GMER 2.2.19882 - http://www.gmer.net 3rd party scan 2017-02-12 21:19:53 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000067 Crucial_ rev.MU03 232,89GB Running: gsohw8rm.exe; Driver: C:\Users\Kamil\AppData\Local\Temp\pgddqpoc.sys ---- Kernel code sections - GMER 2.2 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff8000320a000 45 bytes [00, 00, 15, 02, 46, 69, 6C, ...] INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff8000320a02f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...] ---- User code sections - GMER 2.2 ---- .text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2052] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 0000000077b1000c 1 byte [C3] .text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2052] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 0000000077b9f8ea 5 bytes JMP 0000000077b4d5c1 ? C:\Windows\system32\mssprxy.dll [4828] entry point in ".rdata" section 0000000074af71e6 .text C:\Users\Kamil\Desktop\gsohw8rm.exe[4828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077ad1465 2 bytes [AD, 77] .text C:\Users\Kamil\Desktop\gsohw8rm.exe[4828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077ad14bb 2 bytes [AD, 77] .text ... * 2 ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations C:\Users\Kamil\AppData\Local\Temp\_iu14D2N.tmp(2017-02-12 20:01:48) Reg HKLM\SYSTEM\CurrentControlSet\services\AdobeARMservice@ImagePath C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service/CA - G2 SIGNED)(2016-12-19 21:38:14) Reg HKLM\SYSTEM\CurrentControlSet\services\AdobeFlashPlayerUpdateSvc@ImagePath C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Flash Player Update Service 24.0 r0/CA - G2 SIGNED)(2016-07-11 12:11:08) Reg HKLM\SYSTEM\CurrentControlSet\services\eeCtrl@ImagePath C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Eraser Control Driver/Symantec Corporation SIGNED)(2016-08-16 13:41:37) Reg HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\IntelDalJhi@EventMessageFile C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Dynamic Application Loader Host Interface/Intel Corporation SIGNED)(2015-07-10 21:40:08) Reg HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\LMS@CategoryMessageFile C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Local Management Service/Intel Corporation SIGNED)(2015-07-10 21:38:00) Reg HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\MEProv@CategoryMessageFile C:\PROGRA~2\Intel\INTEL(~1\MEWMIP~1\MEProv.dll (Intel(R) Management Engine Provider Dynamic Link Library/Intel Corporation SIGNED)(2015-07-10 21:31:14) Reg HKLM\SYSTEM\CurrentControlSet\services\gadjservice@ImagePath C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe(2015-04-14 13:27:32) Reg HKLM\SYSTEM\CurrentControlSet\services\gdrv@ImagePath C:\Windows\gdrv.sys (GIGABYTE Tools/Windows (R) Server 2003 DDK provider SIGNED)(2016-07-11 12:13:55) Reg HKLM\SYSTEM\CurrentControlSet\services\gupdate@ImagePath C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Installer/Google Inc. SIGNED)(2016-10-23 21:23:11) Reg HKLM\SYSTEM\CurrentControlSet\services\IAStorDataMgrSvc@ImagePath C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (IAStorDataSvc/Intel Corporation SIGNED)(2015-06-23 14:00:06) Reg HKLM\SYSTEM\CurrentControlSet\services\Intel(R) Capability Licensing Service TCP IP Interface@ImagePath C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Capability Licensing Service TCP IP Interface/Intel(R) Corporation SIGNED)(2015-05-21 23:24:00) Reg HKLM\SYSTEM\CurrentControlSet\services\jhi_service@ImagePath C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Dynamic Application Loader Host Interface/Intel Corporation SIGNED)(2015-07-10 21:40:08) Reg HKLM\SYSTEM\CurrentControlSet\services\LMS@ImagePath C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Local Management Service/Intel Corporation SIGNED)(2015-07-10 21:38:00) Reg HKLM\SYSTEM\CurrentControlSet\services\MozillaMaintenance@ImagePath C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation SIGNED)(2016-10-22 17:20:00) Reg HKLM\SYSTEM\CurrentControlSet\services\Revoflt@ImagePath C:\Windows\system32\DRIVERS\revoflt.sys (Revo Uninstaller Minifilter/VS Revo Group SIGNED)(2016-08-05 21:05:18) Reg HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}@StubPath C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe (Google Chrome Installer/Google Inc. SIGNED)(2017-02-06 23:37:37) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AcroRd32.exe@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Acrobat Reader DC /CA - G2 SIGNED)(2017-01-17 23:07:44) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe@ C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc. SIGNED)(2016-10-23 21:25:19) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\firefox.exe@ C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation SIGNED)(2017-01-04 22:28:02) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\javaws.exe@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaws.exe (Java(TM) Web Start Launcher/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\opera.exe@ C:\Program Files\Opera\Launcher.exe (Opera Internet Browser/Opera Software SIGNED)(2016-12-13 14:47:27) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\RevoUninPro.exe@ C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (Revo Uninstaller Pro/VS Revo Group SIGNED)(2016-08-05 21:05:18) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe@ C:\Program Files\WinRAR\WinRAR.exe (Archiwizer WinRAR/Alexander Roshal SIGNED)(2016-08-05 11:01:17) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\CDBurnerXP@DefaultIcon C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (CDBurnerXP/Canneverbe Limited SIGNED)(2016-07-11 12:35:11) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver@UninstallString C:\Program Files\WinRAR\uninstall.exe (Dezinstalator WinRARa/Alexander Roshal SIGNED)(2016-08-05 11:01:17) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver@DisplayIcon C:\Program Files\WinRAR\WinRAR.exe (Archiwizer WinRAR/Alexander Roshal SIGNED)(2016-08-05 11:01:17) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1CEAC85D-2590-4760-800F-8DE5E91F3700}@DisplayName_Localized C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Lang\Resource.dll (Intel(R) Installer Resource File/Intel(R) Corporation)(2015-07-10 21:41:56) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1CEAC85D-2590-4760-800F-8DE5E91F3700}@UninstallString C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe (Intel(R) Management Engine Components installer/Intel Corporation)(2016-07-11 17:22:26) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}@DisplayName_Localized C:\Program Files\Intel\Intel(R) Rapid Storage Technology\Lang\Resource.dll(2015-06-23 14:00:34) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}@UninstallString C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe (Intel(R) Rapid Storage Technology installer/Intel Corporation)(2016-07-11 17:26:45) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}@DisplayIcon C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (IAStorUI/Intel Corporation SIGNED)(2015-06-23 14:00:08) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1@DisplayIcon C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (Revo Uninstaller Pro/VS Revo Group SIGNED)(2016-08-05 21:05:18) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1@UninstallString C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe(2016-11-06 08:50:58) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}@UninstallString C:\Program Files (x86)\Samsung\USB Drivers\Uninstall.exe (SAMSUNG USB Drivers for Mobile Phones(x64)/Devguru Co., Ltd)(2016-11-30 19:14:52) Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility\ATs\Oracle_JavaAccessBridge@StartExe C:\Program Files (x86)\Java\jre1.8.0_101\bin\jabswitch.exe (Java(TM) Platform SE binary/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant@ExecutablesToExclude c:\program files (x86)\nortoninstaller\{397e31aa-0d78-4649-a01c-339d73a2ed35}\nss\licensetype\4.3.1.3\inststub.exe (Norton Security Scan/Symantec Corporation SIGNED)(2016-08-16 13:20:12) Reg HKLM\SOFTWARE\Classes\acrobat\shell\open\command@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Acrobat Reader DC /CA - G2 SIGNED)(2017-01-17 23:07:44) Reg HKLM\SOFTWARE\Classes\Applications\opera.exe\shell\open\command@ C:\Program Files\Opera\Launcher.exe (Opera Internet Browser/Opera Software SIGNED)(2016-12-13 14:47:27) Reg HKLM\SOFTWARE\Classes\axp-file\Shell\Open\Command@ C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (CDBurnerXP/Canneverbe Limited SIGNED)(2016-07-11 12:35:11) Reg HKLM\SOFTWARE\Classes\ChromeHTML\shell\open\command@ C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc. SIGNED)(2016-10-23 21:25:19) Reg HKLM\SOFTWARE\Classes\CLSID\{00C69F81-0524-48C0-A353-4DD9D54F9A6E}\InprocServer32@ C:\Program Files\Intel\Media SDK\mfx_mft_mjpgvd_w7_64.dll (Intel Hardware M-JPEG Decoder MFT/Intel Corporation)(2016-07-11 17:23:38) Reg HKLM\SOFTWARE\Classes\CLSID\{22D15128-88AF-4CC2-814D-60E5D5B98878}\InProcServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\psmachine_64.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\CLSID\{231ABBC3-1706-4F20-864F-3F73396BA586}\InprocServer32@ C:\Program Files (x86)\Common Files\Reallusion\Shared\RLVnsThumb64.dll (Thumbnail Extractor/Reallusion Inc. SIGNED)(2016-10-24 07:20:52) Reg HKLM\SOFTWARE\Classes\CLSID\{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7}\InprocServer32@ C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll (Revo Uninstaller Pro Extension/VS Revo Group SIGNED)(2016-08-05 21:05:18) Reg HKLM\SOFTWARE\Classes\CLSID\{495617A4-8B01-4716-96FB-288E6E7A2EF4}\InprocHandler32@ C:\Program Files (x86)\Google\Update\1.3.32.7\psmachine_64.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA}\InProcServer32@ C:\Program Files\WinRAR\rarext.dll (Rozszerzenie powoki/Alexander Roshal SIGNED)(2016-08-05 11:01:17) Reg HKLM\SOFTWARE\Classes\CLSID\{CA8A9780-280D-11CF-A24D-444553540000}\InprocServer32@ C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF64.dll (PDF Browser Control/CA - G2 SIGNED)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\CLSID\{E342F0FE-FF1C-4c41-BE37-A0271FC90396}@LocalizedString C:\Program Files\Intel\Intel(R) Rapid Storage Technology\Lang\resource.dll(2015-06-23 14:00:34) Reg HKLM\SOFTWARE\Classes\CLSID\{E342F0FE-FF1C-4c41-BE37-A0271FC90396}\Shell\Open\Command@ C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (IAStorUI/Intel Corporation SIGNED)(2015-06-23 14:00:08) Reg HKLM\SOFTWARE\Classes\CLSID\{F0B4F6AD-5E09-4CB1-B763-EC390CBDE51D}\InprocServer32@ C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDFImpl64.dll (PDF Browser Control/CA - G2 SIGNED)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\CLSID\{FB562550-BBE6-4298-861A-5C0A6562C272}\Shell\Open\command@ C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (Revo Uninstaller Pro/VS Revo Group SIGNED)(2016-08-05 21:05:18) Reg HKLM\SOFTWARE\Classes\dxp-file\Shell\Open\Command@ C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (CDBurnerXP/Canneverbe Limited SIGNED)(2016-07-11 12:35:11) Reg HKLM\SOFTWARE\Classes\FirefoxHTML\shell\open\command@ C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation SIGNED)(2017-01-04 22:28:02) Reg HKLM\SOFTWARE\Classes\ftp\shell\open\command@ C:\Program Files\Opera\launcher.exe (Opera Internet Browser/Opera Software SIGNED)(2016-12-13 14:47:27) Reg HKLM\SOFTWARE\Classes\Installer\Products\1038C85769625584FA5435B4210089A0@ProductIcon C:\Windows\Installer\{758C8301-2696-4855-AF45-534B1200980A}\ARPPRODUCTICON.exe (InstallShield/Acresso Software Inc.)(2016-11-30 19:05:05) Reg HKLM\SOFTWARE\Classes\Installer\Products\4EA42A62D9304AC4784BF2238110100F@ProductIcon C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaws.exe (Java(TM) Web Start Launcher/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\Installer\Products\67274D3F53E0FC246A774B158174E012@ProductIcon C:\Windows\Installer\{F3D47276-0E35-42CF-A677-B45118470E21}\ARPPRODUCTICON.exe (InstallShield/Flexera Software, Inc. SIGNED)(2016-07-11 12:33:16) Reg HKLM\SOFTWARE\Classes\Installer\Products\68AB67CA7DA75401B744CAF070E41400@ProductIcon C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}\SC_Reader.ico (InstallShield/Flexera Software LLC)(2016-08-01 06:55:35) Reg HKLM\SOFTWARE\Classes\jarfile\shell\open\command@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaw.exe (Java(TM) Platform SE binary/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\jnlp\Shell\Open\Command@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2launcher.exe (Java(TM) Web Launcher/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\JNLPFile\Shell\Open\Command@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaws.exe (Java(TM) Web Start Launcher/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\jnlps\Shell\Open\Command@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2launcher.exe (Java(TM) Web Launcher/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\OperaStable\shell\open\command@ C:\Program Files\Opera\Launcher.exe (Opera Internet Browser/Opera Software SIGNED)(2016-12-13 14:47:27) Reg HKLM\SOFTWARE\Classes\PDXFileType\shell\Read\command@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Acrobat Reader DC /CA - G2 SIGNED)(2017-01-17 23:07:44) Reg HKLM\SOFTWARE\Classes\RevoUninstallerPro.ruel\shell\open\command@ C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (Revo Uninstaller Pro/VS Revo Group SIGNED)(2016-08-05 21:05:18) Reg HKLM\SOFTWARE\Classes\SOFTWARE\Adobe\Acrobat\Exe@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Acrobat Reader DC /CA - G2 SIGNED)(2017-01-17 23:07:44) Reg HKLM\SOFTWARE\Classes\WinRAR\shell\open\command@ C:\Program Files\WinRAR\WinRAR.exe (Archiwizer WinRAR/Alexander Roshal SIGNED)(2016-08-05 11:01:17) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{00C69F81-0524-48C0-A353-4DD9D54F9A6E}\InprocServer32@ C:\Program Files\Intel\Media SDK\mfx_mft_mjpgvd_w7_32.dll (Intel Hardware M-JPEG Decoder MFT/Intel Corporation)(2016-07-11 17:23:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{0103A448-2934-4B3D-A54E-FED761D472E0}\LocalServer32@ C:\Windows\SysWOW64\Adobe\Shockwave 12\SwHelper_1225195.exe (Shockwave Helper/CA - G2 SIGNED)(2016-09-20 15:31:32) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{03C4C5F4-1893-444C-B8D8-002F0034DA92}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{051CAC4C-67FC-4c03-A16C-518E7D00C491}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DevFileService.dll (DevFileService.dll/Samsung Electronics Co., Ltd.)(2013-04-23 12:43:16) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{071CCC92-7576-40c9-BE17-99440B10FA04}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DCAKOREAMITSOBEX.dll (DCAMITSOBEX.dll/Mobileleader Co., Ltd.)(2013-04-23 12:40:50) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{0D68D6D0-D93D-4D08-A30D-F00DD1F45B24}\InProcServer32@ C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll (Mozilla Foundation SIGNED)(2017-01-04 22:28:02) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{102C6E30-5702-48C1-A492-A3F3EFB1958C}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{11E2BC0C-5D4F-4E0C-B438-501FFE05A382}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{12BA069D-0FC6-4577-97C6-5DF634CE6E84}\InProcServer32@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ViewerPS.dll (Acrobat Viewer ProxyStub Library/CA SIGNED)(2015-03-16 23:34:12) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\InprocServer32@ C:\Windows\SysWow64\Adobe\Director\SwDir_1225195.dll (Shockwave ActiveX Control/CA - G2 SIGNED)(2016-09-20 15:31:32) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{16741A21-280D-481A-BC57-F05E82C2A0F9}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{17F2E344-8227-4AA7-A25A-E89424566BBA}\InProcServer32@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroBroker.exe (Adobe PDF Broker Process for Internet Explorer/CA - G2 SIGNED)(2016-12-23 18:10:54) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{1CC87FE2-1ADE-451b-8F37-B2101238051B}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\THNRProghelp.dll(2013-04-18 18:09:18) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{1E5E3435-8F73-417E-A57D-293A0A3AFC94}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{1ED954DE-6B99-41D6-BEAC-93ECA3313BB6}\InprocServer32@ C:\PROGRA~2\Gigabyte\APPCEN~1\drvUpd\DLLS\CheckVer.ocx(2013-05-07 10:02:34) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3CB77D-D339-49e0-B8E4-FECD6D6F8CB8}\LocalServer32@ C:\Windows\SysWOW64\Adobe\Shockwave 12\SwHelper_1225195.exe (Shockwave Helper/CA - G2 SIGNED)(2016-09-20 15:31:32) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{22D15128-88AF-4CC2-814D-60E5D5B98878}\InProcServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\psmachine.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{231ABBC3-1706-4F20-864F-3F73396BA586}\InprocServer32@ C:\Program Files (x86)\Common Files\Reallusion\Shared\RLVnsThumb32.dll (Thumbnail Extractor/Reallusion Inc. SIGNED)(2016-10-24 07:20:52) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32@ C:\Windows\SysWow64\Adobe\Director\SwDir_1225195.dll (Shockwave ActiveX Control/CA - G2 SIGNED)(2016-09-20 15:31:32) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{24BF165B-74C3-4300-905D-0CA8B3841A99}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceServiceModelDB.dll (DeviceServiceModelDB.dll/Mobileleader Co., Ltd.)(2013-04-23 12:35:22) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{24DA047B-40C0-4018-841B-6B7409F730FC}\InprocServer32@ C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll (PDF Browser Control/CA - G2 SIGNED)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{25461599-633D-42B1-84FB-7CD68D026E53}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{279FC349-BE61-4B45-A78A-A31662912AED}\LocalServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\ConnectionManager.exe (DeviceServiceConnectionManager.exe/Mobileleader Co., Ltd.)(2013-04-23 12:36:02) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{28310B1B-B757-4b87-9AFA-8E5FAF126156}\LocalServer32@ C:\Windows\SysWOW64\Adobe\Director\SwDnld.exe (Shockwave Download Module/CA - G2 SIGNED)(2016-09-20 15:31:32) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{28DF9B49-991B-431C-ACA5-0FF4FADFF15F}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{29AB7A12-B531-450E-8F7A-EA94C2F3C05F}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{2B9B4D10-C5B2-48CB-B34E-4ACF65BAD21F}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\MediaModules\MACSReaderAVI.ax(2013-04-18 18:08:28) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{35E2000E-81EA-45DC-BC98-7BA59579AE45}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{37587889-FC28-4507-B6D3-8557305F7511}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{3B621B62-9EF3-46C0-A856-B620F0A36056}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{424ED16B-4897-47AA-8364-64CE11DFA19C}\InprocServer32@ C:\Program Files (x86)\Gigabyte\AppCenter\drvUpd\DLLS\DriverCDHtml.ocx(2015-12-09 15:31:58) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{4299124F-F2C3-41b4-9C73-9236B2AD0E8F}@InfoTip C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe (Java Control Panel/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{476BD53C-B716-40E4-A4AE-E4B90A176047}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\TransModules\TG_Dump0708.DLL (SelfMusicVideo Dump Filter (DShow)/ENJsoft Corporation)(2013-04-18 18:07:58) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{495617A4-8B01-4716-96FB-288E6E7A2EF4}\InprocHandler32@ C:\Program Files (x86)\Google\Update\1.3.32.7\psmachine.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{497954AD-41D0-47be-9736-23ECB872E3ED}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\THNRProghelp.dll(2013-04-18 18:09:18) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{4A5E947E-C407-4DCC-A0B5-5658E457153B}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{4B9FAB2D-BFD6-41AB-AC98-C9A3F0960277}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{4DB2E429-B905-479A-9EFF-F7CBD9FD52DE}\InprocServer32@ C:\Windows\SysWow64\Adobe\Director\SwDir_1225195.dll (Shockwave ActiveX Control/CA - G2 SIGNED)(2016-09-20 15:31:32) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{4EE12AA6-A781-490F-96DA-783969C58A1A}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{4FD5C4D3-6C15-4EA0-9EB9-EEE8FC74A91B}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{51F4EC6B-68D6-4D56-90F9-B8D72421F5DE}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\InprocServer32@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\wsdetect.dll (Java Web Start ActiveX Control/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{598FE0E5-E02D-465D-9A9D-37974A28FD42}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.32.7\goopdate.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{598FE0E5-E02D-465D-9A9D-37974A28FD42}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{5AAABB05-F91B-4bce-AB18-D8319DEDABA8}\InprocServer32@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\adoberfp.dll (Adobe Reader File Preview/CA - G2 SIGNED)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{5B46078B-A2AD-4B31-889A-96038DBF03E1}\LocalServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\ConnectionManager.exe (DeviceServiceConnectionManager.exe/Mobileleader Co., Ltd.)(2013-04-23 12:36:02) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{5C7AED05-A231-4ef8-92B9-1172BE5BE54A}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{620D55B0-F2FB-464E-A278-B4308DB1DB2B}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{64417EAE-2E0E-45E8-A8C1-03284E3D3587}\LocalServer32@ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Local Management Service/Intel Corporation SIGNED)(2015-07-10 21:38:00) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{665DD69A-A75D-47EC-A64F-DDD7B0CD0C9D}@LocalizedString C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\CDBurnCOM.dll (TODO: <(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}\InProcServer32@ C:\Program Files (x86)\Samsung\Kies\External\SyncModules\secman.dll (Security Manager Component for Microsoft Outlook allows to turn off and on Outlook Object Model Security Guard/MAPILab Ltd. & Add-in Express Ltd. SIGNED)(2013-04-18 18:08:14) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{66F666FD-2D15-47F6-A991-D449F23EC837}\LocalServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\ConnectionManager.exe (DeviceServiceConnectionManager.exe/Mobileleader Co., Ltd.)(2013-04-23 12:36:02) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{671B6145-4169-4ADD-9AF3-E6990EB2B325}\InProcServer32@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\adoberfp.dll (Adobe Reader File Preview/CA - G2 SIGNED)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{68E2A88C-EB6B-42BE-8979-9789B573CD1C}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{69BD3561-799D-4d60-AB1A-E072918DA0E9}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DCAKOREAMITSOBEX.dll (DCAMITSOBEX.dll/Mobileleader Co., Ltd.)(2013-04-23 12:40:50) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{6A2C81B3-F15C-48B3-A6D2-E54AAAA75C1E}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\RASWraper.dll (TODO: <(2013-04-18 18:09:18) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.32.7\goopdate.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateBroker.exe (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{7169A231-64EC-4702-98AB-05ABB6D882A9}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{73C0325A-D3BF-48AF-9F37-1589CC58E788}\InprocServer32@ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\MEWMIProv\MEProv.dll (Intel(R) Management Engine Provider Dynamic Link Library/Intel Corporation SIGNED)(2015-07-10 21:31:14) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{741BEEFD-AEC0-4AFF-84AF-4F61D15F5526}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{74A13FDD-9BCF-4229-9CAB-0079A5E17A25}\InprocServer32@ C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDFImpl.dll (PDF Browser Control/CA - G2 SIGNED)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll (Java(TM) Platform SE binary/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{7650BC47-036D-4d5b-95B4-9D622C8D00A4}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DCAPARAGONGM.dll (TODO: <(2013-04-23 12:38:30) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{7A1A13F5-B96B-492A-B591-D7526E0B3013}\LocalServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceManager.exe (DeviceManager.exe/Mobileleader Co., Ltd.)(2013-04-23 12:36:54) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{7A41359E-0407-470F-B3F7-7C6A0F7C449A}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{7B161487-0489-47AD-89B7-CE8838D6C8DA}\InprocServer32@ C:\PROGRA~2\Gigabyte\APPCEN~1\drvUpd\DLLS\CheckVer.ocx(2013-05-07 10:02:34) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{7C4A630A-DE98-4E3E-8093-E8F5E159BB72}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{7CABC14E-7C51-4AAA-AE3F-CFEB42D5016A}\LocalServer32@ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Local Management Service/Intel Corporation SIGNED)(2015-07-10 21:38:00) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{7DE94008-8AFD-4C70-9728-C6FBFFF6A73E}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateBroker.exe (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{7ED1E9B1-CB57-4FA0-84E8-FAE653FE8E6B}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{80C25488-192B-4DE2-8150-5B2D2A2F835E}\LocalServer32@ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Local Management Service/Intel Corporation SIGNED)(2015-07-10 21:38:00) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{80E026F0-CE90-4F15-986A-45317268AB5A}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\SyncModules\secman.dll (Security Manager Component for Microsoft Outlook allows to turn off and on Outlook Object Model Security Guard/MAPILab Ltd. & Add-in Express Ltd. SIGNED)(2013-04-18 18:08:14) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{8540DDC1-0F1A-475A-8620-C686D92164A7}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DCADU.dll (DCADU.dll/Mobileleader Co., Ltd.)(2013-04-23 12:37:08) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{86768E57-3BA7-4E97-856C-8189BF3BD05E}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{89070F16-AA76-4D4C-9C13-05DF179F3213}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceServiceModelDB.dll (DeviceServiceModelDB.dll/Mobileleader Co., Ltd.)(2013-04-23 12:35:22) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{8A1D4361-2C08-4700-A351-3EAA9CBFF5E4}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.32.7\goopdate.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{8A1D4361-2C08-4700-A351-3EAA9CBFF5E4}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateBroker.exe (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2iexp.dll(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{8BAB0EAF-2B56-4063-B8F3-F89DE6B8E479}\InprocServer32@ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\IntelWebAPIIPTActiveX.dll (Intel web components for Intel Identity Protection Technology/Intel Corporation SIGNED)(2015-04-21 00:55:26) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{8FC178E0-CE18-40BC-8249-3E2D81FEDC3A}\InProcServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\RASWraper.dll (TODO: <(2013-04-18 18:09:18) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{953480DB-B2B8-4784-95E0-5545B9725176}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DCAPARAGONOBEX.dll (DCAPARAGONOBEX.dll/Mobileleader Co., Ltd.)(2013-04-23 12:39:32) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{960C8D55-B073-4561-8F39-5A2BDFCAB66D}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\BackupRestoreLib.dll (TODO: /TODO: )(2013-04-18 18:09:22) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{996C8DFD-8CE6-43B2-9414-CB6132485363}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{9B2340A0-4068-43D6-B404-32E27217859D}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.32.7\goopdate.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{9B2340A0-4068-43D6-B404-32E27217859D}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\psmachine.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{9E1DFDCF-6AEF-4166-A5D7-82D6F47BD7A8}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\SyncModules\nktwab.dll(2013-04-18 18:08:14) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{9F138B79-513C-41F5-A17C-F827FC1A3AAD}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DCAPARAGONOBEX.dll (DCAPARAGONOBEX.dll/Mobileleader Co., Ltd.)(2013-04-23 12:39:32) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A4988A6F-EC43-452A-8839-80494FB2CBD2}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\MediaModules\NEDFilter4Samsung.ax (MACSReaderMP3 Filter/L544 Technology)(2013-04-18 18:08:26) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A6931B16-90FA-4D69-A49F-3ABFA2C04060}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A80BD82B-4346-46C7-81E2-E1105F97AD0F}\InprocServer32@ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\IntelWebAPIUpdaterActiveX.dll (Intel web components updater - Installs and updates the Intel web components/Intel Corporation SIGNED)(2015-04-21 00:55:28) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateBroker.exe (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{ABC01078-F197-4B0B-ADBC-CFE684B39C82}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{ACA03330-73A1-4D65-BBAC-98A2A98669AB}\InprocServer32@ C:\Program Files (x86)\Gigabyte\AppCenter\drvUpd\DLLS\DriverCDHtml.ocx(2015-12-09 15:31:58) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{AE860CE7-C15E-4B9C-BA5B-2EB38369E4AF}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{AFD2E3DB-4E5D-47DA-967E-F289D1B2C488}\LocalServer32@ C:\PROGRA~1\VSREVO~1\REVOUN~1\ruplp.exe (Licence Protector COM EXE/Mirage Systems SIGNED)(2016-08-05 21:05:18) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{B18F879A-A925-4F25-9520-46B1CC6FAA69}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{B3D28DBD-0DFA-40E4-8071-520767BADC7E}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.32.7\goopdate.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{B3D28DBD-0DFA-40E4-8071-520767BADC7E}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}\InProcServer32@ C:\Program Files\WinRAR\rarext32.dll (Rozszerzenie powoki/Alexander Roshal SIGNED)(2016-08-05 11:01:17) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{B756C224-A1EA-44F8-95C1-9F726040C800}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{B797DA02-13CA-4b94-BC71-04938CD275CE}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DCAPARAGONATOBEX.dll (TODO: <(2013-04-23 12:37:52) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{B7A43D07-BAEF-49d0-946F-58CF6CB22714}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceServiceCore.dll (DeviceServiceCore.dll/Mobileleader Co., Ltd.)(2013-04-23 12:35:22) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{B801CA65-A1FC-11D0-85AD-444553540000}\LocalServer32@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Acrobat Reader DC /CA - G2 SIGNED)(2017-01-17 23:07:44) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{B89A1D42-E640-4CDC-9C06-FCF8AE041AA7}\LocalServer32@ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Local Management Service/Intel Corporation SIGNED)(2015-07-10 21:38:00) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{BD57A9B2-4E7D-4892-9107-9F4106472DA4}\LocalServer32@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroBroker.exe (Adobe PDF Broker Process for Internet Explorer/CA - G2 SIGNED)(2016-12-23 18:10:54) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{BDE0D630-7801-47cd-984E-1F0AFBC5ACBF}\InprocServer32@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\adoberfp.dll (Adobe Reader File Preview/CA - G2 SIGNED)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{C300AD88-85D7-4716-9FE2-A76E83D1BB05}\LocalServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceManager.exe (DeviceManager.exe/Mobileleader Co., Ltd.)(2013-04-23 12:36:54) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{C3CBD658-4406-43D0-ACE3-EFC01AEDF63F}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{C3FD36E4-95FE-45FE-98CF-89925EE287B1}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceSearch.dll (TODO: <(2013-04-23 12:39:54) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32@ C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Update/Google Inc. SIGNED)(2016-12-16 23:29:43) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\InprocServer32@ C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Accessibility.api (Adobe Acrobat Accessibility Plug-in/Adobe Systems Incorporated)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{C5AA36A1-8BD1-47E0-90F8-47E7239C6EA1}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{C773CF25-3487-484A-A839-29606137F191}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{CA8A9780-280D-11CF-A24D-444553540000}\InprocServer32@ C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll (PDF Browser Control/CA - G2 SIGNED)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2iexp.dll(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}\InProcServer32@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\deployJava1.dll (Java(TM) Platform SE binary/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\InprocServer32@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2iexp.dll(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{D21ED08F-6B88-45EC-A71C-6BD453B561D0}\LocalServer32@ C:\Windows\SysWOW64\Adobe\Director\SwDnld.exe (Shockwave Download Module/CA - G2 SIGNED)(2016-09-20 15:31:32) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{D46BA7B2-899F-4F60-85C7-4DF5713F6F18}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{D98A47E4-436F-41fc-8F1E-DA48F42BEEA7}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\PRPlayerCore.dll(2013-04-18 18:09:28) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{DAAA9C6F-5FD5-4204-B1E9-BE0C95CA217C}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll (UPnP SDK Device Host Kies Device/Windows (R) Codename Longhorn DDK provider)(2013-04-23 12:43:30) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll (Java(TM) Platform SE binary/Oracle Corporation SIGNED)(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{DC6EFB56-9CFA-464D-8880-44885D7DC193}@DisplayName C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\pdfprevhndlr.dll (Adobe PDF Preview Handler/CA SIGNED)(2015-03-16 23:34:10) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{DE9B465F-0405-41B9-8C20-B6F0CACCC713}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{E0241B79-AB3A-49D8-9691-2CF3D6D863B0}\LocalServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceDataService.exe (DeviceDataService.exe/Mobileleader Co., Ltd.)(2013-04-23 12:38:58) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{E0EEE430-80D8-42D7-8D83-F046AECD7536}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{E0F7FDF8-31BA-4AA8-8C0C-979CE8CC84D5}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\MediaModules\MP3FileInfoCOM.dll (TODO: /TODO: )(2013-04-18 18:08:26) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{E16E184E-B171-46A7-9548-50E24941E0D7}\LocalServer32@ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Local Management Service/Intel Corporation SIGNED)(2015-07-10 21:38:00) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32@ C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2iexp.dll(2016-07-24 12:33:38) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{ED323630-B4FD-4628-BC6A-D4CC44AE3F00}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{EDA751A6-3A6C-4659-957D-F1840C61ABD7}\LocalServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceManager.exe (DeviceManager.exe/Mobileleader Co., Ltd.)(2013-04-23 12:36:54) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{EE11F93E-0291-4FEB-9099-00E9DB469C79}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceSearch.dll (TODO: <(2013-04-23 12:39:54) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{EE5A151A-AD2A-4CEE-AD65-228B59F5B4AD}\InProcServer32@ C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll (PDF Browser Control/CA - G2 SIGNED)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{EF97DB54-237A-46C3-8E3C-CEA6011E7741}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\smdecryption.dll (TODO: /TODO: )(2013-04-18 18:09:28) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{F0B4F6AD-5E09-4CB1-B763-EC390CBDE51D}\InprocServer32@ C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDFImpl.dll (PDF Browser Control/CA - G2 SIGNED)(2016-12-23 18:10:56) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{F46D3404-B87E-4C54-8049-8D9A1616D02C}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\MediaModules\AStoreMarshal.dll (TODO: <(2013-04-18 18:08:26) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{F493E9A8-971B-4CC0-AAAB-61BE2B885E7A}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\MediaModules\OGGFileInfoCOM.dll (TODO: /TODO: )(2013-04-18 18:08:28) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{F750BC9F-72CE-45C6-9D1F-BFEFB0765918}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\StarburnX12.dll (StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/Rocket Division Software)(2013-04-18 18:09:20) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{F9D1D49D-D6A6-4C0F-ADF1-70CE4AB94DDB}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DCAWM.dll (DCAWM.dll/Mobileleader Co., Ltd.)(2013-04-23 12:38:18) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FA1F00CD-4445-401B-ADDF-FA4126EAA7C2}\LocalServer32@ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Local Management Service/Intel Corporation SIGNED)(2015-07-10 21:38:00) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FA2CBAFB-F7B1-4F41-9B7A-73329A6C1CB7}\InprocServer32@ C:\Windows\SysWOW64\Redemption.dll (Outlook Redemption COM library/Dmitry Streblechenko)(2016-08-18 13:39:48) Reg HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FF910147-AB29-4D05-BF8E-1A4F36C7DBD6}\InprocServer32@ C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceCommunication.dll (DeviceCommunication.dll/Mobileleader Co., Ltd.)(2013-04-23 12:36:16) Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.00213400\OpenWithList@a C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation SIGNED)(2017-01-04 22:28:02) Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (KiesPDLR/Samsung)(2013-04-23 12:48:20) ---- EOF - GMER 2.2 ----