-11 11:10 626176 ----a-w- c:\windows\system32\msfeeds.dll
    2013-12-11 11:10 . 2013-12-11 11:10 616104 ----a-w- c:\windows\system32\ieapfltr.dat
    2013-12-11 11:10 . 2013-12-11 11:10 453120 ----a-w- c:\windows\system32\dxtmsft.dll
    2013-12-11 11:10 . 2013-12-11 11:10 413696 ----a-w- c:\windows\system32\html.iec
    2013-12-11 11:10 . 2013-12-11 11:10 30208 ----a-w- c:\windows\system32\licmgr10.dll
    2013-12-11 11:10 . 2013-12-11 11:10 296960 ----a-w- c:\windows\system32\dxtrans.dll
    2013-12-11 11:10 . 2013-12-11 11:10 263376 ----a-w- c:\windows\system32\iedkcs32.dll
    2013-12-11 11:10 . 2013-12-11 11:10 243200 ----a-w- c:\windows\system32\webcheck.dll
    2013-12-11 11:10 . 2013-12-11 11:10 235520 ----a-w- c:\windows\system32\url.dll
    2013-12-11 11:10 . 2013-12-11 11:10 167424 ----a-w- c:\windows\system32\iexpress.exe
    2013-12-11 11:10 . 2013-12-11 11:10 143872 ----a-w- c:\windows\system32\wextract.exe
    2013-12-11 11:10 . 2013-12-11 11:10 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
    2013-12-11 11:10 . 2013-12-11 11:10 101376 ----a-w- c:\windows\system32\inseng.dll
    2013-12-11 11:10 . 2013-12-11 11:10 548352 ----a-w- c:\windows\system32\vbscript.dll
    2013-12-11 11:10 . 2013-12-11 11:10 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
    2013-12-11 11:10 . 2013-12-11 11:10 774144 ----a-w- c:\windows\system32\jscript.dll
    2013-12-11 11:10 . 2013-12-11 11:10 62464 ----a-w- c:\windows\system32\pngfilt.dll
    2013-12-11 11:10 . 2013-12-11 11:10 48128 ----a-w- c:\windows\system32\imgutil.dll
    2013-12-11 11:10 . 2013-12-11 11:10 147968 ----a-w- c:\windows\system32\occache.dll
    2013-12-11 11:10 . 2013-12-11 11:10 13824 ----a-w- c:\windows\system32\mshta.exe
    2013-12-11 11:10 . 2013-12-11 11:10 135680 ----a-w- c:\windows\system32\iepeers.dll
    2013-12-03 13:34 . 2013-12-03 02:15 460888 ----a-w- c:\windows\system32\drivers\23451690.sys
    2013-11-26 11:54 . 2013-12-12 11:00 23183360 ----a-w- c:\windows\system32\mshtml.dll
    2013-11-26 10:19 . 2013-12-12 11:00 2724864 ----a-w- c:\windows\system32\mshtml.tlb
    2013-11-26 10:18 . 2013-12-12 11:00 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
    2013-11-26 09:48 . 2013-12-12 11:00 66048 ----a-w- c:\windows\system32\iesetup.dll
    2013-11-26 09:46 . 2013-12-12 11:00 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
    2013-11-26 09:41 . 2013-12-12 11:00 2764288 ----a-w- c:\windows\system32\iertutil.dll
    2013-11-26 09:29 . 2013-12-12 11:00 53760 ----a-w- c:\windows\system32\jsproxy.dll
    2013-11-26 09:27 . 2013-12-12 11:00 33792 ----a-w- c:\windows\system32\iernonce.dll
    2013-11-26 09:23 . 2013-12-12 11:00 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2013-11-26 09:21 . 2013-12-12 11:00 574976 ----a-w- c:\windows\system32\ieui.dll
    2013-11-26 09:18 . 2013-12-12 11:00 139264 ----a-w- c:\windows\system32\ieUnatt.exe
    2013-11-26 09:18 . 2013-12-12 11:00 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
    2013-11-26 09:16 . 2013-12-12 11:00 708608 ----a-w- c:\windows\system32\jscript9diag.dll
    2013-11-26 08:57 . 2013-12-12 11:00 218624 ----a-w- c:\windows\system32\ie4uinit.exe
    2013-11-26 08:35 . 2013-12-12 11:00 5769216 ----a-w- c:\windows\system32\jscript9.dll
    2013-11-26 08:28 . 2013-12-12 11:00 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
    2013-11-26 08:16 . 2013-12-12 11:00 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
    2013-11-26 08:02 . 2013-12-12 11:00 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-11-26 07:48 . 2013-12-12 11:00 12996608 ----a-w- c:\windows\system32\ieframe.dll
    2013-11-26 07:32 . 2013-12-12 11:00 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2013-11-26 07:07 . 2013-12-12 11:00 2334208 ----a-w- c:\windows\system32\wininet.dll
    2013-11-26 06:40 . 2013-12-12 11:00 1395200 ----a-w- c:\windows\system32\urlmon.dll
    2013-11-26 06:34 . 2013-12-12 11:00 817664 ----a-w- c:\windows\system32\ieapfltr.dll
    2013-11-26 06:33 . 2013-12-12 11:00 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
    2013-11-23 18:26 . 2013-12-11 08:59 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
    2013-11-23 17:47 . 2013-12-11 08:59 465920 ----a-w- c:\windows\system32\WMPhoto.dll
    2013-11-20 17:50 . 2013-07-08 12:55 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{ff343558-d5a5-454a-bdd8-c5c81e179fed}"= "c:\program files (x86)\PackageTracer_69\bar\1.bin\69bar.dll" [BU]
    .
    [HKEY_CLASSES_ROOT\clsid\{ff343558-d5a5-454a-bdd8-c5c81e179fed}]
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
    @="{95A27763-F62A-4114-9072-E81D87DE3B68}"
    [HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
    2013-06-13 16:37 1020936 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
    @="{E300CD91-100F-4E67-9AF3-1384A6124015}"
    [HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
    2013-06-13 16:37 1020936 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
    @="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
    [HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
    2013-06-13 16:37 1020936 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2013-09-11 02:09 131248 ----a-w- c:\users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2013-09-11 02:09 131248 ----a-w- c:\users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2013-09-11 02:09 131248 ----a-w- c:\users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-06 6563608]
    "Dashlane"="c:\users\KIP.OnscreenOffice\AppData\Roaming\Dashlane\Dashlane.exe" [2014-01-07 277688]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-05-06 3037296]
    "RunAIShell"="c:\program files (x86)\ASUS\AI Manager\AsShellApplication.exe" [2009-12-23 232064]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-29 336384]
    "Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2013-11-08 2829624]
    "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2013-11-27 106496]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
    "ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-10-26 73832]
    "SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
    .
    c:\users\Onscreen Office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-2 30714328]
    .
    c:\users\KIP.OnscreenOffice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\KIP.OnscreenOffice\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-2 30714328]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-11-16 549040]
    Intuit Data Protect.lnk - c:\program files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe /Startup [2013-11-8 6282040]
    QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2013-11-8 1176904]
    QuickBooks_Standard_21.lnk - c:\program files (x86)\Intuit\QuickBooks 2012\QBW32.EXE -silent [2013-11-8 1182024]
    Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-11-4 565464]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
  7. 2014-02-12, 00:07 #7
    CleanTech
    CleanTech is offline
    Member CleanTech's Avatar
    Join Date
    Jan 2014
    Posts
    35

    Default win32.androm.bmne found by ZA - unable to update Spybot Professional

    Combofix log - Part 2:

    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
    R2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [x]
    R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
    R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
    R3 Generalusbserialser20675;USB Legacy Serial Communication 20675;c:\windows\system32\DRIVERS\CT_U_USBSER.sys;c:\windows\SYSNATIVE\DRIVERS\CT_U_USBSER.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 mr97310c;CIF Dual-Mode Camera;c:\windows\system32\DRIVERS\mr97310c.sys;c:\windows\SYSNATIVE\DRIVERS\mr97310c.sys [x]
    R3 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys;c:\windows\SYSNATIVE\drivers\mv91xx.sys [x]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
    S0 23451690;23451690;c:\windows\system32\DRIVERS\23451690.sys;c:\windows\SYSNATIVE\DRIVERS\23451690.sys [x]
    S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
    S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
    S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys;c:\windows\SYSNATIVE\DRIVERS\kl2.sys [x]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
    S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
    S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
    S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
    S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
    S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
    S2 Carbonite-Mirror-Image-Svc;Carbonite Mirror Image Service;c:\program files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe;c:\program files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe [x]
    S2 Device Handle Service;Device Handle Service;c:\windows\SysWOW64\AsHookDevice.exe;c:\windows\SysWOW64\AsHookDevice.exe [x]
    S2 monblanking;monblanking;c:\windows\system32\DRIVERS\monblanking.sys;c:\windows\SYSNATIVE\DRIVERS\monblanking.sys [x]
    S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [x]
    S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
    S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
    S2 PasswordBox;PasswordBox;c:\program files (x86)\PasswordBox\pbbtnService.exe;c:\program files (x86)\PasswordBox\pbbtnService.exe [x]
    S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
    S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [x]
    S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
    S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
    S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
    S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
    S2 UDisk Monitor;UDisk Monitor;c:\program files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe;c:\program files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe [x]
    S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
    S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
    S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
    S3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
    S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
    S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
    S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
    S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
    S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - ASWMBR
    *Deregistered* - aswMBR
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    Hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2014-02-09 21:23 1211720 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2014-02-11 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 02:53]
    .
    2014-02-11 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-426381243-3783371907-2229632007-1004.job
    - c:\users\KIP.OnscreenOffice\AppData\Local\Citrix\GoToMeeting\1298\g2mupdate.exe [2014-01-31 18:55]
    .
    2014-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-03 13:17]
    .
    2014-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-03 13:17]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
    @="{95A27763-F62A-4114-9072-E81D87DE3B68}"
    [HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
    2013-06-13 16:26 1294344 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
    @="{E300CD91-100F-4E67-9AF3-1384A6124015}"
    [HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
    2013-06-13 16:26 1294344 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
    @="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
    [HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
    2013-06-13 16:26 1294344 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
    2013-12-06 23:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
    2013-12-06 23:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
    2013-12-06 23:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
    2013-12-06 23:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
    2013-12-06 23:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
    2013-12-06 23:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Open with PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
    IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
    TCP: DhcpNameServer = 192.168.1.254
    FF - ProfilePath - c:\users\KIP.OnscreenOffice\AppData\Roaming\Mozilla\Firefox\Profiles\84i2qbr9.default\
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Notify-SDWinLogon - SDWinLogon.dll
    ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
    ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
    ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
    ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID]
    @DACL=(02 0000)
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.0_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.1_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.1_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.4.2"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_19"
  8. 2014-02-12, 00:09 #8
    CleanTech
    CleanTech is offline
    Member CleanTech's Avatar
    Join Date
    Jan 2014
    Posts
    35

    Default win32.androm.bmne found by ZA - unable to update Spybot Professional

    Combofix log - Part 3:

    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_44"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_44"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_44"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_45"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_45"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_45"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_46"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_46"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_46"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_47"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_47"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_47"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_48"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_48"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_48"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_49"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_49"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_49"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_50"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_50"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_50"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_51"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_51"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_51"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_52"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_52"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_52"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_53"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_53"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_53"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_54"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_54"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_54"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_55"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_55"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_55"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_56"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_56"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_56"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_57"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_57"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_57"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_58"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_58"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_58"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_59"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_59"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_59"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_60"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_60"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_60"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_61"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_61"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0_61"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.5.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_44"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_44"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_44"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_45"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_45"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_45"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_46"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_46"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_46"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_47"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_47"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_47"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_48"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_48"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_48"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_49"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_49"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_49"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_50"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_50"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_50"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_51"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_51"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_51"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_52"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_52"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_52"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_53"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_53"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_53"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_54"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_54"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_54"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_55"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_55"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_55"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_56"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_56"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_56"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_57"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_57"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_57"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_58"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_58"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_58"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_59"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_59"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_59"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_60"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_60"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_60"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_61"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_61"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_61"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_62"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_62"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_62"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_63"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_63"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_63"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_64"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_64"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_64"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_65"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_65"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_65"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_66"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_66"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_66"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_67"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_67"
  9. 2014-02-12, 00:10 #9
    CleanTech
    CleanTech is offline
    Member CleanTech's Avatar
    Join Date
    Jan 2014
    Posts
    35

    Default win32.androm.bmne found by ZA - unable to update Spybot Professional

    Combofix log - Part 4 of 4

    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_67"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_68"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_68"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_68"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_69"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_69"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_69"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_70"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_70"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_70"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_71"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_71"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0_71"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.6.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_01"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_03"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_04"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_05"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_06"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_07"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_08"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_09"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_10"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_11"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_12"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_13"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_14"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_15"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_16"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_17"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_18"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_19"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_20"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_21"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_22"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_23"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_24"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_25"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_26"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_27"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_28"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_29"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_30"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_31"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_32"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_33"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_34"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_35"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_36"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_37"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_38"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_39"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_40"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_41"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_42"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_43"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_44"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_44"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_44"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_45"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_45"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_45"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_46"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_46"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_46"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_47"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_47"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_47"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_48"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_48"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_48"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_49"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_49"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_49"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_50"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_50"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_50"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_51"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_51"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0_51"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
    @DACL=(02 0000)
    @="Java Plug-in 1.7.0"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
    @DACL=(02 0000)
    @="Java Plug-in 1.3.0_02"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    @DACL=(02 0000)
    @="DropboxExt"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    @DACL=(02 0000)
    @="DropboxExt"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    @DACL=(02 0000)
    @="DropboxExt"
    .
    [HKEY_USERS\S-1-5-21-426381243-3783371907-2229632007-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    @DACL=(02 0000)
    @="DropboxExt"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2014-02-11 14:45:15
    ComboFix-quarantined-files.txt 2014-02-11 22:45
    .
    Pre-Run: 198,476,541,952 bytes free
    Post-Run: 200,079,241,216 bytes free
    .
    - - End Of File - - 61E7EBBFD31E09D042249371A3B4D633
    A36C5E4F47E84449FF07ED3517B43A31
  10. 2014-02-12, 00:12 #10
    CleanTech
    CleanTech is offline
    Member CleanTech's Avatar
    Join Date
    Jan 2014
    Posts
    35

    Default win32.androm.bmne found by ZA - unable to update Spybot Professional

    Qoobox log - Part 1:

    2014-02-11 22:43:55 . 2014-02-11 22:43:56 236 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}.reg.dat
    2014-02-11 22:43:55 . 2014-02-11 22:43:55 236 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}.reg.dat
    2014-02-11 22:43:55 . 2014-02-11 22:43:55 236 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}.reg.dat
    2014-02-11 22:43:55 . 2014-02-11 22:43:55 236 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}.reg.dat
    2014-02-05 00:49:10 . 2014-02-05 00:49:10 20,582 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9812AccountantCenter.html.vir
    2014-02-05 00:48:26 . 2014-02-05 00:48:26 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9812CleanTech20130630pffcenter.html.vir
    2014-02-05 00:48:26 . 2014-02-05 00:48:26 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9812CleanTech20130630taskNotesDialog.html.vir
    2014-02-05 00:48:26 . 2014-02-05 00:48:26 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9812CleanTech20130630reviewNotesPopUp.html.vir
    2014-02-05 00:48:26 . 2014-02-05 00:48:26 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9812CleanTech20130630reviewDialog.html.vir
    2014-02-04 23:59:34 . 2014-02-04 23:59:34 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9296CleanTech20130630pffcenter.html.vir
    2014-02-04 23:59:34 . 2014-02-04 23:59:34 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9296CleanTech20130630taskNotesDialog.html.vir
    2014-02-04 23:59:34 . 2014-02-04 23:59:34 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9296CleanTech20130630reviewNotesPopUp.html.vir
    2014-02-04 23:59:34 . 2014-02-04 23:59:34 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9296CleanTech20130630reviewDialog.html.vir
    2014-01-29 00:15:34 . 2014-02-04 18:48:20 20,582 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\8872AccountantCenter.html.vir
    2014-01-29 00:14:45 . 2014-02-04 18:43:39 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\8872CleanTech20130630pffcenter.html.vir
    2014-01-29 00:14:45 . 2014-02-04 18:43:39 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\8872CleanTech20130630taskNotesDialog.html.vir
    2014-01-29 00:14:45 . 2014-02-04 18:43:39 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\8872CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-29 00:14:45 . 2014-02-04 18:43:39 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\8872CleanTech20130630reviewDialog.html.vir
    2014-01-28 18:57:16 . 2014-01-28 18:57:16 20,580 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2536AccountantCenter.html.vir
    2014-01-28 18:53:54 . 2014-01-28 18:53:54 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2536CleanTech20130630pffcenter.html.vir
    2014-01-28 18:53:54 . 2014-01-28 18:53:54 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2536CleanTech20130630taskNotesDialog.html.vir
    2014-01-28 18:53:54 . 2014-01-28 18:53:54 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2536CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-28 18:53:54 . 2014-01-28 18:53:54 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2536CleanTech20130630reviewDialog.html.vir
    2014-01-28 18:28:20 . 2014-01-28 18:28:20 20,580 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7560AccountantCenter.html.vir
    2014-01-28 18:24:13 . 2014-01-28 18:24:13 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7560CleanTech20130630pffcenter.html.vir
    2014-01-28 18:24:13 . 2014-01-28 18:24:13 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7560CleanTech20130630taskNotesDialog.html.vir
    2014-01-28 18:24:13 . 2014-01-28 18:24:13 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7560CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-28 18:24:13 . 2014-01-28 18:24:13 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7560CleanTech20130630reviewDialog.html.vir
    2014-01-24 17:39:41 . 2014-01-24 17:39:41 20,580 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5124AccountantCenter.html.vir
    2014-01-24 17:39:14 . 2014-01-27 22:34:17 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5124CleanTech20130630pffcenter.html.vir
    2014-01-24 17:39:14 . 2014-01-27 22:34:17 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5124CleanTech20130630taskNotesDialog.html.vir
    2014-01-24 17:39:14 . 2014-01-27 22:34:17 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5124CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-24 17:39:14 . 2014-01-27 22:34:17 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5124CleanTech20130630reviewDialog.html.vir
    2014-01-24 17:38:35 . 2014-01-24 17:38:35 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2620CleanTech20130630pffcenter.html.vir
    2014-01-24 17:38:35 . 2014-01-24 17:38:35 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2620CleanTech20130630taskNotesDialog.html.vir
    2014-01-24 17:38:35 . 2014-01-24 17:38:35 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2620CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-24 17:38:35 . 2014-01-24 17:38:35 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2620CleanTech20130630reviewDialog.html.vir
    2014-01-23 00:58:26 . 2014-01-23 00:58:26 20,580 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9136AccountantCenter.html.vir
    2014-01-23 00:57:31 . 2014-01-23 00:57:31 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9136CleanTech20130630pffcenter.html.vir
    2014-01-23 00:57:31 . 2014-01-23 00:57:31 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9136CleanTech20130630taskNotesDialog.html.vir
    2014-01-23 00:57:31 . 2014-01-23 00:57:31 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9136CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-23 00:57:31 . 2014-01-23 00:57:31 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9136CleanTech20130630reviewDialog.html.vir
    2014-01-22 19:24:16 . 2014-01-22 20:57:18 20,580 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5476AccountantCenter.html.vir
    2014-01-22 19:23:25 . 2014-01-22 20:56:33 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5476CleanTech20130630pffcenter.html.vir
    2014-01-22 19:23:25 . 2014-01-22 20:56:33 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5476CleanTech20130630taskNotesDialog.html.vir
    2014-01-22 19:23:25 . 2014-01-22 20:56:33 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5476CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-22 19:23:25 . 2014-01-22 20:56:33 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5476CleanTech20130630reviewDialog.html.vir
    2014-01-21 19:57:57 . 2014-01-21 19:57:57 20,580 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4436AccountantCenter.html.vir
    2014-01-21 19:56:24 . 2014-01-21 19:56:24 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4436CleanTech20130630pffcenter.html.vir
    2014-01-21 19:56:24 . 2014-01-21 19:56:24 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4436CleanTech20130630taskNotesDialog.html.vir
    2014-01-21 19:56:24 . 2014-01-21 19:56:24 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4436CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-21 19:56:24 . 2014-01-21 19:56:24 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4436CleanTech20130630reviewDialog.html.vir
    2014-01-19 18:09:11 . 2014-01-19 18:09:11 20,580 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6332AccountantCenter.html.vir
    2014-01-19 18:07:17 . 2014-01-19 18:07:17 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6332CleanTech20130630pffcenter.html.vir
    2014-01-19 18:07:17 . 2014-01-19 18:07:17 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6332CleanTech20130630taskNotesDialog.html.vir
    2014-01-19 18:07:17 . 2014-01-19 18:07:17 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6332CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-19 18:07:17 . 2014-01-19 18:07:17 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6332CleanTech20130630reviewDialog.html.vir
    2014-01-16 23:26:39 . 2014-01-16 23:26:39 20,580 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5404AccountantCenter.html.vir
    2014-01-16 23:25:56 . 2014-01-17 00:43:26 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5404CleanTech20130630pffcenter.html.vir
    2014-01-16 23:25:56 . 2014-01-17 00:43:26 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5404CleanTech20130630taskNotesDialog.html.vir
    2014-01-16 23:25:56 . 2014-01-17 00:43:26 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5404CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-16 23:25:56 . 2014-01-17 00:43:26 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5404CleanTech20130630reviewDialog.html.vir
    2014-01-15 17:31:48 . 2014-01-16 01:36:05 20,580 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2372AccountantCenter.html.vir
    2014-01-15 17:30:39 . 2014-01-16 01:35:35 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2372CleanTech20130630pffcenter.html.vir
    2014-01-15 17:30:39 . 2014-01-16 01:35:35 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2372CleanTech20130630taskNotesDialog.html.vir
    2014-01-15 17:30:39 . 2014-01-16 01:35:35 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2372CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-15 17:30:39 . 2014-01-16 01:35:35 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2372CleanTech20130630reviewDialog.html.vir
    2014-01-14 23:28:44 . 2014-01-14 23:28:44 20,581 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5444AccountantCenter.html.vir
    2014-01-14 23:28:27 . 2014-01-14 23:28:27 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5444CleanTech20130630pffcenter.html.vir
    2014-01-14 23:28:27 . 2014-01-14 23:28:27 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5444CleanTech20130630taskNotesDialog.html.vir
    2014-01-14 23:28:27 . 2014-01-14 23:28:27 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5444CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-14 23:28:27 . 2014-01-14 23:28:27 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5444CleanTech20130630reviewDialog.html.vir
    2014-01-13 17:10:42 . 2014-01-13 20:06:20 20,581 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10600AccountantCenter.html.vir
    2014-01-13 17:06:20 . 2014-01-14 03:08:10 73,883 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10600CleanTech20130630pffcenter.html.vir
    2014-01-13 17:06:20 . 2014-01-14 03:08:10 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10600CleanTech20130630taskNotesDialog.html.vir
    2014-01-13 17:06:20 . 2014-01-14 03:08:10 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10600CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-13 17:06:20 . 2014-01-14 03:08:10 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10600CleanTech20130630reviewDialog.html.vir
    2014-01-11 02:22:11 . 2014-01-11 02:22:11 20,581 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\13520AccountantCenter.html.vir
    2014-01-11 02:17:52 . 2014-01-11 03:22:21 73,883 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\13520CleanTech20130630pffcenter.html.vir
    2014-01-11 02:17:52 . 2014-01-11 03:22:21 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\13520CleanTech20130630taskNotesDialog.html.vir
    2014-01-11 02:17:52 . 2014-01-11 03:22:21 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\13520CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-11 02:17:52 . 2014-01-11 03:22:21 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\13520CleanTech20130630reviewDialog.html.vir
    2014-01-09 21:27:57 . 2014-01-09 21:27:57 20,579 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10816AccountantCenter.html.vir
    2014-01-09 20:59:06 . 2014-01-09 20:59:06 73,883 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10816CleanTech20130630pffcenter.html.vir
    2014-01-09 20:59:06 . 2014-01-09 20:59:06 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10816CleanTech20130630taskNotesDialog.html.vir
    2014-01-09 20:59:06 . 2014-01-09 20:59:06 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10816CleanTech20130630reviewNotesPopUp.html.vir
    2014-01-09 20:59:06 . 2014-01-09 20:59:06 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10816CleanTech20130630reviewDialog.html.vir
    2013-12-30 18:21:15 . 2013-12-30 18:21:15 20,581 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5144AccountantCenter.html.vir
    2013-12-30 18:10:22 . 2013-12-30 18:10:22 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5144CleanTech20130630pffcenter.html.vir
    2013-12-30 18:10:22 . 2013-12-30 18:10:22 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5144CleanTech20130630taskNotesDialog.html.vir
    2013-12-30 18:10:22 . 2013-12-30 18:10:22 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5144CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-30 18:10:22 . 2013-12-30 18:10:22 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5144CleanTech20130630reviewDialog.html.vir
    2013-12-30 17:47:13 . 2013-12-30 17:47:13 20,581 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5704AccountantCenter.html.vir
    2013-12-30 17:46:32 . 2013-12-30 17:46:32 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5704CleanTech20130630pffcenter.html.vir
    2013-12-30 17:46:32 . 2013-12-30 17:46:32 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5704CleanTech20130630taskNotesDialog.html.vir
    2013-12-30 17:46:32 . 2013-12-30 17:46:32 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5704CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-30 17:46:32 . 2013-12-30 17:46:32 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5704CleanTech20130630reviewDialog.html.vir
    2013-12-17 17:54:09 . 2013-12-20 16:11:54 20,581 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5212AccountantCenter.html.vir
    2013-12-17 17:53:52 . 2013-12-30 17:31:41 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5212CleanTech20130630pffcenter.html.vir
    2013-12-17 17:53:51 . 2013-12-30 17:31:41 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5212CleanTech20130630taskNotesDialog.html.vir
    2013-12-17 17:53:51 . 2013-12-30 17:31:41 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5212CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-17 17:53:51 . 2013-12-30 17:31:41 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5212CleanTech20130630reviewDialog.html.vir
    2013-12-13 16:32:39 . 2013-12-13 16:32:39 20,581 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4492AccountantCenter.html.vir
    2013-12-13 16:32:21 . 2013-12-13 16:32:21 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4492CleanTech20130630pffcenter.html.vir
    2013-12-13 16:32:21 . 2013-12-13 16:32:21 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4492CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-13 16:32:21 . 2013-12-13 16:32:21 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4492CleanTech20130630taskNotesDialog.html.vir
    2013-12-13 16:32:21 . 2013-12-13 16:32:21 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4492CleanTech20130630reviewDialog.html.vir
    2013-12-12 16:55:57 . 2013-12-12 16:55:57 20,582 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2860AccountantCenter.html.vir
    2013-12-12 16:55:39 . 2013-12-13 16:29:05 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2860CleanTech20130630pffcenter.html.vir
    2013-12-12 16:55:39 . 2013-12-13 16:29:05 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2860CleanTech20130630taskNotesDialog.html.vir
    2013-12-12 16:55:39 . 2013-12-13 16:29:05 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2860CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-12 16:55:39 . 2013-12-13 16:29:05 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\2860CleanTech20130630reviewDialog.html.vir
    2013-12-11 20:15:02 . 2013-12-11 20:15:02 20,582 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6952AccountantCenter.html.vir
    2013-12-11 20:14:46 . 2013-12-12 03:16:25 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6952CleanTech20130630pffcenter.html.vir
    2013-12-11 20:14:46 . 2013-12-12 03:16:25 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6952CleanTech20130630taskNotesDialog.html.vir
    2013-12-11 20:14:46 . 2013-12-12 03:16:25 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6952CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-11 20:14:46 . 2013-12-12 03:16:25 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6952CleanTech20130630reviewDialog.html.vir
    2013-12-11 18:12:19 . 2011-08-20 04:32:06 5,063 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\close_pop.png.vir
    2013-12-11 18:12:19 . 2011-08-20 04:32:06 3,763 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\jq.css.vir
    2013-12-11 18:12:19 . 2011-08-20 04:32:06 4,351 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\ac.css.vir
    2013-12-11 18:12:19 . 2011-08-20 04:32:06 10,503 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\jquery.corner.js.vir
    2013-12-11 18:12:19 . 2011-08-20 04:32:06 72,328 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\jquery.min.js.vir
    2013-12-11 18:12:19 . 2011-08-20 04:32:06 1,916 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\ac.js.vir
    2013-12-11 18:12:19 . 2013-12-11 18:12:19 20,582 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7388AccountantCenter.html.vir
    2013-12-11 18:11:31 . 2011-08-20 04:32:08 43,609 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\mootools.svn.js.vir
    2013-12-11 18:11:31 . 2011-08-20 04:32:08 4,784 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\pffCenter.css.vir
    2013-12-11 18:11:31 . 2011-08-20 04:32:08 35,843 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\pffCenter.js.vir
    2013-12-11 18:11:31 . 2013-12-11 18:11:31 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7388CleanTech20130630pffcenter.html.vir
    2013-12-11 18:11:31 . 2013-12-11 18:11:31 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7388CleanTech20130630taskNotesDialog.html.vir
    2013-12-11 18:11:31 . 2013-12-11 18:11:31 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7388CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-11 18:11:31 . 2013-12-11 18:11:31 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7388CleanTech20130630reviewDialog.html.vir
    2013-12-11 17:23:10 . 2013-12-11 17:23:10 512 ----a-w- C:\Qoobox\Quarantine\MBR_HardDisk0.mbr
    2013-12-11 17:22:03 . 2013-12-11 17:22:03 92 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-Locked.reg.dat
    2013-12-11 17:22:01 . 2013-12-11 17:22:01 377 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47}.reg.dat
    2013-12-11 17:21:49 . 2013-12-11 17:21:49 284 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-Adobe Reader Speed Launcher.reg.dat
    2013-12-11 17:21:48 . 2013-12-11 17:21:48 319 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKCU-Run-AVG-Secure-Search-Update_1113a.reg.dat
    2013-12-11 17:21:47 . 2013-12-11 17:21:47 404 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-Toolbar-{ff343558-d5a5-454a-bdd8-c5c81e179fed}.reg.dat
    2013-12-11 17:21:47 . 2014-02-11 22:43:40 104 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-Toolbar-Locked.reg.dat
    2013-12-11 17:17:14 . 2014-02-11 22:40:23 7,471 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
    2013-12-11 16:40:22 . 2014-02-11 22:34:10 255 ----a-w- C:\Qoobox\Quarantine\catchme.log
    2013-12-10 23:03:28 . 2013-12-10 23:03:28 20,582 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\12068AccountantCenter.html.vir
    2013-12-10 23:02:37 . 2013-12-10 23:02:37 73,883 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\12068CleanTech20130630pffcenter.html.vir
    2013-12-10 23:02:37 . 2013-12-10 23:02:37 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\12068CleanTech20130630taskNotesDialog.html.vir
    2013-12-10 23:02:37 . 2013-12-10 23:02:37 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\12068CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-10 23:02:37 . 2013-12-10 23:02:37 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\12068CleanTech20130630reviewDialog.html.vir
    2013-12-06 18:28:54 . 2013-12-10 17:58:05 20,580 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9836AccountantCenter.html.vir
    2013-12-06 18:04:04 . 2013-12-10 17:57:52 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9836CleanTech20130630pffcenter.html.vir
    2013-12-06 18:04:04 . 2013-12-10 17:57:52 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9836CleanTech20130630taskNotesDialog.html.vir
    2013-12-06 18:04:04 . 2013-12-10 17:57:52 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9836CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-06 18:04:04 . 2013-12-10 17:57:52 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\9836CleanTech20130630reviewDialog.html.vir
    2013-12-03 16:44:44 . 2013-12-04 00:19:00 20,579 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6624AccountantCenter.html.vir
    2013-12-03 16:42:45 . 2013-12-04 00:18:43 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6624CleanTech20130630pffcenter.html.vir
    2013-12-03 16:42:45 . 2013-12-04 00:18:43 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6624CleanTech20130630taskNotesDialog.html.vir
    2013-12-03 16:42:45 . 2013-12-04 00:18:43 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6624CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-03 16:42:45 . 2013-12-04 00:18:43 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6624CleanTech20130630reviewDialog.html.vir
    2013-12-03 00:36:57 . 2013-12-03 00:36:58 20,579 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6724AccountantCenter.html.vir
    2013-12-03 00:36:30 . 2013-12-03 00:36:30 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6724CleanTech20130630pffcenter.html.vir
    2013-12-03 00:36:30 . 2013-12-03 00:36:30 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6724CleanTech20130630taskNotesDialog.html.vir
    2013-12-03 00:36:30 . 2013-12-03 00:36:30 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6724CleanTech20130630reviewNotesPopUp.html.vir
    2013-12-03 00:36:30 . 2013-12-03 00:36:30 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6724CleanTech20130630reviewDialog.html.vir
    2013-12-02 21:41:43 . 2013-12-02 23:53:17 20,579 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5648AccountantCenter.html.vir
    2013-12-02 21:41:26 . 2013-12-02 23:53:07 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5648CleanTech20130630pffcenter.html.vir
    2013-12-02 21:41:26 . 2013-12-02 23:53:07 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5648CleanTech20130630taskNotesDialog.html.vir
    2013-12-02 21:41:26 . 2013-12-02 23:53:07 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5648CleanTech20130630reviewDialog.html.vir
    2013-12-02 21:41:26 . 2013-12-02 23:53:07 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5648CleanTech20130630reviewNotesPopUp.html.vir
    2013-11-29 17:16:38 . 2013-12-02 17:02:01 20,579 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5304AccountantCenter.html.vir
    2013-11-29 17:15:52 . 2013-12-02 17:00:36 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5304CleanTech20130630pffcenter.html.vir
    2013-11-29 17:15:52 . 2013-12-02 17:00:36 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5304CleanTech20130630taskNotesDialog.html.vir
    2013-11-29 17:15:52 . 2013-12-02 17:00:36 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5304CleanTech20130630reviewNotesPopUp.html.vir
    2013-11-29 17:15:52 . 2013-12-02 17:00:36 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5304CleanTech20130630reviewDialog.html.vir
    2013-11-22 17:01:37 . 2013-11-22 20:09:49 20,578 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\1776AccountantCenter.html.vir
    2013-11-22 17:00:44 . 2013-11-27 16:59:50 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\1776CleanTech20130630pffcenter.html.vir
    2013-11-22 17:00:44 . 2013-11-27 16:59:50 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\1776CleanTech20130630taskNotesDialog.html.vir
    2013-11-22 17:00:44 . 2013-11-27 16:59:50 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\1776CleanTech20130630reviewNotesPopUp.html.vir
    2013-11-22 17:00:44 . 2013-11-27 16:59:50 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\1776CleanTech20130630reviewDialog.html.vir
    2013-11-20 17:50:46 . 2013-11-20 17:50:21 9,769 ----a-w- C:\Qoobox\Quarantine\C\Windows\SysWOW64\cache\0ead81764f45b0d7.fb.vir
    2013-11-18 16:54:27 . 2013-11-18 16:54:27 20,577 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4928AccountantCenter.html.vir
    2013-11-18 16:53:50 . 2013-11-18 16:53:50 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4928CleanTech20130630pffcenter.html.vir
    2013-11-18 16:53:50 . 2013-11-18 16:53:50 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4928CleanTech20130630taskNotesDialog.html.vir
    2013-11-18 16:53:50 . 2013-11-18 16:53:50 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4928CleanTech20130630reviewNotesPopUp.html.vir
    2013-11-18 16:53:50 . 2013-11-18 16:53:50 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4928CleanTech20130630reviewDialog.html.vir
    2013-11-13 16:35:29 . 2013-11-13 16:35:29 20,283 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5268AccountantCenter.html.vir
    2013-11-13 16:35:04 . 2013-11-15 19:03:08 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5268CleanTech20130630pffcenter.html.vir
    2013-11-13 16:35:04 . 2013-11-15 19:03:08 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5268CleanTech20130630taskNotesDialog.html.vir
    2013-11-13 16:35:04 . 2013-11-15 19:03:08 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5268CleanTech20130630reviewNotesPopUp.html.vir
    2013-11-13 16:35:04 . 2013-11-15 19:03:08 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5268CleanTech20130630reviewDialog.html.vir
    2013-11-12 16:55:21 . 2013-11-12 16:55:00 9,742 ----a-w- C:\Qoobox\Quarantine\C\Windows\SysWOW64\cache\551231eb8bc1f877.fb.vir
    2013-11-05 16:54:01 . 2013-11-05 16:53:46 9,742 ----a-w- C:\Qoobox\Quarantine\C\Windows\SysWOW64\cache\29202bc29eb35b88.fb.vir
    2013-11-01 19:47:18 . 2013-11-01 19:47:18 20,585 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7492AccountantCenter.html.vir
    2013-11-01 19:45:17 . 2013-11-06 18:28:48 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7492CleanTech20130630pffcenter.html.vir
    2013-11-01 19:45:17 . 2013-11-06 18:28:48 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7492CleanTech20130630taskNotesDialog.html.vir
    2013-11-01 19:45:17 . 2013-11-06 18:28:48 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7492CleanTech20130630reviewNotesPopUp.html.vir
    2013-11-01 19:45:17 . 2013-11-06 18:28:48 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7492CleanTech20130630reviewDialog.html.vir
    2013-10-31 16:30:23 . 2013-10-31 16:30:23 20,585 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4744AccountantCenter.html.vir
    2013-10-31 16:27:45 . 2013-10-31 16:27:45 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4744CleanTech20130630pffcenter.html.vir
    2013-10-31 16:27:45 . 2013-10-31 16:27:45 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4744CleanTech20130630taskNotesDialog.html.vir
    2013-10-31 16:27:45 . 2013-10-31 16:27:45 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4744CleanTech20130630reviewNotesPopUp.html.vir
    2013-10-31 16:27:45 . 2013-10-31 16:27:45 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4744CleanTech20130630reviewDialog.html.vir
    2013-10-22 14:52:33 . 2013-10-28 20:01:55 20,586 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\3240AccountantCenter.html.vir
    2013-10-22 14:50:57 . 2013-10-28 20:00:38 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\3240CleanTech20130630pffcenter.html.vir
    2013-10-22 14:50:57 . 2013-10-28 20:00:38 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\3240CleanTech20130630taskNotesDialog.html.vir
    2013-10-22 14:50:57 . 2013-10-28 20:00:38 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\3240CleanTech20130630reviewNotesPopUp.html.vir
    2013-10-22 14:50:56 . 2013-10-28 20:00:38 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\3240CleanTech20130630reviewDialog.html.vir
    2013-10-10 16:27:25 . 2013-10-14 15:35:34 20,579 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5220AccountantCenter.html.vir
    2013-10-10 16:26:23 . 2013-10-14 15:33:56 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5220CleanTech20130630pffcenter.html.vir
    2013-10-10 16:26:23 . 2013-10-14 15:33:56 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5220CleanTech20130630taskNotesDialog.html.vir
    2013-10-10 16:26:23 . 2013-10-14 15:33:56 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5220CleanTech20130630reviewNotesPopUp.html.vir
    2013-10-10 16:26:23 . 2013-10-14 15:33:56 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\5220CleanTech20130630reviewDialog.html.vir
    2013-10-09 19:13:52 . 2013-10-09 19:13:53 17,696 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\Documents\~WRL1149.tmp.vir
    2013-10-02 03:45:33 . 2013-10-02 03:45:17 9,742 ----a-w- C:\Qoobox\Quarantine\C\Windows\SysWOW64\cache\cade38997dc8f0c4.fb.vir
    2013-09-30 15:50:59 . 2013-10-02 20:24:09 20,662 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4828AccountantCenter.html.vir
    2013-09-30 15:49:29 . 2013-10-02 20:13:04 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4828CleanTech20130630pffcenter.html.vir
    2013-09-30 15:49:29 . 2013-10-02 20:13:04 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4828CleanTech20130630taskNotesDialog.html.vir
    2013-09-30 15:49:29 . 2013-10-02 20:13:04 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4828CleanTech20130630reviewNotesPopUp.html.vir
    2013-09-30 15:49:29 . 2013-10-02 20:13:04 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\4828CleanTech20130630reviewDialog.html.vir
    2013-09-27 23:28:04 . 2013-09-27 23:27:42 9,742 ----a-w- C:\Qoobox\Quarantine\C\Windows\SysWOW64\cache\bb8fefe224d6a5b1.fb.vir
    2013-09-24 19:05:46 . 2013-09-30 15:38:06 20,663 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10880AccountantCenter.html.vir
    2013-09-24 18:43:40 . 2013-09-30 15:37:46 73,883 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10880CleanTech20130630pffcenter.html.vir
    2013-09-24 18:43:40 . 2013-09-30 15:37:46 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10880CleanTech20130630taskNotesDialog.html.vir
    2013-09-24 18:43:40 . 2013-09-30 15:37:46 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10880CleanTech20130630reviewNotesPopUp.html.vir
    2013-09-24 18:43:40 . 2013-09-30 15:37:46 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\10880CleanTech20130630reviewDialog.html.vir
    2013-09-20 16:27:06 . 2013-09-20 16:27:02 9,992 ----a-w- C:\Qoobox\Quarantine\C\Windows\SysWOW64\cache\d652f565f2385d56.fb.vir
    2013-09-19 20:26:16 . 2013-09-19 21:07:32 20,661 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6132AccountantCenter.html.vir
    2013-09-19 20:25:58 . 2013-09-20 23:27:44 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6132CleanTech20130630pffcenter.html.vir
    2013-09-19 20:25:58 . 2013-09-20 23:27:44 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6132CleanTech20130630taskNotesDialog.html.vir
    2013-09-19 20:25:58 . 2013-09-20 23:27:44 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6132CleanTech20130630reviewNotesPopUp.html.vir
    2013-09-19 20:25:58 . 2013-09-20 23:27:44 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\6132CleanTech20130630reviewDialog.html.vir
    2013-09-16 16:45:27 . 2013-09-19 18:40:08 20,661 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7188AccountantCenter.html.vir
    2013-09-16 16:45:17 . 2013-09-19 18:39:52 73,845 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7188CleanTech20130630pffcenter.html.vir
    2013-09-16 16:45:17 . 2013-09-19 18:39:52 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7188CleanTech20130630taskNotesDialog.html.vir
    2013-09-16 16:45:17 . 2013-09-19 18:39:52 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7188CleanTech20130630reviewNotesPopUp.html.vir
    2013-09-16 16:45:17 . 2013-09-19 18:39:52 2,658 ----a-w- C:\Qoobox\Quarantine\C\Users\KIP.OnscreenOffice\AppData\Local\Microsoft\Windows\Temporary Internet Files\7188CleanTech20130630reviewDialog.html.vir
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules