GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-11-03 17:04:28 Windows 6.2.9200 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1 KINGSTON_SV300S37A60G rev.505ABBF0 55,90GB Running: qcp30qgf.exe; Driver: C:\Users\dkgod\AppData\Local\Temp\awxdrpoc.sys ---- Kernel code sections - GMER 2.2 ---- ? \SystemRoot\system32\ntoskrnl.exe kernel module suspicious modification ---- Devices - GMER 2.2 ---- Device \Driver\amdkmdap \Device\Video0 atikmpag.sys Device \Driver\amdkmdap \Device\Video1 atikmpag.sys Device \Driver\amdkmdap \Device\Video2 atikmpag.sys Device \Driver\amdkmdap \Device\Video3 atikmpag.sys Device \Driver\amdkmdap \Device\00000038 atikmpag.sys Device \Driver\amdkmdap \Device\Video4 atikmpag.sys Device \Driver\amdkmdap \Device\00000039 atikmpag.sys Device \Driver\amdkmdap \Device\Video5 atikmpag.sys Device \Driver\amdkmdag \Device\amdkmdag atikmdag.sys Device \Driver\amdkmdag \Device\amdkmdag atikmdag.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 iorate.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 iorate.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 iorate.sys Device \Driver\clreg \Device\GenesisRegFilter registry.sys ---- Processes - GMER 2.2 ---- Library C:\Users\dkgod\AppData\Roaming\Rearerpyverdose\Tatulesrertion.dll (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [9156] 0x6EA00000 Library C:\Users\dkgod\AppData\Roaming\Rearerpyverdose\Tatulesrertion.dll (*** hidden *** ) @ C:\Users\dkgod\AppData\Local\Temp\D922SHT2B6.exe [13352] 0x6EA00000 ---- Services - GMER 2.2 ---- Service C:\ProgramData\\Konksolex\\Konksolex.exe (*** hidden *** ) [AUTO] Konksolex <-- ROOTKIT !!! Service C:\Users\dkgod\AppData\Local\03000200-1478044809-0500-0006-000700080009\qnsq98F8.tmp (*** hidden *** ) [AUTO] zigipyro <-- ROOTKIT !!! ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\GSM5A34404NDUNDK294_04_07DE_5A+SHP0FFD0_00_07D7_BE^F86E78DF94955046261B1CDB8DA8BFFA@Timestamp 0xCB 0x0D 0x1C 0x0E ... Reg HKLM\SYSTEM\CurrentControlSet\Control\MUI\StringCacheSettings@StringCacheGeneration 81 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations ????????\BaseNamedObjects\WDI_{f3597a7e-0480-42fc-b6d6-095a591906e9}?A??Reusable ISATAP Interface {70BD0885-1F16-443A-AEFF-49658EB5AB30}?l??Reusable ISATAP Interface {70BD0885-1F16-443A-AEFF-49658EB5AB30}?o??"NetBT" "Tcpip6" "{805B744D-A7BA-45C0-8F03-3890BC42B851}"?"NetBT" "Tcpip" "{805B744D-A7BA-45C0-8F03-3890BC42B851}"?"NetBT" "Tcpip" "{68F439EC-AE4C-417A-ADF5-CA219E01F327}"?"NetBT" "Tcpip6" "{68F439EC-AE4C-417A-ADF5-CA219E01F327}"?"NetBT" "Tcpip6" "{F6D66DC4-F32C-4F7F-A5F3-32E225B7C627}"?"NetBT" "Tcpip6" "{70BD0885-1F16-443A-AEFF-49658EB5AB30}"??f????\Device\LanmanServer_NetbiosSmb?\Device\LanmanServer_NetBT_Tcpip6_{805B744D-A7BA-45C0-8F03-3890BC42B851}?\Device\LanmanServer_NetBT_Tcpip_{805B744D-A7BA-45C0-8F03-3890BC42B851}?\Device\LanmanServer_Tcpip6_{805B744D-A7BA-45C0-8F03-3890BC42B851}?\Device\LanmanServer_Tcpip_{805B744D-A7BA-45C0-8F03-3890BC42B851}?\Device\LanmanServer_Tcpip_{68F439EC-AE4C-417A-ADF5-CA219E01F327}?\Device\LanmanServer_Tcpip6_{68F439EC-AE4C-417A-ADF5-CA219E01F327}?\Device\LanmanServer Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 929209348 Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\UnitedVideo\CONTROL\VIDEO\{EC4FE25E-C5DA-4D65-BE1D-854E647D4058}\0001@Attach.ToDesktop 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS\Performance@1008 0xEF 0xC7 0xE8 0x78 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\Konksolex Reg HKLM\SYSTEM\CurrentControlSet\Services\Konksolex@Type 16 Reg HKLM\SYSTEM\CurrentControlSet\Services\Konksolex@Start 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\Konksolex@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Konksolex@ImagePath C:\ProgramData\\Konksolex\\Konksolex.exe shuz -f "C:\ProgramData\\Konksolex\\Konksolex.dat" -l -a Reg HKLM\SYSTEM\CurrentControlSet\Services\Konksolex@DisplayName Konksolex Reg HKLM\SYSTEM\CurrentControlSet\Services\Konksolex@ObjectName LocalSystem Reg HKLM\SYSTEM\CurrentControlSet\Services\Konksolex Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 1785 Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xB5 0x44 0xAE 0x7D ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xB5 0xAC 0x72 0xDF ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xB5 0xDC 0xE9 0x1B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\zigipyro Reg HKLM\SYSTEM\CurrentControlSet\Services\zigipyro@Type 16 Reg HKLM\SYSTEM\CurrentControlSet\Services\zigipyro@Start 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\zigipyro@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\zigipyro@ImagePath C:\Users\dkgod\AppData\Local\03000200-1478044809-0500-0006-000700080009\qnsq98F8.tmp Reg HKLM\SYSTEM\CurrentControlSet\Services\zigipyro@DisplayName Double Spaced Firewall Reg HKLM\SYSTEM\CurrentControlSet\Services\zigipyro@ObjectName LocalSystem Reg HKLM\SYSTEM\CurrentControlSet\Services\zigipyro@Description Field Web Directory Reg HKLM\SYSTEM\CurrentControlSet\Services\zigipyro Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:02d0ee6d-c466-4d83-8570-5015cad8512b\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:02d0ee6d-c466-4d83-8570-5015cad8512b\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:05553bc4-728a-46ed-aff3-2083732ddc00\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:05553bc4-728a-46ed-aff3-2083732ddc00\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:127a3981-0036-1000-8e48-c4576e33009a\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x04 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:127a3981-0036-1000-8e48-c4576e33009a\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x04 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:14c27437-74a5-4203-8469-29fec8657ef6\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:14c27437-74a5-4203-8469-29fec8657ef6\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:15f96b51-3f71-4ae6-85d1-db794c7e5705\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:15f96b51-3f71-4ae6-85d1-db794c7e5705\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:1917a38d-e336-4175-80fe-b5692f849df2\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:1917a38d-e336-4175-80fe-b5692f849df2\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:2e060023-e61d-4455-830d-c4fb00ccf030\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:2e060023-e61d-4455-830d-c4fb00ccf030\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:2fdf8773-fd82-4a94-ae3c-4b5f538bd50b\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:2fdf8773-fd82-4a94-ae3c-4b5f538bd50b\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:458e4fc2-3ca9-4550-9d3f-03854f9cd228\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:458e4fc2-3ca9-4550-9d3f-03854f9cd228\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:5e984fb3-acd7-4acd-82bd-3e5e7dbda9c4\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:5e984fb3-acd7-4acd-82bd-3e5e7dbda9c4\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:5fe3f1c1-562b-4a0e-9b8f-3219895159c2\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:5fe3f1c1-562b-4a0e-9b8f-3219895159c2\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:63d1520f-cfb1-43c2-970a-8d4c661fd251\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:63d1520f-cfb1-43c2-970a-8d4c661fd251\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:75f140d4-ce1f-43d9-9970-8d4a4ee1a5bc\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:75f140d4-ce1f-43d9-9970-8d4a4ee1a5bc\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:880aac9f-f05e-4cb1-945d-fe7eaeb597ae\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:880aac9f-f05e-4cb1-945d-fe7eaeb597ae\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:920058f6-6dea-4b4f-aaa6-0e8b81b6f34d\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:920058f6-6dea-4b4f-aaa6-0e8b81b6f34d\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:9bb1bbd9-5cc0-46c8-b1b2-32f183871883\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:9bb1bbd9-5cc0-46c8-b1b2-32f183871883\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:aa7ac891-cd29-4e28-9b6d-86ee2686b06d\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:aa7ac891-cd29-4e28-9b6d-86ee2686b06d\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:ab0c7e62-1677-4525-a472-5a4fe5543815\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:ab0c7e62-1677-4525-a472-5a4fe5543815\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:addb9444-0fc7-4205-b504-5c965152686e\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:addb9444-0fc7-4205-b504-5c965152686e\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:c1211d34-1eda-4964-aff2-8f8cb3625cf1\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:c1211d34-1eda-4964-aff2-8f8cb3625cf1\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:cd95cb00-5c8d-4289-8905-17a5e573dfd2\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:cd95cb00-5c8d-4289-8905-17a5e573dfd2\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:cf9843fd-66d5-4e5d-a267-f3d414397687\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:cf9843fd-66d5-4e5d-a267-f3d414397687\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:d08ba7d3-a856-4ce4-82b0-5a0de9150033\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:d08ba7d3-a856-4ce4-82b0-5a0de9150033\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:ef2e2e0d-86d1-4205-8134-02e32e34685b\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPnPProvider\uuid:ef2e2e0d-86d1-4205-8134-02e32e34685b\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000E@ 0x64 0x62 0x03 0x00 ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\FaceLogon@CredProvUncompletedInstances 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack@LastSuccessfulUploadTime 0x77 0x86 0xA2 0x53 ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack\HeartBeats\Default@LastHeartBeatTime 0x79 0x30 0xFA 0x37 ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack\SettingsRequests@LastDownloadTime 0x32 0x7C 0xD5 0x52 ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack\SettingsRequests\telemetry.ASM-WindowsDefault@LastDownloadTime 0xCB 0xF1 0x01 0x3A ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack\SettingsRequests\TELEMETRY.ASM-WINDOWSSQ@LastDownloadTime 0x5A 0x40 0x76 0x08 ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack\SettingsRequests\utc.app@LastDownloadTime 0xCB 0xF1 0x01 0x3A ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack\SettingsRequests\WINDOWS.DIAGNOSTICS@ETag 39:66A2A386::2EF0F43659 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack\SettingsRequests\WINDOWS.DIAGNOSTICS@RefreshInterval 45 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack\SettingsRequests\WINDOWS.DIAGNOSTICS@LastDownloadTime 0xCB 0xF1 0x01 0x3A ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer@GlobalAssocChangedCounter 58 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}@StartTimeLo -1207721276 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}@StartTimeHi 30552825 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}@EndTimeLo -1207565022 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}@EndTimeHi 30552825 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-2147580673-1131091785-3466399999-1001\Extension-List\{00000000-0000-0000-0000-000000000000}@StartTimeLo -1373090912 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-2147580673-1131091785-3466399999-1001\Extension-List\{00000000-0000-0000-0000-000000000000}@StartTimeHi 30553423 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-2147580673-1131091785-3466399999-1001\Extension-List\{00000000-0000-0000-0000-000000000000}@EndTimeLo -1372622170 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-2147580673-1131091785-3466399999-1001\Extension-List\{00000000-0000-0000-0000-000000000000}@EndTimeHi 30553423 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\Status\GPExtensions\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}@LastPolicyTime 19357204 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\31E1FF0BC1D4EEE42A0677E36FC777FE Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\31E1FF0BC1D4EEE42A0677E36FC777FE@F4D5720ABAFF24A489478B171B4CACD3 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364@F4D5720ABAFF24A489478B171B4CACD3 C:\Program Files\InterHop\InterHop\InterHop.exe Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3@PatchGUID Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3@MediaCabinet Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3@File _6D7B8490A5404011A1167B2D24360196 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3@ComponentVersion Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3@ProductVersion 1.0.0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3@PatchSize 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3@PatchAttributes 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3@PatchSequence 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3@SharedComponent 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9361EB554F96E118971ABD52A1114364\F4D5720ABAFF24A489478B171B4CACD3@IsFullFile 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075@F4D5720ABAFF24A489478B171B4CACD3 C:\Program Files\InterHop\InterHop\main Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3@PatchGUID Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3@MediaCabinet Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3@File _6A92914C6B7B469EA57F444164C5CF0E Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3@ComponentVersion Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3@ProductVersion 1.0.0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3@PatchSize 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3@PatchAttributes 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3@PatchSequence 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3@SharedComponent 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADF7E48FD5D33F5A976B313473161075\F4D5720ABAFF24A489478B171B4CACD3@IsFullFile 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077@F4D5720ABAFF24A489478B171B4CACD3 C:\Program Files\InterHop\InterHop\HopInst.exe Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3@PatchGUID Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3@MediaCabinet Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3@File _B2276827675D49C7A0512AB176BF7FE6 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3@ComponentVersion 1.0.1.0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3@ProductVersion 1.0.0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3@PatchSize 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3@PatchAttributes 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3@PatchSequence 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3@SharedComponent 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD5CDC9EE0D87C201DB141B7E3734077\F4D5720ABAFF24A489478B171B4CACD3@IsFullFile 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\Features Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\Features@DefaultFeature uDOmx]qXD^YvOW9ogtzC28IWC}VHRQD.820ydsW=)6=0t4@xt!OMGWOoqI9N Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@LocalPackage C:\WINDOWS\Installer\873460d.msi Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@AuthorizedCDFPrefix Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@Comments Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@Contact InterHop Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@DisplayVersion 1.0.0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@HelpLink Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@HelpTelephone Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@InstallDate 20161101 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@InstallLocation Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@InstallSource C:\Program Files\Ckerdesp\_ALLOWDEL_8726aac\ Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@ModifyPath MsiExec.exe /I{A0275D4F-FFAB-4A42-9874-B871B1C4CA3D} Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@Publisher InterHop Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@Readme Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@Size Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@EstimatedSize 4248 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@UninstallString MsiExec.exe /I{A0275D4F-FFAB-4A42-9874-B871B1C4CA3D} Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@URLInfoAbout Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@URLUpdateInfo Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@VersionMajor 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@VersionMinor 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@WindowsInstaller 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@Version 16777216 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@Language 1033 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\InstallProperties@DisplayName InterHop Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\Patches Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\Patches@AllPatches Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3\Usage Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{e9c80a19-d1c5-4a79-ae08-49477d576a41}@DeviceState 8 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer@EnableShellExecuteHooks 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run@sun21 "C:\Program Files\SunnyDay21\SunnyDay.exe" Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SystemProtectedUserData\S-1-5-21-2147580673-1131091785-3466399999-1001\AnyoneRead\Colors@StartColor -16760423 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SystemProtectedUserData\S-1-5-21-2147580673-1131091785-3466399999-1001\AnyoneRead\Colors@AccentColor -12681774 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\ARP@8 Software\Microsoft\Windows\CurrentVersion\Uninstall?sunnyday_is1?C:\Program Files\sunnyday\uninstaller.exe? Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\ARP@10 Software\Microsoft\Windows\CurrentVersion\Uninstall?SunnyDay21_is1?"C:\Program Files\SunnyDay21\unins000.exe"? Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\ARP@11 Software\Microsoft\Windows\CurrentVersion\Uninstall?{B38781DD-B144-408F-BA11-B057A414F2D7}?"C:\Program Files\Common Files\Fresh-Lax\uninstall.exe" shuz -f "C:\Program Files\Common Files\Fresh-Lax\uninstall.dat" -a uninstallme B38781DD-B144-408F-BA11-B057A414F2D7 DeviceId=41ea57fd-8202-ea92-fbf8-4dc9bf2b1ab5 BarcodeId=51113011 ChannelId=11 DistributerName=APSFTuto4PC? Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameDesire-Pool & Snooker Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameDesire-Pool & Snooker@DisplayName GameDesire-Pool & Snooker Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameDesire-Pool & Snooker@UninstallString C:\Program Files\Ganymede\billiards_uninstall.exe Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameDesire-Pool & Snooker@InstallLocation C:\Program Files\Ganymede Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameDesire-Pool & Snooker@NoModify 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameDesire-Pool & Snooker@NoRepair 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameDesire-Pool & Snooker@sEstimatedSize2 0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameDesire-Pool & Snooker@EstimatedSize 7198 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct@DisplayName Body Text Feathering Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct@Publisher Body Text Feathering Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct@DisplayVersion 1.0.0.0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct@DisplayIcon /fd= Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct@UninstallString C:\Users\dkgod\AppData\Local\03000200-1478044809-0500-0006-000700080009\Uninstall.exe Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@Inno Setup: Setup Version 5.5.4 (a) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@Inno Setup: App Path C:\Program Files\SunnyDay21 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@InstallLocation C:\Program Files\SunnyDay21\ Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@Inno Setup: Icon Group SUNNYDAY Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@Inno Setup: User dkgod Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@Inno Setup: Language en Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@DisplayName SunnyDay Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@UninstallString "C:\Program Files\SunnyDay21\unins000.exe" Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@QuietUninstallString "C:\Program Files\SunnyDay21\unins000.exe" /SILENT Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@Publisher SUNNYDAY Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@URLInfoAbout http://en.sunnyday.com Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@HelpLink http://en.sunnyday.com Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@URLUpdateInfo http://en.sunnyday.com Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@NoModify 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@NoRepair 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@InstallDate 20161101 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1@EstimatedSize 4188 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@Inno Setup: Setup Version 5.5.4 (a) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@Inno Setup: App Path C:\Program Files\sunnyday Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@InstallLocation C:\Program Files\sunnyday\ Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@Inno Setup: Icon Group sunnyday Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@Inno Setup: User dkgod Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@Inno Setup: Language english Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@DisplayName sunnyday version 1.1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@UninstallString C:\Program Files\sunnyday\uninstaller.exe Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@QuietUninstallString "C:\Program Files\sunnyday\unins000.exe" /SILENT Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@DisplayVersion 1.1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@Publisher sunnyday Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@NoModify 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@NoRepair 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@InstallDate 20161101 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@MajorVersion 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@MinorVersion 1 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1@EstimatedSize 690 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Youtube AdBlock@DisplayVersion 2.0.0.66 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0275D4F-FFAB-4A42-9874-B871B1C4CA3D} Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0275D4F-FFAB-4A42-9874-B871B1C4CA3D}@EstimatedSize 3648 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0275D4F-FFAB-4A42-9874-B871B1C4CA3D}@DisplayName InterHop Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B38781DD-B144-408F-BA11-B057A414F2D7} Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B38781DD-B144-408F-BA11-B057A414F2D7}@DisplayName SafeFinder Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B38781DD-B144-408F-BA11-B057A414F2D7}@DisplayIcon C:\Program Files\Common Files\Fresh-Lax\uninstall.ico Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B38781DD-B144-408F-BA11-B057A414F2D7}@DisplayVersion 1.0.0.0 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B38781DD-B144-408F-BA11-B057A414F2D7}@Publisher Linkury Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B38781DD-B144-408F-BA11-B057A414F2D7}@UninstallString "C:\Program Files\Common Files\Fresh-Lax\uninstall.exe" shuz -f "C:\Program Files\Common Files\Fresh-Lax\uninstall.dat" -a uninstallme B38781DD-B144-408F-BA11-B057A414F2D7 DeviceId=41ea57fd-8202-ea92-fbf8-4dc9bf2b1ab5 BarcodeId=51113011 ChannelId=11 DistributerName=APSFTuto4PC Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D37FB707-0BA6-4F76-A2E7-C6F6CD30E2DF} Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D37FB707-0BA6-4F76-A2E7-C6F6CD30E2DF}@UninstallString C:\Program Files\Sacing\anapury.exe 0a9692eb-aeed-4bd2-9d91-5deabe8fc315 "/k={D37FB707-0BA6-4F76-A2E7-C6F6CD30E2DF}" Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D37FB707-0BA6-4F76-A2E7-C6F6CD30E2DF}@DisplayName youndoo - Uninstall Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate@LastTaskOperationHandle 16 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2147580673-1131091785-3466399999-1001@RefCount 2 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures@Update Service for Youtube AdBlock.job.fp -2037709355 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures@Update Service for Youtube AdBlock2.job.fp -1508948218 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F0C74C5-0D14-4D88-BE14-68551496125F} Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84ADA5D8-423F-42CE-ACAC-AFE65B7CD805} Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84ADA5D8-423F-42CE-ACAC-AFE65B7CD805} Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84ADA5D8-423F-42CE-ACAC-AFE65B7CD805}@Path \Update Service for Youtube AdBlock2 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84ADA5D8-423F-42CE-ACAC-AFE65B7CD805}@Hash 0x32 0x8D 0x9E 0xAC ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84ADA5D8-423F-42CE-ACAC-AFE65B7CD805}@Schema 65537 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84ADA5D8-423F-42CE-ACAC-AFE65B7CD805}@Author WORKGROUP\DESKTOP-V1AL9M5$ Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84ADA5D8-423F-42CE-ACAC-AFE65B7CD805}@URI \Update Service for Youtube AdBlock2 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84ADA5D8-423F-42CE-ACAC-AFE65B7CD805}@Triggers 0x17 0x00 0x00 0x00 ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84ADA5D8-423F-42CE-ACAC-AFE65B7CD805}@Actions 0x02 0x00 0x0C 0x00 ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84ADA5D8-423F-42CE-ACAC-AFE65B7CD805}@DynamicInfo 0x03 0x00 0x00 0x00 ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F0C74C5-0D14-4D88-BE14-68551496125F} Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F0C74C5-0D14-4D88-BE14-68551496125F}@Path \Update Service for Youtube AdBlock Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F0C74C5-0D14-4D88-BE14-68551496125F}@Hash 0x7A 0x79 0xE0 0x41 ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F0C74C5-0D14-4D88-BE14-68551496125F}@Schema 65537 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F0C74C5-0D14-4D88-BE14-68551496125F}@Author WORKGROUP\DESKTOP-V1AL9M5$ Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F0C74C5-0D14-4D88-BE14-68551496125F}@URI \Update Service for Youtube AdBlock Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F0C74C5-0D14-4D88-BE14-68551496125F}@Triggers 0x17 0x00 0x00 0x00 ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F0C74C5-0D14-4D88-BE14-68551496125F}@Actions 0x02 0x00 0x0C 0x00 ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F0C74C5-0D14-4D88-BE14-68551496125F}@DynamicInfo 0x03 0x00 0x00 0x00 ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service for Youtube AdBlock@Id {8F0C74C5-0D14-4D88-BE14-68551496125F}? Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service for Youtube AdBlock2@Id {84ADA5D8-423F-42CE-ACAC-AFE65B7CD805}? Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs C:\ProgramData\awna\TransDinair.dll Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@LoadAppInit_DLLs 1 Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlId 14 Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlRetries 1 Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex@NewCrawlNumber 15 Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex@NewClientID 143 Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages@NewStartPageIdentifier 14 Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\5@StartPageIdentifier 13 Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StreamLog@CurrentStreamLog 15 Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gathering Manager\Applications\Windows@CrawlScopeVersion 20 Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{1A536DAF-0000-0000-0000-100000000000} 11072913688 Reg HKLM\SOFTWARE\Classes\CLSID\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}\InprocServer32@ C:\Program Files\Youtube AdBlock\IEEF\suEBOX.dll Reg HKLM\SOFTWARE\Classes\CLSID\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}\LocalServer32@ C:\Program Files\Youtube AdBlock\IEEF\oOvQ_zm.exe Reg HKLM\SOFTWARE\Classes\gd.pool Reg HKLM\SOFTWARE\Classes\gd.pool@ URL: gd.pool Protocol Reg HKLM\SOFTWARE\Classes\gd.pool@URL Protocol Reg HKLM\SOFTWARE\Classes\gd.pool\CLSID Reg HKLM\SOFTWARE\Classes\gd.pool\CLSID@ {4325DAD2-7643-2341-3A43-46547809BEA3} Reg HKLM\SOFTWARE\Classes\gd.pool\DefaultIcon Reg HKLM\SOFTWARE\Classes\gd.pool\DefaultIcon@ C:\Program Files\Ganymede\billiards.exe,0 Reg HKLM\SOFTWARE\Classes\gd.pool\shell Reg HKLM\SOFTWARE\Classes\gd.pool\shell@ open Reg HKLM\SOFTWARE\Classes\gd.pool\shell\open Reg HKLM\SOFTWARE\Classes\gd.pool\shell\open\command Reg HKLM\SOFTWARE\Classes\gd.pool\shell\open\command@ "C:\Program Files\Ganymede\billiards.exe" "%1" Reg HKLM\SOFTWARE\Classes\gd.pool\version Reg HKLM\SOFTWARE\Classes\gd.pool\version@ 1.0.2.8 Reg HKLM\SOFTWARE\Classes\Installer\Features\F4D5720ABAFF24A489478B171B4CACD3 Reg HKLM\SOFTWARE\Classes\Installer\Features\F4D5720ABAFF24A489478B171B4CACD3@DefaultFeature Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3 Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3@ProductName InterHop Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3@PackageCode FBEAFCF9289E8C648AF1747AD3DE1B7B Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3@Language 1033 Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3@Version 16777216 Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3@Assignment 1 Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3@AdvertiseFlags 388 Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3@InstanceType 0 Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3@AuthorizedLUAApp 0 Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3@DeploymentFlags 3 Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3@Clients :? Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList@PackageName InHop.msi Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList@LastUsedSource n;7;C:\Program Files\Ckerdesp\_ALLOWDEL_a982757\ Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList\Media Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList\Media@1 ; Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList\Net Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList\Net@1 C:\Program Files\Ckerdesp\_ALLOWDEL_8726aac\ Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList\Net@2 C:\Program Files\Ckerdesp\_ALLOWDEL_8e06b90\ Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList\Net@3 C:\Program Files\Ckerdesp\_ALLOWDEL_8df2b8e\ Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList\Net@4 C:\Program Files\Ckerdesp\_ALLOWDEL_9b88b42\ Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList\Net@5 C:\Program Files\Ckerdesp\_ALLOWDEL_9bc49d1\ Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList\Net@6 C:\Program Files\Ckerdesp\_ALLOWDEL_a93eb99\ Reg HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3\SourceList\Net@7 C:\Program Files\Ckerdesp\_ALLOWDEL_a982757\ Reg HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\31E1FF0BC1D4EEE42A0677E36FC777FE Reg HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\31E1FF0BC1D4EEE42A0677E36FC777FE@F4D5720ABAFF24A489478B171B4CACD3 Reg HKLM\SOFTWARE\Classes\Interface\{D8CB24E3-DDA3-4B7F-8BA3-871DB7D3D986}@ _ISkBMqLZHy81rM1xNI2lEvents Reg HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}@ ISkBMqLZHy81rM1xNI2l Reg HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}\1.0\0\win32@ C:\Program Files\Youtube AdBlock\IEEF\suEBOX.dll Reg HKLM\SOFTWARE\Classes\TypeLib\{45965C76-4C88-4512-9358-368483E1C3B1}\1.0@ KJISn43ozNoT8qYgIVfIHiCfFJJKl05lcnqe Reg HKLM\SOFTWARE\Classes\TypeLib\{45965C76-4C88-4512-9358-368483E1C3B1}\1.0\0\win32@ C:\Program Files\Youtube AdBlock\IEEF\oOvQ_zm.exe Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsRequestBucketDrainTime 0x33 0xF9 0x75 0xC3 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsLargeRequestBucketDrainTime 0x33 0xF9 0x75 0xC3 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherBandwidthBucketCounter 0 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherRequestBucketCounter 0 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastOtherRequestBucketDrainTime 0x33 0xF9 0x75 0xC3 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalBandwidthBucketCounter 0 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalRequestBucketCounter 0 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastGlobalRequestBucketDrainTime 0x33 0xF9 0x75 0xC3 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@RoamingSyncToken LM%3d63613636873823%3bID%3dFA9AA3CC175DE34F!106%3bLR%3d63613631401930%3bEP%3d13%3bSI%3d80%3bSO%3d0%3bPI%3d49 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastUploadTime 0xFC 0x61 0x10 0x0F ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastDownloadCollectionInterest 0x4F 0x81 0xDB 0x43 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Search\JumplistData@Chrome.UserData.ChromeDefaultData2 0x43 0x38 0x06 0xE0 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData@PendingOperations 2 ---- EOF - GMER 2.2 ----