Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

For RKinner


  • Please log in to reply

#16
zac1

zac1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron jrt.exe log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Windows 7 Home Premium x64
Ran by andrew on 08/09/2013 at 20:54:31.60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\speedypc software
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\speedypc software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\driverscanner_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\driverscanner_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\toolbar_vit_sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\toolbar_vit_sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{cd95d125-2992-4858-b3ef-5f6fb52fbad6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{23303B5B-C540-4BE4-83F1-8C0DC4FACEBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{34ECC055-9CF7-8E3C-6BFC-788B9E43D4E9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{ABA3D263-6AB2-4530-B983-62D8D153B360}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\wise care 365.job"
Successfully deleted: [File] "C:\Users\andrew\appdata\local\funmoods-speeddial.crx"
Successfully deleted: [File] "C:\Users\andrew\appdata\local\mysearchdial_speedial_v9.0.2.crx"
Successfully deleted: [File] C:\Windows\syswow64\sho87A5.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9DC4.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\ProgramData\systweak"
Successfully deleted: [Folder] "C:\Users\andrew\AppData\Roaming\baidu"
Successfully deleted: [Folder] "C:\Users\andrew\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\andrew\AppData\Roaming\mysearchdial"
Successfully deleted: [Folder] "C:\Users\andrew\AppData\Roaming\pc cleaners"
Successfully deleted: [Folder] "C:\Users\andrew\AppData\Roaming\pcpro"
Successfully deleted: [Folder] "C:\Users\andrew\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\andrew\appdata\local\blekkotb_031"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\mysearchdial"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\speedmaxpc"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\andrew\appdata\local\{3983260C-7C63-4D73-ACE0-3BA8A402B5D7}
Successfully deleted: [Empty Folder] C:\Users\andrew\appdata\local\{5CDE1C03-381D-4A8E-9931-75AD9AEF0024}
Successfully deleted: [Empty Folder] C:\Users\andrew\appdata\local\{7F85407C-C02E-4CD4-B082-1B128600D997}
Successfully deleted: [Empty Folder] C:\Users\andrew\appdata\local\{899D16EF-9ACE-4C07-B2D8-C9EE458E0286}
Successfully deleted: [Empty Folder] C:\Users\andrew\appdata\local\{9CFD3332-1A1A-44EF-8953-E0F0176E054C}
Successfully deleted: [Empty Folder] C:\Users\andrew\appdata\local\{C86DFA3B-13C0-423E-A228-1535BB032B4B}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/09/2013 at 21:12:55.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

Advertisements


#17
zac1

zac1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
aswmbr.exe3м |ؾ |  Ph ~ | V UFF AU]rUu  tFf`~ t&fh fvh h |h h BV  |V vNnfasNu ~  U2V ]랁>}Uunv ud `| du f#u;fTCPAu2r,fh fh  fh fSfSfUfh fh | fah Z2 | 2 < t  +d $$Invalid partition table Error loading operating system Missing operating system c{
b ! '+3  ,3 p    U
  • 0

#18
zac1

zac1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Hello Ron,
When downloading combofix wimdows told me that this programme wants to install an unsigned driver.Windows says it requires a digitally signed driver.
Some of these downloads are not going to my desktop.What do i need to do.Please advise.Thank you.

Best wishes
zac1
  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,017 posts
  • MVP
I made a mistake and did not give you the updated instructions for the new version of AdwCleaner:

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and right click on the AdwCleaner icon and Run As Admin.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.




You gave me the wrong log for aswMBR. That one is a copy of your MBR. You can't open it in notepad as it is not in ASCII. IF I need it I will ask you to attach it. There should be another log: aswMBR.txt That is the one I need.



Just ignore the unsigned driver warning with Combofix. Nothing we can do about it but it should still run OK. Just won't be quite as effective.





What Browser are you using to download with? Normally if you right click on the downloaded file that shows in the Browser's list of downloads it will offer you an option to Open the containing Folder. That should take you to where it saves the file. Then you can right click on it and copy it and then click on your desktop and right click and Paste.
  • 0

#20
zac1

zac1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Malwarebytes
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.08.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
andrew :: ANDREW-TOSH [administrator]

Protection: Enabled

09/09/2013 01:07:40
mbam-log-2013-09-09 (01-07-40).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204976
Time elapsed: 7 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#21
zac1

zac1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
adwcleane
# AdwCleaner v3.003 - Report created 09/09/2013 at 01:26:30
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : andrew - ANDREW-TOSH
# Running from : C:\Users\andrew\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Utils.dll
File Found : C:\Users\Public\Desktop\eBay.lnk
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\ProgramData\AVG Secure Search

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\SpeedMaxPC
Key Found : [x64] HKCU\Software\SpeedMaxPC
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\speedmaxpc_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\speedmaxpc_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16576


-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5482 octets] - [08/09/2013 20:09:29]
AdwCleaner[R1].txt - [5542 octets] - [08/09/2013 20:11:56]
AdwCleaner[R2].txt - [2624 octets] - [09/09/2013 01:26:30]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2684 octets] ##########
  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,017 posts
  • MVP
In adwcleaner

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
  • 0

#23
zac1

zac1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
extras txt notepad
OTL Extras logfile created on: 9/9/2013 5:32:07 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\andrew\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.61 Gb Total Physical Memory | 4.01 Gb Available Physical Memory | 71.53% Memory free
11.21 Gb Paging File | 9.44 Gb Available in Paging File | 84.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 89.38 Gb Free Space | 59.97% Space Free | Partition Type: NTFS
Drive D: | 148.65 Gb Total Space | 36.06 Gb Free Space | 24.26% Space Free | Partition Type: NTFS

Computer Name: ANDREW-TOSH | User Name: andrew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\Windows\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\Easy Media Player\emp.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\Easy Media Player\emp.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [PrivaZer] -- C:\Program Files (x86)\PrivaZer\contextmenuExe.exe (Goversoft LLC)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\Windows\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\Easy Media Player\emp.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\Easy Media Player\emp.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [PrivaZer] -- C:\Program Files (x86)\PrivaZer\contextmenuExe.exe (Goversoft LLC)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0612FFCB-F384-46D2-A24E-E2139020C937}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0826FF4B-18D9-42B4-BCE8-C6622E1C99F3}" = rport=137 | protocol=17 | dir=out | app=system |
"{0D32C4B6-29D0-45C0-89B1-F78128BB4B93}" = lport=138 | protocol=17 | dir=in | app=system |
"{107B811E-B553-4FCA-9536-B478010CDCA7}" = rport=138 | protocol=17 | dir=out | app=system |
"{1AC01A34-262B-4F20-95F5-D7E7872DAE72}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1DCB3DC0-1B00-4291-A690-4C3A2CA3997A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{20D3BAF5-3A82-4A63-8635-C712141D6289}" = rport=138 | protocol=17 | dir=out | app=system |
"{2A111800-0A03-4184-8870-5E18C501CCDE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B3179C0-4536-4731-8B87-D74B010D26DD}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{2EEC34D2-4FE1-40CC-B395-CFB21D2DA19C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{3AEC513F-B412-40F0-B657-FC725167FBD4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{45E40DFE-8F8F-4DAD-8C05-5E609E15992A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{466AB50E-0B5B-4FF3-8D49-574FFBF723DA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46930ABA-DDD6-4493-8A09-03FF8E6AFFB9}" = lport=137 | protocol=17 | dir=in | app=system |
"{4AC9C54B-6613-44E5-B24D-55884A70185F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4BA8D8FE-6809-4D27-AC0B-1BC5E50FCB2D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{51F66EA3-9EE3-4325-BA7E-82C8FE757DFA}" = rport=137 | protocol=17 | dir=out | app=system |
"{6C740EC6-6AB0-4494-A6D8-4AF9ECC00AFA}" = lport=139 | protocol=6 | dir=in | app=system |
"{6F23DC5A-1BC0-4D15-90F3-E12C37B4EE49}" = rport=445 | protocol=6 | dir=out | app=system |
"{6FEF6CBD-073E-4053-B760-4C49F12FCA80}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{740197B5-9B91-43DC-9448-5F2FAA99E4ED}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{749E4E68-5A9D-4310-B9DB-2C57114EA704}" = rport=139 | protocol=6 | dir=out | app=system |
"{7AB8A74F-8F07-419F-ACFC-4498ED2E68B8}" = lport=138 | protocol=17 | dir=in | app=system |
"{7AE893C1-D7D1-4776-8EBE-0C3B5353EE6F}" = rport=139 | protocol=6 | dir=out | app=system |
"{8193A909-AA2C-4855-AB2B-590095767258}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C1C3703-E06E-47A6-9E46-5E64680CA835}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8C4C9F01-E6ED-4EE4-A861-ED9D6069E637}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8C6DD438-7D20-471A-B7F7-F772EBC1BF19}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8D495CD9-8999-47E1-9FD4-E3827DC44934}" = lport=445 | protocol=6 | dir=in | app=system |
"{8EE53228-67B7-4914-B14B-3A8E2EDDE914}" = rport=10243 | protocol=6 | dir=out | app=system |
"{91B46EBF-2E80-47F7-8B62-70DE1D608599}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{99982C45-23E8-4D48-B59B-65083A051144}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A85C8925-6F5D-4A82-9422-45EF52EC4172}" = rport=445 | protocol=6 | dir=out | app=system |
"{AF01ECC3-858D-4645-B31C-B846F0102D77}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B8A744A2-B4A6-46E1-84DE-5301D35FFB30}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B99ADA06-7F1B-45E0-97CF-111F9757A78F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BB43B02B-55B9-4243-A9BA-8ED74F23CBF7}" = lport=445 | protocol=6 | dir=in | app=system |
"{BFC67410-442B-40A7-9338-F84036C09A06}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C331311B-2823-45E6-8185-B230BF69F466}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C8A59E0E-8E2D-40C3-9065-A5B852D51944}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC5FA52D-2EA4-4A63-8CD3-CE3CF4B3D717}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E1D85F95-A94D-4241-9D4E-529F491D7599}" = lport=137 | protocol=17 | dir=in | app=system |
"{E7D9CD4E-5B6C-4799-BAA5-19D8824CA721}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F999BC84-123D-41E5-9EAF-2B8213411581}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ADA5AB8-5E92-4072-A436-FB10C45EAE34}" = protocol=1 | dir=out | [email protected],-28544 |
"{0BA51E1A-AFF0-4575-A3BF-14F72CB1B5CD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{119FC77E-FA4D-433F-9677-B7C36FEE3A2D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1F554993-32B6-474A-8500-AD23719BA7BB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{24310495-F783-411F-A084-73198978FBE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{279099E3-6295-4DA4-ACF4-F5A6EEE339B8}" = protocol=1 | dir=in | [email protected],-28543 |
"{37E3F20F-DE20-4516-B208-CC46191BDD72}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3A0CA80C-C107-4E08-A8FA-B91DE28CB448}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{49AD4FE5-E495-4266-B3EF-40FFB6736291}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4A5BB824-FCC0-4707-B5A0-D606200B315F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{504F4A6F-8606-420D-97A4-993F0BE36D10}" = protocol=1 | dir=out | [email protected],-28544 |
"{5260BFDC-33FF-4DD1-A3CA-6DD1226708CD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6139F920-28CF-42C2-88F3-A92660C1E375}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63722777-5A39-4A7A-9DC0-700C7D803868}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{757C3055-A325-4E0E-8911-AB353EDBB3CB}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{801DBE9D-8D98-4844-B72B-3BDA734AF2DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{867F4559-0F94-4C5F-805D-18B5C77CD238}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89EAB2DD-ABB2-46C7-BCEC-67FF20149FE1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{98C18AB6-0B7A-4E2B-81A3-DB00DADFA463}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{9994B096-7C93-443D-9315-D151E68E399A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9B15F693-7BE6-4C83-ACC0-C481A95321E0}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{ABF01636-2F0B-4E94-A56E-7BA576A8633C}" = protocol=6 | dir=out | app=system |
"{AD29B28E-7AA3-4C13-8BCB-E7373F378ED2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AF4AE69A-970E-423A-BC81-27A1EA6D36DD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B27FF543-EAF1-45B6-8986-A51A18550C6C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B898C53B-71DE-4492-A9BD-BC2CE15796A0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C074B07C-6DB5-4339-9164-0E82E193761F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C64E1837-E3A4-415A-89FC-73C212338945}" = protocol=58 | dir=out | [email protected],-28546 |
"{C65606E6-8D60-41C5-AB8C-422079B85E85}" = protocol=58 | dir=in | [email protected],-28545 |
"{C6725965-2314-40FE-84B8-94F39F7B9BD3}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{CA4FBA7B-F959-46B2-ACC2-2C6D06146C56}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D606BCF0-90F3-4E56-8869-4C6C0687392D}" = protocol=58 | dir=in | [email protected],-28545 |
"{DE2CAFE6-4504-4F73-A56E-A5205431DDE6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7B12DB4-B3D2-4173-BA2E-5B95291A3116}" = protocol=1 | dir=in | [email protected],-28543 |
"{EEA677F1-C048-45A7-BEA7-FEA8AC885BCC}" = protocol=58 | dir=out | [email protected],-28546 |
"{F10F74AA-0DF1-4194-B732-0B7ACB5FB7F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F870DF9B-DED2-4B7F-8AD8-5AEF481C2510}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F9283746-88D9-4267-A112-49D31A64C42D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F936AA1A-019D-4E9D-B31F-4BB48EE6C739}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{373B90E1-A28C-434C-92B6-7281AFA6115A}" = WOT for Internet Explorer
"{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6167672A-758D-9960-C32C-47A15E180A70}" = ATI Catalyst Install Manager
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{99D90334-5A27-22AA-0CC9-BB2E7FE4608E}" = ccc-utility64
"{B0CF6A06-8D6E-3C49-1B5E-75027D2AB2FB}" = AMD Media Foundation Decoders
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"BullGuard" = BullGuard
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{019A5307-B53F-DEC7-BF70-E20C2A121E65}" = Catalyst Control Center InstallProxy
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{094FD5E0-01D2-AAB1-027F-A80F8CAB1477}" = CCC Help Italian
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}" = Nero Multimedia Suite 10 Essentials
"{10097883-9F66-3920-8C7E-3239E72953B3}" = CCC Help Greek
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{23DECD57-2D3E-59DE-215C-9B2118FFF9C1}" = CCC Help Korean
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24371D30-7CFF-11DE-B053-005056C00008}" = Paragon Drive Copy 12 Compact
"{24C934DB-D7F8-797E-8937-BF9BA23F1128}" = Catalyst Control Center Graphics Previews Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29A4049F-58A7-E0D9-991D-A1A672E51EFE}" = CCC Help Thai
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2E823133-4B6B-60A4-43F4-E586F01FCCCA}" = AMD VISION Engine Control Center
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3D047C6C-19EE-46E3-C14B-9FA84260DF9B}" = Photo Service - powered by myphotobook
"{3E1C0066-D04D-863E-3381-9FD232A888A2}" = CCC Help Portuguese
"{401E17B0-7A9E-3173-42B6-B3A780A2934A}" = CCC Help German
"{461F6F0D-7173-4902-9604-AB1A29108AF2}" = TOSHIBA Places Icon Utility
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{54B80F68-3A7C-1931-AFE8-CA9BABC3EC4D}" = CCC Help English
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}" = TOSHIBA Wireless LAN Indicator
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68625052-E88D-8598-3E83-9AE6B5D6394D}" = Catalyst Control Center Localization All
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{8064A378-46F4-4A4E-8AF5-153D0D4018DD}" = Catalyst Control Center - Branding
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8BABB47D-F46A-4AD1-8548-4C6292232D18}" = CCC Help Finnish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{9158DA86-4AC8-6EA5-20B1-36B3F9CF6497}" = CCC Help Czech
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{988C14A1-37AC-EB3F-B607-DED60CEE16E8}" = CCC Help Polish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A713F0C-D077-9B5F-4E0D-D21657387965}" = CCC Help Dutch
"{9A828AEE-658C-0AA0-7B13-83CC644A7E97}" = CCC Help Chinese Traditional
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{B09443E0-838F-6C14-83E4-DFF68F25D688}" = CCC Help Japanese
"{B946C4A5-E889-D859-AAB1-DE0C00902115}" = CCC Help Russian
"{C1F6CAC5-20D3-C4AA-B867-0836493AB636}" = CCC Help Turkish
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CC085605-79A6-3D50-6AE8-42D213ECBAFC}" = BBC iPlayer Desktop
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA8EF8F2-AF33-253B-7A5E-51E7B1AA6E42}" = CCC Help Hungarian
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DED61893-3D8D-C863-5913-AACB740063C2}" = CCC Help Spanish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.75
"{EAE8B2AB-DDD1-3F5E-42F5-EB54BAE8A7BE}" = CCC Help Swedish
"{ED7B4752-749D-3BA8-2CEB-5AC5A7FADF36}" = CCC Help French
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype 5.10
"{EE99A545-DFC9-EF57-5EDC-43F7B6855AB3}" = CCC Help Danish
"{F082CB11-4794-4259-99A1-D91BA762AD15}" = TOSHIBA TEMPRO
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3ED01FE-B62F-4CA4-BACA-822369BC0FB7}" = TuneUp Utilities Language Pack (en-GB)
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F510D82F-CD6A-0983-EF06-66004AC50565}" = CCC Help Chinese Standard
"{F52618B2-A995-4F8D-A6C8-9E235A470C68}" = TOSHIBA ConfigFree
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FCB1966E-4ACF-6648-8E7C-0D8C2EE573CA}" = CCC Help Norwegian
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDE58148-57E7-43BF-879A-29CCE818C078}" = eBay
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"AU11_is1" = Advanced Uninstaller PRO - Version 11
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"Google Chrome" = Google Chrome
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Revo Uninstaller" = Revo Uninstaller 1.95
"Security Task Manager" = Security Task Manager 1.8g
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)
"WinLiveSuite" = Windows Live Essentials
"YU2010_is1" = Your Uninstaller! 7

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PrivaZer" = PrivaZer

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/8/2013 9:28:38 PM | Computer Name = andrew-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The error was: 5 (0x5) : Access is denied. .

Error - 9/8/2013 9:31:09 PM | Computer Name = andrew-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The error was: 5 (0x5) : Access is denied. .

Error - 9/8/2013 9:31:09 PM | Computer Name = andrew-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The error was: 5 (0x5) : Access is denied. .

Error - 9/8/2013 9:31:09 PM | Computer Name = andrew-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The error was: 5 (0x5) : Access is denied. .

Error - 9/8/2013 9:31:10 PM | Computer Name = andrew-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The error was: 5 (0x5) : Access is denied. .

Error - 9/8/2013 10:22:05 PM | Computer Name = andrew-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The error was: 5 (0x5) : Access is denied. .

Error - 9/8/2013 10:23:12 PM | Computer Name = andrew-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The error was: 5 (0x5) : Access is denied. .

Error - 9/8/2013 10:23:12 PM | Computer Name = andrew-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The error was: 5 (0x5) : Access is denied. .

Error - 9/9/2013 12:27:44 AM | Computer Name = andrew-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The error was: 5 (0x5) : Access is denied. .

Error - 9/9/2013 12:36:06 AM | Computer Name = andrew-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The error was: 5 (0x5) : Access is denied. .

[ System Events ]
Error - 9/8/2013 11:45:42 PM | Computer Name = andrew-TOSH | Source = DCOM | ID = 10016
Description =

Error - 9/8/2013 11:55:42 PM | Computer Name = andrew-TOSH | Source = DCOM | ID = 10016
Description =

Error - 9/9/2013 12:05:42 AM | Computer Name = andrew-TOSH | Source = DCOM | ID = 10016
Description =

Error - 9/9/2013 12:15:42 AM | Computer Name = andrew-TOSH | Source = DCOM | ID = 10016
Description =

Error - 9/9/2013 12:25:42 AM | Computer Name = andrew-TOSH | Source = DCOM | ID = 10016
Description =

Error - 9/9/2013 12:35:42 AM | Computer Name = andrew-TOSH | Source = DCOM | ID = 10016
Description =

Error - 9/9/2013 12:45:42 AM | Computer Name = andrew-TOSH | Source = DCOM | ID = 10016
Description =

Error - 9/9/2013 12:55:42 AM | Computer Name = andrew-TOSH | Source = DCOM | ID = 10016
Description =

Error - 9/9/2013 1:05:42 AM | Computer Name = andrew-TOSH | Source = DCOM | ID = 10016
Description =

Error - 9/9/2013 1:15:42 AM | Computer Name = andrew-TOSH | Source = DCOM | ID = 10016
Description =


< End of report >
  • 0

#24
zac1

zac1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
otl txt notepad
aOTL logfile created on: 9/9/2013 5:32:07 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\andrew\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.61 Gb Total Physical Memory | 4.01 Gb Available Physical Memory | 71.53% Memory free
11.21 Gb Paging File | 9.44 Gb Available in Paging File | 84.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 89.38 Gb Free Space | 59.97% Space Free | Partition Type: NTFS
Drive D: | 148.65 Gb Total Space | 36.06 Gb Free Space | 24.26% Space Free | Partition Type: NTFS

Computer Name: ANDREW-TOSH | User Name: andrew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/03 19:23:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\andrew\Downloads\OTL (1).exe
PRC - [2013/08/12 09:22:26 | 000,207,200 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
PRC - [2013/08/05 16:33:40 | 002,229,072 | ---- | M] (Secure Speed Dial) -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/14 11:55:14 | 000,572,712 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/12/03 14:57:16 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010/08/04 17:11:34 | 001,809,920 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
PRC - [2009/07/28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/02 14:23:04 | 001,637,336 | ---- | M] () -- C:\Program Files (x86)\WOT\WOT.dll
MOD - [2013/08/06 15:15:42 | 000,268,968 | ---- | M] () -- C:\Program Files (x86)\Secure Speed Dial\IE\sqlite3.dll
MOD - [2013/05/23 13:16:48 | 000,482,656 | ---- | M] () -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\SQLite.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/08/12 09:22:07 | 000,596,832 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire)
SRV:64bit: - [2013/08/12 09:22:04 | 000,684,896 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll -- (BsBackup)
SRV:64bit: - [2013/08/12 09:22:04 | 000,243,552 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner)
SRV:64bit: - [2013/08/12 09:22:03 | 000,376,160 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan)
SRV:64bit: - [2013/08/12 09:22:03 | 000,340,320 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain)
SRV:64bit: - [2013/08/12 09:22:02 | 000,619,360 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy)
SRV:64bit: - [2013/08/12 09:22:02 | 000,445,856 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe -- (BsBhvScan)
SRV:64bit: - [2013/08/12 09:18:51 | 000,353,120 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate)
SRV:64bit: - [2011/06/28 22:49:40 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/20 13:41:50 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/28 12:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/08/05 16:33:40 | 002,229,072 | ---- | M] (Secure Speed Dial) [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
SRV - [2013/04/25 18:12:00 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/03/01 21:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/10 09:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2011/01/14 11:55:14 | 000,572,712 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/11/21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/08/04 17:11:34 | 001,809,920 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/07/01 10:59:02 | 000,051,576 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/08 07:12:10 | 000,556,632 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\4959228drv.sys -- (4959228drv)
DRV:64bit: - [2013/05/26 21:48:18 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/05/26 21:48:16 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/05/26 21:48:15 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/18 14:25:00 | 000,068,720 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\BdSpy.sys -- (BdSpy)
DRV:64bit: - [2013/03/17 23:36:16 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2013/03/07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/03/07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/03/07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/03/07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/03/07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/03/07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/01/25 14:33:16 | 000,350,160 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2012/12/21 13:43:52 | 000,633,680 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2012/12/21 13:43:52 | 000,090,960 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2012/11/20 14:11:38 | 000,464,480 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore)
DRV:64bit: - [2012/11/20 14:11:38 | 000,040,544 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (AFW)
DRV:64bit: - [2012/10/04 08:38:58 | 000,034,928 | ---- | M] (BullGuard Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BdNet.sys -- (BdNet)
DRV:64bit: - [2012/06/26 10:48:34 | 000,256,072 | ---- | M] (NovaShield, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NSKernel.sys -- (NovaShieldFilterDriver)
DRV:64bit: - [2012/06/26 10:48:34 | 000,025,160 | ---- | M] (NovaShield, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSNetmon.sys -- (NovaShieldTDIDriver)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/29 08:40:02 | 000,020,592 | ---- | M] (Compal Electronics, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CeKbFilter.sys -- (CeKbFilter)
DRV:64bit: - [2011/06/29 00:12:30 | 009,371,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/28 22:11:22 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/23 17:14:44 | 001,142,376 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/30 20:34:42 | 001,393,712 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/08/14 07:35:36 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010/08/14 07:35:36 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/07/20 17:43:22 | 000,247,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/22 10:55:20 | 000,046,192 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/06/25 14:39:16 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2012/06/25 14:39:16 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ABA3D263-6AB2-4530-B983-62D8D153B360}
IE:64bit: - HKLM\..\SearchScopes\{ABA3D263-6AB2-4530-B983-62D8D153B360}: "URL" = http://start.funmood...A&cr=1141072529
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {ABA3D263-6AB2-4530-B983-62D8D153B360}
IE - HKLM\..\SearchScopes,DefaultScope = {ABA3D263-6AB2-4530-B983-62D8D153B360}
IE - HKLM\..\SearchScopes\{34ECC055-9CF7-8E3C-6BFC-788B9E43D4E9}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 04 7C 2D 29 8F 68 CE 01 [binary data]
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes,DefaultScope = {16F3F12F-FB2D-45B8-9BA5-37AB7AADB53F}
IE - HKCU\..\SearchScopes\{16F3F12F-FB2D-45B8-9BA5-37AB7AADB53F}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{3D9DC740-E406-42D2-8871-4B15DA52C51E}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\..\SearchScopes\{5715C1D3-7F11-4D86-B22C-814B8C34C38D}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{7EC4E5A4-99D1-46A5-9649-01107F3AA6DB}: "URL" = https://startpage.co...uage=english_uk
IE - HKCU\..\SearchScopes\{8AA527DD-48AE-4EDC-AEB7-155463CF3E2A}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{AAAEE6DC-4E10-4705-87AF-F0806210CBD3}: "URL" = https://startpage.co...anguage=english
IE - HKCU\..\SearchScopes\{C308655F-C2AB-4F50-8EA7-BDD9C66ECAF2}: "URL" = http://www.amazon.co...ed&linkCode=ur2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\[email protected]\ [2013/09/03 14:08:32 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0\
CHR - Extension: YouTube = C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/09/01 08:10:23 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - {97ab88ef-346b-4179-a0b1-7445896547a5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {97ab88ef-346b-4179-a0b1-7445896547a5} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O4:64bit: - HKLM..\Run: [BullGuardUpdate2] c:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe (BullGuard Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 189
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9:64bit: - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9:64bit: - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - Reg Error: Key error. File not found
O9:64bit: - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9 - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab (Reg Error: Value error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Reg Error: Value error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{332F2E0C-25BC-4B9F-B282-A06785088426}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (BgGamingMonitor.dll) - BgGamingMonitor.dll (BullGuard Ltd.)
O20 - AppInit_DLLs: (C:\Windows\System32\BgGamingMonitor.dll) - C:\Windows\SysWOW64\BgGamingMonitor.dll (BullGuard Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^$McRebootA5E6DEAA56$.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Toshiba Places Icon Utility.lnk - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe - (Toshiba)
MsConfig:64bit - StartUpReg: 00TCrdMain - hkey= - key= - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: btbb_McciTrayApp - hkey= - key= - C:\Program Files\Plusnet Assist\btbb\PlusnetHelpNotifier.exe (Alcatel-Lucent)
MsConfig:64bit - StartUpReg: HWSetup - hkey= - key= - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
MsConfig:64bit - StartUpReg: KeNotify - hkey= - key= - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
MsConfig:64bit - StartUpReg: MSC - hkey= - key= - Reg Error: Value error. File not found
MsConfig:64bit - StartUpReg: NBAgent - hkey= - key= - c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
MsConfig:64bit - StartUpReg: RtHDVBg - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
MsConfig:64bit - StartUpReg: SmartFaceVWatcher - hkey= - key= - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: SmoothView - hkey= - key= - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: StartCCC - hkey= - key= - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig:64bit - StartUpReg: SVPWUTIL - hkey= - key= - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
MsConfig:64bit - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
MsConfig:64bit - StartUpReg: Toshiba Registration - hkey= - key= - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
MsConfig:64bit - StartUpReg: Toshiba TEMPRO - hkey= - key= - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
MsConfig:64bit - StartUpReg: TosNC - hkey= - key= - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosReelTimeMonitor - hkey= - key= - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosSENotify - hkey= - key= - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosVolRegulator - hkey= - key= - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TPwrMain - hkey= - key= - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TWebCamera - hkey= - key= - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.

SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: BsMain - C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll (BullGuard Ltd.)
SafeBootMin:64bit: BsScanner - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe (BullGuard Ltd.)
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe File not found
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: BsMain - C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll (BullGuard Ltd.)
SafeBootNet:64bit: BsScanner - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe (BullGuard Ltd.)
SafeBootNet:64bit: BsUpdate - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (BullGuard Ltd.)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe File not found
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WRkrn - Driver
SafeBootNet:64bit: WRSVC - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WRkrn - Driver
SafeBootNet: WRSVC - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{b63c7a19-a26b-486c-b579-cc4b88723314} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/09/09 00:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/09/09 00:43:19 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/09/09 00:43:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/09/08 22:44:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/09/08 22:41:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/09/08 22:41:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/09/08 22:41:38 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/09/08 22:41:31 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/09/08 22:41:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/09/08 22:40:53 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/09/08 22:39:40 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013/09/08 20:54:28 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/09/08 20:02:35 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/06 23:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2013/09/06 23:58:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2013/09/04 23:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\WOT
[2013/09/04 23:20:27 | 000,000,000 | ---D | C] -- C:\archive_db
[2013/09/04 23:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\explauncher
[2013/09/04 23:16:04 | 000,000,000 | ---D | C] -- C:\ProgramData\launcher
[2013/09/04 23:15:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Drive Copy 12 Compact
[2013/09/04 23:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paragon Software
[2013/09/02 11:37:43 | 000,000,000 | ---D | C] -- C:\Users\andrew\Documents\ProcAlyzer Dumps
[2013/09/02 11:13:08 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/09/01 12:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/09/01 12:28:35 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\Deployment
[2013/09/01 09:07:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2013/08/30 01:40:59 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Roaming\Wise Care 365
[2013/08/30 01:40:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013/08/30 01:02:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PrivaZer
[2013/08/15 07:08:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013/08/15 05:57:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/08/13 21:54:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/13 21:18:36 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\LogMeIn Rescue Applet
[2013/08/13 01:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secure Speed Dial
[2013/08/12 09:22:54 | 000,125,496 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysNative\BgGamingMonitor.dll
[2013/08/12 09:22:54 | 000,113,088 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysWow64\BgGamingMonitor.dll
[2013/08/12 09:22:51 | 000,073,056 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysNative\BGLsp.dll
[2013/08/12 09:22:51 | 000,060,256 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysWow64\BGLsp.dll
[2013/08/12 01:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/08/11 14:11:17 | 000,000,000 | ---D | C] -- C:\Users\andrew\Doctor Web
[2013/08/11 06:17:00 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/08/11 06:15:08 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/08/11 04:34:39 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Roaming\BullGuard
[2013/08/11 04:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\BullGuard
[2013/08/11 04:34:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard
[2013/08/11 04:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BullGuard Ltd
[2013/08/11 04:32:33 | 000,000,000 | ---D | C] -- C:\Program Files\BullGuard Ltd
[2013/08/11 00:24:32 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/08/11 00:24:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2013/07/21 09:11:20 | 009,842,040 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe
[2013/02/07 13:11:02 | 003,226,824 | ---- | C] (Comodo Security Solutions, Inc) -- C:\Program Files (x86)\Utils.dll
[2013/02/07 13:10:34 | 004,742,856 | ---- | C] (Terra Informatica Software, Inc.) -- C:\Program Files (x86)\sciter-x.dll
[2013/02/07 13:10:10 | 002,218,184 | ---- | C] (Comodo Security Solutions, Inc) -- C:\Program Files (x86)\RegistryDefrag.dll
[2013/02/07 13:09:46 | 000,067,272 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\offreg.dll
[2013/02/07 13:09:38 | 000,519,368 | ---- | C] (Comodo Security Solutions, Inc) -- C:\Program Files (x86)\DiskDuplicates.dll
[2013/02/07 13:09:30 | 000,213,704 | ---- | C] (Comodo Security Solutions, Inc) -- C:\Program Files (x86)\CPluginServicePS.dll
[2013/02/07 13:09:22 | 002,282,696 | ---- | C] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\CPluginService.exe
[2013/02/07 13:09:06 | 000,330,440 | ---- | C] (Comodo Security Solutions, Inc) -- C:\Program Files (x86)\CategoryFactory.dll
[2013/02/07 13:08:44 | 009,851,080 | ---- | C] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\CPCTuneUp.exe
[2013/02/04 10:20:40 | 001,674,752 | ---- | C] (COMODO Security Solutions) -- C:\Program Files (x86)\feedback.dll

========== Files - Modified Within 30 Days ==========

[2013/09/09 05:34:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/09 02:04:36 | 000,025,120 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/09 02:04:36 | 000,025,120 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/09 02:03:54 | 000,736,402 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/09 02:03:54 | 000,633,780 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/09 02:03:54 | 000,115,482 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/09 02:01:13 | 000,000,576 | ---- | M] () -- C:\Windows\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2013/09/09 02:00:05 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/09 01:59:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/09 01:58:56 | 218,865,663 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/09 00:43:23 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/08 22:46:37 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\BullGuard.lnk
[2013/09/08 21:47:01 | 000,000,512 | ---- | M] () -- C:\Users\andrew\Documents\MBR.dat
[2013/09/08 00:00:03 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2013/09/07 10:40:10 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2013/09/07 09:00:24 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\Wise Care 365 PC Checkup Task.job
[2013/09/05 19:53:18 | 000,002,150 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/09/04 23:15:31 | 000,002,324 | ---- | M] () -- C:\Users\Public\Desktop\Paragon Drive Copy 12 Compact.lnk
[2013/09/04 09:44:23 | 000,002,150 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/09/02 16:00:49 | 000,005,698 | ---- | M] () -- C:\Users\andrew\Documents\cc_20130902_160038.reg
[2013/09/01 20:39:12 | 000,002,246 | ---- | M] () -- C:\Users\andrew\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/09/01 08:36:56 | 000,015,618 | ---- | M] () -- C:\Users\andrew\Documents\cc_20130901_083515.reg
[2013/09/01 08:19:15 | 000,294,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/09/01 08:16:53 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/09/01 08:10:23 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/08/31 01:39:49 | 000,239,723 | ---- | M] () -- C:\Users\andrew\AppData\Local\census.cache
[2013/08/31 01:39:34 | 000,104,998 | ---- | M] () -- C:\Users\andrew\AppData\Local\ars.cache
[2013/08/15 06:31:27 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_475
[2013/08/15 05:57:20 | 000,002,126 | ---- | M] () -- C:\Users\andrew\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/08/13 23:18:06 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_736
[2013/08/12 09:22:27 | 000,060,256 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysWow64\BGLsp.dll
[2013/08/12 09:22:26 | 000,073,056 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysNative\BGLsp.dll
[2013/08/12 09:22:25 | 000,125,496 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysNative\BgGamingMonitor.dll
[2013/08/12 09:22:25 | 000,113,088 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysWow64\BgGamingMonitor.dll
[2013/08/12 03:24:30 | 000,004,084 | ---- | M] () -- C:\Users\andrew\Documents\cc_20130812_032407.reg
[2013/08/11 14:13:15 | 000,025,972 | ---- | M] () -- C:\Users\andrew\Documents\cc_20130811_141309.reg
[2013/08/11 12:45:09 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_477
[2013/08/11 06:52:51 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_702
[2013/08/11 06:16:17 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-ANDREW-TOSH-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/08/11 06:04:57 | 000,010,704 | ---- | M] () -- C:\Users\andrew\Documents\cc_20130811_060442.reg
[2013/08/11 05:41:53 | 000,001,039 | ---- | M] () -- C:\Users\andrew\Desktop\Your Unin-staller!.lnk
[2013/08/11 04:46:48 | 000,000,164 | ---- | M] () -- C:\Users\andrew\Desktop\BullGuard Online Drive.lnk
[2013/08/11 04:30:57 | 016,685,832 | ---- | M] () -- C:\Users\Public\Desktop\Install BullGuard Internet Security.exe

========== Files Created - No Company Name ==========

[2013/09/09 02:01:13 | 000,000,576 | ---- | C] () -- C:\Windows\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2013/09/09 00:43:23 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/08 22:41:38 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/09/08 22:41:38 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/09/08 22:41:38 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/09/08 22:41:38 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/09/08 22:41:38 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/09/08 21:45:57 | 000,000,512 | ---- | C] () -- C:\Users\andrew\Documents\MBR.dat
[2013/09/07 10:29:24 | 000,001,123 | ---- | C] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2013/09/04 23:15:31 | 000,002,324 | ---- | C] () -- C:\Users\Public\Desktop\Paragon Drive Copy 12 Compact.lnk
[2013/09/02 16:00:43 | 000,005,698 | ---- | C] () -- C:\Users\andrew\Documents\cc_20130902_160038.reg
[2013/09/01 12:30:17 | 000,002,246 | ---- | C] () -- C:\Users\andrew\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/09/01 12:30:17 | 000,002,150 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/09/01 12:29:06 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/01 12:29:04 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/01 08:35:19 | 000,015,618 | ---- | C] () -- C:\Users\andrew\Documents\cc_20130901_083515.reg
[2013/08/31 01:39:49 | 000,239,723 | ---- | C] () -- C:\Users\andrew\AppData\Local\census.cache
[2013/08/31 01:39:34 | 000,104,998 | ---- | C] () -- C:\Users\andrew\AppData\Local\ars.cache
[2013/08/30 01:02:53 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
[2013/08/30 00:57:18 | 218,865,663 | -HS- | C] () -- C:\hiberfil.sys
[2013/08/15 07:07:19 | 000,294,200 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/15 05:57:20 | 000,002,126 | ---- | C] () -- C:\Users\andrew\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/08/13 21:04:25 | 000,000,414 | ---- | C] () -- C:\Windows\tasks\Wise Care 365 PC Checkup Task.job
[2013/08/13 01:24:33 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/08/12 03:24:11 | 000,004,084 | ---- | C] () -- C:\Users\andrew\Documents\cc_20130812_032407.reg
[2013/08/11 14:13:12 | 000,025,972 | ---- | C] () -- C:\Users\andrew\Documents\cc_20130811_141309.reg
[2013/08/11 06:16:17 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-ANDREW-TOSH-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/08/11 06:04:47 | 000,010,704 | ---- | C] () -- C:\Users\andrew\Documents\cc_20130811_060442.reg
[2013/08/11 05:41:53 | 000,001,039 | ---- | C] () -- C:\Users\andrew\Desktop\Your Unin-staller!.lnk
[2013/08/11 04:46:48 | 000,000,164 | ---- | C] () -- C:\Users\andrew\Desktop\BullGuard Online Drive.lnk
[2013/08/11 04:34:25 | 000,001,150 | ---- | C] () -- C:\Users\Public\Desktop\BullGuard.lnk
[2013/08/11 04:30:32 | 016,685,832 | ---- | C] () -- C:\Users\Public\Desktop\Install BullGuard Internet Security.exe
[2013/08/11 00:30:59 | 000,000,404 | ---- | C] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2013/07/31 20:52:06 | 000,000,036 | ---- | C] () -- C:\Users\andrew\AppData\Local\housecall.guid.cache
[2013/07/14 19:33:12 | 000,000,024 | -HS- | C] () -- C:\Users\andrew\AppData\Roaming\Win4665 Config DB.dlx
[2013/07/14 19:33:12 | 000,000,024 | -HS- | C] () -- C:\Users\andrew\AppData\Roaming\System3192SettingsDB.dat
[2013/06/01 22:29:33 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2013/05/28 13:33:04 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/05/16 10:02:55 | 000,008,192 | ---- | C] () -- C:\Program Files (x86)\CPTSettings.dat
[2013/05/11 22:52:28 | 000,000,203 | ---- | C] () -- C:\Windows\uruninstaller.ini
[2013/03/04 02:12:30 | 000,074,291 | ---- | C] () -- C:\ProgramData\1362359390.bdinstall.bin
[2013/03/04 02:09:50 | 000,022,959 | ---- | C] () -- C:\ProgramData\1362359386.bdinstall.bin
[2013/03/04 01:41:32 | 000,166,263 | ---- | C] () -- C:\ProgramData\1362357473.bdinstall.bin
[2013/02/07 13:09:54 | 000,243,400 | ---- | C] () -- C:\Program Files (x86)\Plugin.dll
[2013/02/07 13:01:28 | 000,518,144 | ---- | C] () -- C:\Program Files (x86)\ForceDelete.dll
[2013/02/06 19:20:18 | 000,034,816 | ---- | C] () -- C:\Program Files (x86)\AddAffiliateToRegistry.exe
[2013/01/10 16:42:49 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012/11/24 11:02:31 | 000,000,162 | ---- | C] () -- C:\Windows\reimage.ini
[2012/01/21 21:43:33 | 000,007,597 | ---- | C] () -- C:\Users\andrew\AppData\Local\resmon.resmoncfg
[2012/01/19 10:41:19 | 000,736,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/29 09:06:58 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2011/09/29 08:53:17 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011/09/29 08:36:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/09/29 08:33:45 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2013/09/01 12:28:49 | 000,000,227 | ---- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 06:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 05:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA MK3275GSX SATA Disk Device
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 400.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 149.00GB
Starting Offset: 420478976
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 149.00GB
Starting Offset: 160456245248
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2013/06/15 03:11:42 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Adobe
[2013/06/03 05:07:02 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Apple Computer
[2013/07/24 15:32:40 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\ATI
[2013/07/29 13:31:36 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Auslogics
[2013/06/01 01:25:47 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\AVG
[2012/01/07 05:53:33 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\AVG2012
[2013/04/21 03:06:28 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Baidu Security
[2012/01/24 13:50:31 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2013/08/13 21:42:00 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\BullGuard
[2013/06/07 23:38:28 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Easeware
[2013/02/25 22:57:59 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\ErrorTeck
[2013/06/10 09:13:55 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\ESET
[2013/03/04 22:26:24 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Geek Uninstaller
[2013/07/08 23:02:48 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\GlarySoft
[2013/07/23 03:48:31 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\IObit
[2013/06/01 22:26:52 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\iolo
[2013/07/08 23:02:48 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Macromedia
[2013/09/09 00:43:55 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Malwarebytes
[2013/09/01 05:31:20 | 000,000,000 | --SD | M] -- C:\Users\andrew\AppData\Roaming\Microsoft
[2012/01/07 05:29:25 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Sammsoft
[2013/03/25 15:35:16 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Skype
[2013/03/27 02:07:20 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\SoftGrid Client
[2013/05/11 18:46:31 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\TestApp
[2012/01/05 19:12:47 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Toshiba
[2011/12/29 15:00:15 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\TOSHIBA Online Product Information
[2013/05/18 19:14:21 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\TuneUp Software
[2013/04/30 01:11:12 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\URSoft
[2013/09/03 14:10:12 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\vlc
[2012/01/21 02:43:19 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Windows Live Writer
[2013/04/17 21:50:36 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\WinRAR
[2013/09/09 02:00:32 | 000,000,000 | ---D | M] -- C:\Users\andrew\AppData\Roaming\Wise Care 365

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CSRSS.EXE >
[2009/07/14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2010/11/21 04:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\SysNative\mswsock.dll
[2010/11/21 04:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2010/11/21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SysWOW64\mswsock.dll
[2010/11/21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/14 02:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\SysNative\NapiNSP.dll
[2009/07/14 02:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2012/01/13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\SysWOW64\nlaapi.dll
[2012/01/13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_cfca9d84561311f2\nlaapi.dll
[2010/11/21 04:24:01 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
[2012/10/03 17:29:27 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=11B8C7970C10650827D060AA81BEE63F -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_d07f52216f10753a\nlaapi.dll
[2010/11/21 04:23:54 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
[2012/10/03 18:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\SysNative\nlaapi.dll
[2012/10/03 18:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_c575f33221b24ff7\nlaapi.dll
[2012/10/03 18:32:48 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=C98BCE54F31113D5E736C1097FD086DC -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_c62aa7cf3aafb33f\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/14 02:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\SysNative\pnrpnsp.dll
[2009/07/14 02:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll

< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/14 02:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\SysNative\PrintIsolationHost.exe
[2009/07/14 02:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe

< MD5 for: SERVICES.EXE >
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009/07/14 02:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\SysNative\winrnr.dll
[2009/07/14 02:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/14 02:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/14 02:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/04/05 08:53:33 | 000,775,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/04/05 08:53:33 | 000,775,232 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2013/04/05 07:52:37 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2013/04/05 07:52:37 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2013/04/05 07:52:37 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013/04/05 08:53:33 | 000,775,232 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2013/04/05 08:53:33 | 000,775,232 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Application Data] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Cookies] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Documents\My Music] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Documents\My Pictures] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Documents\My Videos] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Local Settings] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\My Documents] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\NetHood] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\PrintHood] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Recent] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\SendTo] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Start Menu] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Templates] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\Application Data] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\Cookies] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\Documents\My Music] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\Documents\My Pictures] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\Documents\My Videos] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\Local Settings] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\My Documents] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\NetHood] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\PrintHood] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\Recent] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\SendTo] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\Start Menu] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\SysWOW64\config\systemprofile\Templates] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 195 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 178 bytes -> C:\ProgramData\TEMP:1CE11B51
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >
  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,017 posts
  • MVP
Download and Save
Windows Repair (All In One)

http://www.tweaking....all_in_one.html

Right click on it and Run As Admin.

We want the step that has the same picture as the page and we want to make sure that the following are checked:

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Remove Policies Set By Infections
Repair Windows Updates

Then press Start. When done, close the program,


Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,017 posts
  • MVP
Also use aswClear to remove the rest of Avast:

http://www.avast.com/uninstall-utility
  • 0

#27
zac1

zac1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
2013-09-09 01:36:21, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:36:21, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2013-09-09 01:36:23, Info CSI 0000000c [SR] Verify complete
2013-09-09 01:36:24, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:36:24, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2013-09-09 01:36:26, Info CSI 00000010 [SR] Verify complete
2013-09-09 01:36:27, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:36:27, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2013-09-09 01:36:28, Info CSI 00000014 [SR] Verify complete
2013-09-09 01:36:30, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:36:30, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2013-09-09 01:36:31, Info CSI 00000018 [SR] Verify complete
2013-09-09 01:36:32, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:36:32, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2013-09-09 01:36:37, Info CSI 0000001c [SR] Verify complete
2013-09-09 01:36:38, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:36:38, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2013-09-09 01:36:42, Info CSI 00000020 [SR] Verify complete
2013-09-09 01:36:43, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:36:43, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2013-09-09 01:36:47, Info CSI 00000024 [SR] Verify complete
2013-09-09 01:36:48, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:36:48, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2013-09-09 01:36:51, Info CSI 00000028 [SR] Verify complete
2013-09-09 01:36:52, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:36:52, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2013-09-09 01:36:58, Info CSI 0000002c [SR] Verify complete
2013-09-09 01:36:59, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:36:59, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2013-09-09 01:37:04, Info CSI 00000030 [SR] Verify complete
2013-09-09 01:37:05, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:37:05, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2013-09-09 01:37:08, Info CSI 00000034 [SR] Verify complete
2013-09-09 01:37:10, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:37:10, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2013-09-09 01:37:16, Info CSI 00000039 [SR] Verify complete
2013-09-09 01:37:16, Info CSI 0000003a [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:37:16, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2013-09-09 01:37:26, Info CSI 0000003f [SR] Verify complete
2013-09-09 01:37:28, Info CSI 00000040 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:37:28, Info CSI 00000041 [SR] Beginning Verify and Repair transaction
2013-09-09 01:37:34, Info CSI 00000044 [SR] Verify complete
2013-09-09 01:37:35, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:37:35, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2013-09-09 01:37:42, Info CSI 00000049 [SR] Verify complete
2013-09-09 01:37:43, Info CSI 0000004a [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:37:43, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2013-09-09 01:37:48, Info CSI 0000004c [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-09-09 01:37:50, Info CSI 0000004d [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-09-09 01:37:50, Info CSI 0000004e [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2013-09-09 01:37:52, Info CSI 00000050 [SR] Verify complete
2013-09-09 01:37:53, Info CSI 00000051 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:37:53, Info CSI 00000052 [SR] Beginning Verify and Repair transaction
2013-09-09 01:38:07, Info CSI 00000074 [SR] Verify complete
2013-09-09 01:38:08, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:38:08, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2013-09-09 01:38:16, Info CSI 0000007b [SR] Verify complete
2013-09-09 01:38:17, Info CSI 0000007c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:38:17, Info CSI 0000007d [SR] Beginning Verify and Repair transaction
2013-09-09 01:38:25, Info CSI 0000007f [SR] Verify complete
2013-09-09 01:38:26, Info CSI 00000080 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:38:26, Info CSI 00000081 [SR] Beginning Verify and Repair transaction
2013-09-09 01:38:32, Info CSI 00000083 [SR] Verify complete
2013-09-09 01:38:33, Info CSI 00000084 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:38:33, Info CSI 00000085 [SR] Beginning Verify and Repair transaction
2013-09-09 01:38:42, Info CSI 00000087 [SR] Verify complete
2013-09-09 01:38:43, Info CSI 00000088 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:38:43, Info CSI 00000089 [SR] Beginning Verify and Repair transaction
2013-09-09 01:38:49, Info CSI 0000008b [SR] Verify complete
2013-09-09 01:38:50, Info CSI 0000008c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:38:50, Info CSI 0000008d [SR] Beginning Verify and Repair transaction
2013-09-09 01:39:04, Info CSI 00000091 [SR] Verify complete
2013-09-09 01:39:04, Info CSI 00000092 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:39:04, Info CSI 00000093 [SR] Beginning Verify and Repair transaction
2013-09-09 01:39:18, Info CSI 000000b4 [SR] Verify complete
2013-09-09 01:39:19, Info CSI 000000b5 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:39:19, Info CSI 000000b6 [SR] Beginning Verify and Repair transaction
2013-09-09 01:39:32, Info CSI 000000b8 [SR] Verify complete
2013-09-09 01:39:34, Info CSI 000000b9 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:39:34, Info CSI 000000ba [SR] Beginning Verify and Repair transaction
2013-09-09 01:39:49, Info CSI 000000be [SR] Verify complete
2013-09-09 01:39:50, Info CSI 000000bf [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:39:50, Info CSI 000000c0 [SR] Beginning Verify and Repair transaction
2013-09-09 01:39:56, Info CSI 000000c2 [SR] Verify complete
2013-09-09 01:39:57, Info CSI 000000c3 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:39:57, Info CSI 000000c4 [SR] Beginning Verify and Repair transaction
2013-09-09 01:40:00, Info CSI 000000c6 [SR] Verify complete
2013-09-09 01:40:02, Info CSI 000000c7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:40:02, Info CSI 000000c8 [SR] Beginning Verify and Repair transaction
2013-09-09 01:40:06, Info CSI 000000ca [SR] Verify complete
2013-09-09 01:40:08, Info CSI 000000cb [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:40:08, Info CSI 000000cc [SR] Beginning Verify and Repair transaction
2013-09-09 01:40:23, Info CSI 000000df [SR] Verify complete
2013-09-09 01:40:24, Info CSI 000000e0 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:40:24, Info CSI 000000e1 [SR] Beginning Verify and Repair transaction
2013-09-09 01:40:28, Info CSI 000000e3 [SR] Verify complete
2013-09-09 01:40:29, Info CSI 000000e4 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:40:29, Info CSI 000000e5 [SR] Beginning Verify and Repair transaction
2013-09-09 01:40:34, Info CSI 000000e7 [SR] Verify complete
2013-09-09 01:40:35, Info CSI 000000e8 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:40:35, Info CSI 000000e9 [SR] Beginning Verify and Repair transaction
2013-09-09 01:40:40, Info CSI 000000eb [SR] Verify complete
2013-09-09 01:40:41, Info CSI 000000ec [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:40:41, Info CSI 000000ed [SR] Beginning Verify and Repair transaction
2013-09-09 01:40:48, Info CSI 000000f0 [SR] Verify complete
2013-09-09 01:40:50, Info CSI 000000f1 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:40:50, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
2013-09-09 01:41:04, Info CSI 000000f5 [SR] Verify complete
2013-09-09 01:41:04, Info CSI 000000f6 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:41:04, Info CSI 000000f7 [SR] Beginning Verify and Repair transaction
2013-09-09 01:41:09, Info CSI 000000f9 [SR] Verify complete
2013-09-09 01:41:10, Info CSI 000000fa [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:41:10, Info CSI 000000fb [SR] Beginning Verify and Repair transaction
2013-09-09 01:41:14, Info CSI 000000fd [SR] Verify complete
2013-09-09 01:41:15, Info CSI 000000fe [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:41:15, Info CSI 000000ff [SR] Beginning Verify and Repair transaction
2013-09-09 01:41:25, Info CSI 00000101 [SR] Verify complete
2013-09-09 01:41:26, Info CSI 00000102 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:41:26, Info CSI 00000103 [SR] Beginning Verify and Repair transaction
2013-09-09 01:41:35, Info CSI 00000105 [SR] Verify complete
2013-09-09 01:41:35, Info CSI 00000106 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:41:35, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2013-09-09 01:41:47, Info CSI 00000109 [SR] Verify complete
2013-09-09 01:41:48, Info CSI 0000010a [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:41:48, Info CSI 0000010b [SR] Beginning Verify and Repair transaction
2013-09-09 01:42:04, Info CSI 00000123 [SR] Verify complete
2013-09-09 01:42:05, Info CSI 00000124 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:42:05, Info CSI 00000125 [SR] Beginning Verify and Repair transaction
2013-09-09 01:42:13, Info CSI 00000127 [SR] Verify complete
2013-09-09 01:42:13, Info CSI 00000128 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:42:13, Info CSI 00000129 [SR] Beginning Verify and Repair transaction
2013-09-09 01:42:34, Info CSI 0000012b [SR] Verify complete
2013-09-09 01:42:35, Info CSI 0000012c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:42:35, Info CSI 0000012d [SR] Beginning Verify and Repair transaction
2013-09-09 01:42:51, Info CSI 00000130 [SR] Verify complete
2013-09-09 01:42:51, Info CSI 00000131 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:42:51, Info CSI 00000132 [SR] Beginning Verify and Repair transaction
2013-09-09 01:43:01, Info CSI 00000134 [SR] Verify complete
2013-09-09 01:43:01, Info CSI 00000135 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:43:01, Info CSI 00000136 [SR] Beginning Verify and Repair transaction
2013-09-09 01:43:11, Info CSI 00000138 [SR] Verify complete
2013-09-09 01:43:12, Info CSI 00000139 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:43:12, Info CSI 0000013a [SR] Beginning Verify and Repair transaction
2013-09-09 01:43:21, Info CSI 0000013c [SR] Verify complete
2013-09-09 01:43:21, Info CSI 0000013d [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:43:21, Info CSI 0000013e [SR] Beginning Verify and Repair transaction
2013-09-09 01:43:28, Info CSI 00000140 [SR] Verify complete
2013-09-09 01:43:29, Info CSI 00000141 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:43:29, Info CSI 00000142 [SR] Beginning Verify and Repair transaction
2013-09-09 01:43:35, Info CSI 00000146 [SR] Verify complete
2013-09-09 01:43:36, Info CSI 00000147 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:43:36, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2013-09-09 01:43:59, Info CSI 0000014a [SR] Verify complete
2013-09-09 01:43:59, Info CSI 0000014b [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:43:59, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2013-09-09 01:44:11, Info CSI 0000014f [SR] Verify complete
2013-09-09 01:44:11, Info CSI 00000150 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:44:11, Info CSI 00000151 [SR] Beginning Verify and Repair transaction
2013-09-09 01:44:19, Info CSI 00000153 [SR] Verify complete
2013-09-09 01:44:19, Info CSI 00000154 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:44:19, Info CSI 00000155 [SR] Beginning Verify and Repair transaction
2013-09-09 01:44:28, Info CSI 00000158 [SR] Verify complete
2013-09-09 01:44:29, Info CSI 00000159 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:44:29, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2013-09-09 01:44:41, Info CSI 0000015d [SR] Verify complete
2013-09-09 01:44:42, Info CSI 0000015e [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:44:42, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2013-09-09 01:44:50, Info CSI 00000161 [SR] Verify complete
2013-09-09 01:44:51, Info CSI 00000162 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:44:51, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2013-09-09 01:45:00, Info CSI 00000165 [SR] Verify complete
2013-09-09 01:45:00, Info CSI 00000166 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:45:00, Info CSI 00000167 [SR] Beginning Verify and Repair transaction
2013-09-09 01:45:08, Info CSI 00000169 [SR] Verify complete
2013-09-09 01:45:09, Info CSI 0000016a [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:45:09, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2013-09-09 01:45:21, Info CSI 0000016e [SR] Verify complete
2013-09-09 01:45:22, Info CSI 0000016f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:45:22, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2013-09-09 01:45:28, Info CSI 00000172 [SR] Verify complete
2013-09-09 01:45:29, Info CSI 00000173 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:45:29, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2013-09-09 01:45:35, Info CSI 00000176 [SR] Verify complete
2013-09-09 01:45:36, Info CSI 00000177 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:45:36, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2013-09-09 01:45:46, Info CSI 0000017b [SR] Verify complete
2013-09-09 01:45:47, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:45:47, Info CSI 0000017d [SR] Beginning Verify and Repair transaction
2013-09-09 01:45:56, Info CSI 00000181 [SR] Verify complete
2013-09-09 01:45:56, Info CSI 00000182 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:45:56, Info CSI 00000183 [SR] Beginning Verify and Repair transaction
2013-09-09 01:46:07, Info CSI 00000185 [SR] Verify complete
2013-09-09 01:46:07, Info CSI 00000186 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:46:07, Info CSI 00000187 [SR] Beginning Verify and Repair transaction
2013-09-09 01:46:18, Info CSI 0000018a [SR] Verify complete
2013-09-09 01:46:19, Info CSI 0000018b [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:46:19, Info CSI 0000018c [SR] Beginning Verify and Repair transaction
2013-09-09 01:46:27, Info CSI 0000018e [SR] Verify complete
2013-09-09 01:46:27, Info CSI 0000018f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:46:27, Info CSI 00000190 [SR] Beginning Verify and Repair transaction
2013-09-09 01:46:31, Info CSI 00000192 [SR] Verify complete
2013-09-09 01:46:32, Info CSI 00000193 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:46:32, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2013-09-09 01:46:40, Info CSI 00000196 [SR] Verify complete
2013-09-09 01:46:40, Info CSI 00000197 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:46:40, Info CSI 00000198 [SR] Beginning Verify and Repair transaction
2013-09-09 01:46:48, Info CSI 0000019a [SR] Verify complete
2013-09-09 01:46:49, Info CSI 0000019b [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:46:49, Info CSI 0000019c [SR] Beginning Verify and Repair transaction
2013-09-09 01:46:58, Info CSI 0000019e [SR] Verify complete
2013-09-09 01:46:58, Info CSI 0000019f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:46:58, Info CSI 000001a0 [SR] Beginning Verify and Repair transaction
2013-09-09 01:47:04, Info CSI 000001a2 [SR] Verify complete
2013-09-09 01:47:05, Info CSI 000001a3 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:47:05, Info CSI 000001a4 [SR] Beginning Verify and Repair transaction
2013-09-09 01:47:12, Info CSI 000001a6 [SR] Verify complete
2013-09-09 01:47:13, Info CSI 000001a7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:47:13, Info CSI 000001a8 [SR] Beginning Verify and Repair transaction
2013-09-09 01:47:28, Info CSI 000001aa [SR] Verify complete
2013-09-09 01:47:29, Info CSI 000001ab [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:47:29, Info CSI 000001ac [SR] Beginning Verify and Repair transaction
2013-09-09 01:47:53, Info CSI 000001ae [SR] Verify complete
2013-09-09 01:47:54, Info CSI 000001af [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:47:54, Info CSI 000001b0 [SR] Beginning Verify and Repair transaction
2013-09-09 01:48:02, Info CSI 000001b2 [SR] Verify complete
2013-09-09 01:48:03, Info CSI 000001b3 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:48:03, Info CSI 000001b4 [SR] Beginning Verify and Repair transaction
2013-09-09 01:48:11, Info CSI 000001b6 [SR] Verify complete
2013-09-09 01:48:11, Info CSI 000001b7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:48:11, Info CSI 000001b8 [SR] Beginning Verify and Repair transaction
2013-09-09 01:48:15, Info CSI 000001ba [SR] Verify complete
2013-09-09 01:48:15, Info CSI 000001bb [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:48:15, Info CSI 000001bc [SR] Beginning Verify and Repair transaction
2013-09-09 01:48:22, Info CSI 000001be [SR] Verify complete
2013-09-09 01:48:23, Info CSI 000001bf [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:48:23, Info CSI 000001c0 [SR] Beginning Verify and Repair transaction
2013-09-09 01:48:31, Info CSI 000001c2 [SR] Verify complete
2013-09-09 01:48:31, Info CSI 000001c3 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:48:31, Info CSI 000001c4 [SR] Beginning Verify and Repair transaction
2013-09-09 01:48:35, Info CSI 000001c6 [SR] Verify complete
2013-09-09 01:48:35, Info CSI 000001c7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:48:35, Info CSI 000001c8 [SR] Beginning Verify and Repair transaction
2013-09-09 01:48:37, Info CSI 000001ca [SR] Verify complete
2013-09-09 01:48:38, Info CSI 000001cb [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:48:38, Info CSI 000001cc [SR] Beginning Verify and Repair transaction
2013-09-09 01:48:47, Info CSI 000001d4 [SR] Verify complete
2013-09-09 01:48:47, Info CSI 000001d5 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:48:47, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction
2013-09-09 01:48:53, Info CSI 000001d8 [SR] Verify complete
2013-09-09 01:48:53, Info CSI 000001d9 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:48:53, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2013-09-09 01:48:57, Info CSI 000001dc [SR] Verify complete
2013-09-09 01:48:58, Info CSI 000001dd [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:48:58, Info CSI 000001de [SR] Beginning Verify and Repair transaction
2013-09-09 01:49:02, Info CSI 000001e0 [SR] Verify complete
2013-09-09 01:49:03, Info CSI 000001e1 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:49:03, Info CSI 000001e2 [SR] Beginning Verify and Repair transaction
2013-09-09 01:49:09, Info CSI 000001e4 [SR] Verify complete
2013-09-09 01:49:10, Info CSI 000001e5 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:49:10, Info CSI 000001e6 [SR] Beginning Verify and Repair transaction
2013-09-09 01:49:21, Info CSI 000001e9 [SR] Verify complete
2013-09-09 01:49:22, Info CSI 000001ea [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:49:22, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
2013-09-09 01:49:30, Info CSI 000001ed [SR] Verify complete
2013-09-09 01:49:31, Info CSI 000001ee [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:49:31, Info CSI 000001ef [SR] Beginning Verify and Repair transaction
2013-09-09 01:49:35, Info CSI 000001f1 [SR] Verify complete
2013-09-09 01:49:36, Info CSI 000001f2 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:49:36, Info CSI 000001f3 [SR] Beginning Verify and Repair transaction
2013-09-09 01:49:52, Info CSI 000001f6 [SR] Verify complete
2013-09-09 01:49:53, Info CSI 000001f7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:49:53, Info CSI 000001f8 [SR] Beginning Verify and Repair transaction
2013-09-09 01:50:07, Info CSI 000001fd [SR] Verify complete
2013-09-09 01:50:08, Info CSI 000001fe [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:50:08, Info CSI 000001ff [SR] Beginning Verify and Repair transaction
2013-09-09 01:50:18, Info CSI 00000203 [SR] Verify complete
2013-09-09 01:50:18, Info CSI 00000204 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:50:18, Info CSI 00000205 [SR] Beginning Verify and Repair transaction
2013-09-09 01:50:29, Info CSI 0000020d [SR] Verify complete
2013-09-09 01:50:30, Info CSI 0000020e [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:50:30, Info CSI 0000020f [SR] Beginning Verify and Repair transaction
2013-09-09 01:50:43, Info CSI 00000219 [SR] Verify complete
2013-09-09 01:50:43, Info CSI 0000021a [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:50:43, Info CSI 0000021b [SR] Beginning Verify and Repair transaction
2013-09-09 01:50:50, Info CSI 0000021d [SR] Verify complete
2013-09-09 01:50:51, Info CSI 0000021e [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:50:51, Info CSI 0000021f [SR] Beginning Verify and Repair transaction
2013-09-09 01:50:57, Info CSI 00000223 [SR] Verify complete
2013-09-09 01:50:58, Info CSI 00000224 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:50:58, Info CSI 00000225 [SR] Beginning Verify and Repair transaction
2013-09-09 01:51:04, Info CSI 00000227 [SR] Verify complete
2013-09-09 01:51:05, Info CSI 00000228 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:51:05, Info CSI 00000229 [SR] Beginning Verify and Repair transaction
2013-09-09 01:51:25, Info CSI 0000024e [SR] Verify complete
2013-09-09 01:51:28, Info CSI 0000024f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:51:28, Info CSI 00000250 [SR] Beginning Verify and Repair transaction
2013-09-09 01:51:42, Info CSI 00000252 [SR] Verify complete
2013-09-09 01:51:44, Info CSI 00000253 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:51:44, Info CSI 00000254 [SR] Beginning Verify and Repair transaction
2013-09-09 01:51:50, Info CSI 00000256 [SR] Verify complete
2013-09-09 01:51:51, Info CSI 00000257 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:51:51, Info CSI 00000258 [SR] Beginning Verify and Repair transaction
2013-09-09 01:51:58, Info CSI 0000025a [SR] Verify complete
2013-09-09 01:51:58, Info CSI 0000025b [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:51:58, Info CSI 0000025c [SR] Beginning Verify and Repair transaction
2013-09-09 01:52:04, Info CSI 0000026a [SR] Verify complete
2013-09-09 01:52:05, Info CSI 0000026b [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:52:05, Info CSI 0000026c [SR] Beginning Verify and Repair transaction
2013-09-09 01:52:16, Info CSI 0000026e [SR] Verify complete
2013-09-09 01:52:17, Info CSI 0000026f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:52:17, Info CSI 00000270 [SR] Beginning Verify and Repair transaction
2013-09-09 01:52:26, Info CSI 0000027e [SR] Verify complete
2013-09-09 01:52:27, Info CSI 0000027f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:52:27, Info CSI 00000280 [SR] Beginning Verify and Repair transaction
2013-09-09 01:52:33, Info CSI 00000282 [SR] Verify complete
2013-09-09 01:52:33, Info CSI 00000283 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:52:33, Info CSI 00000284 [SR] Beginning Verify and Repair transaction
2013-09-09 01:52:38, Info CSI 00000286 [SR] Verify complete
2013-09-09 01:52:38, Info CSI 00000287 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:52:38, Info CSI 00000288 [SR] Beginning Verify and Repair transaction
2013-09-09 01:52:46, Info CSI 0000028b [SR] Verify complete
2013-09-09 01:52:47, Info CSI 0000028c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:52:47, Info CSI 0000028d [SR] Beginning Verify and Repair transaction
2013-09-09 01:52:50, Info CSI 0000028f [SR] Verify complete
2013-09-09 01:52:50, Info CSI 00000290 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:52:50, Info CSI 00000291 [SR] Beginning Verify and Repair transaction
2013-09-09 01:53:00, Info CSI 00000293 [SR] Verify complete
2013-09-09 01:53:00, Info CSI 00000294 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:53:00, Info CSI 00000295 [SR] Beginning Verify and Repair transaction
2013-09-09 01:53:07, Info CSI 00000297 [SR] Verify complete
2013-09-09 01:53:08, Info CSI 00000298 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:53:08, Info CSI 00000299 [SR] Beginning Verify and Repair transaction
2013-09-09 01:53:16, Info CSI 0000029b [SR] Verify complete
2013-09-09 01:53:16, Info CSI 0000029c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:53:16, Info CSI 0000029d [SR] Beginning Verify and Repair transaction
2013-09-09 01:53:30, Info CSI 000002b7 [SR] Verify complete
2013-09-09 01:53:31, Info CSI 000002b8 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:53:31, Info CSI 000002b9 [SR] Beginning Verify and Repair transaction
2013-09-09 01:53:51, Info CSI 000002bb [SR] Verify complete
2013-09-09 01:53:52, Info CSI 000002bc [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:53:52, Info CSI 000002bd [SR] Beginning Verify and Repair transaction
2013-09-09 01:53:59, Info CSI 000002bf [SR] Verify complete
2013-09-09 01:53:59, Info CSI 000002c0 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:53:59, Info CSI 000002c1 [SR] Beginning Verify and Repair transaction
2013-09-09 01:54:06, Info CSI 000002c3 [SR] Verify complete
2013-09-09 01:54:06, Info CSI 000002c4 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:54:06, Info CSI 000002c5 [SR] Beginning Verify and Repair transaction
2013-09-09 01:54:11, Info CSI 000002c9 [SR] Verify complete
2013-09-09 01:54:12, Info CSI 000002ca [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:54:12, Info CSI 000002cb [SR] Beginning Verify and Repair transaction
2013-09-09 01:54:17, Info CSI 000002cd [SR] Verify complete
2013-09-09 01:54:18, Info CSI 000002ce [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:54:18, Info CSI 000002cf [SR] Beginning Verify and Repair transaction
2013-09-09 01:54:25, Info CSI 000002d1 [SR] Verify complete
2013-09-09 01:54:25, Info CSI 000002d2 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:54:25, Info CSI 000002d3 [SR] Beginning Verify and Repair transaction
2013-09-09 01:54:32, Info CSI 000002d5 [SR] Verify complete
2013-09-09 01:54:33, Info CSI 000002d6 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:54:33, Info CSI 000002d7 [SR] Beginning Verify and Repair transaction
2013-09-09 01:54:39, Info CSI 000002da [SR] Verify complete
2013-09-09 01:54:39, Info CSI 000002db [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:54:39, Info CSI 000002dc [SR] Beginning Verify and Repair transaction
2013-09-09 01:54:45, Info CSI 000002de [SR] Verify complete
2013-09-09 01:54:46, Info CSI 000002df [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:54:46, Info CSI 000002e0 [SR] Beginning Verify and Repair transaction
2013-09-09 01:54:53, Info CSI 000002e2 [SR] Verify complete
2013-09-09 01:54:54, Info CSI 000002e3 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:54:54, Info CSI 000002e4 [SR] Beginning Verify and Repair transaction
2013-09-09 01:55:02, Info CSI 000002e6 [SR] Verify complete
2013-09-09 01:55:02, Info CSI 000002e7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:55:02, Info CSI 000002e8 [SR] Beginning Verify and Repair transaction
2013-09-09 01:55:06, Info CSI 000002eb [SR] Verify complete
2013-09-09 01:55:07, Info CSI 000002ec [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:55:07, Info CSI 000002ed [SR] Beginning Verify and Repair transaction
2013-09-09 01:55:13, Info CSI 000002ef [SR] Verify complete
2013-09-09 01:55:14, Info CSI 000002f0 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:55:14, Info CSI 000002f1 [SR] Beginning Verify and Repair transaction
2013-09-09 01:55:19, Info CSI 000002f3 [SR] Verify complete
2013-09-09 01:55:20, Info CSI 000002f4 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 01:55:20, Info CSI 000002f5 [SR] Beginning Verify and Repair transaction
2013-09-09 01:55:26, Info CSI 000002f7 [SR] Verify complete
2013-09-09 01:55:27, Info CSI 000002f8 [SR] Verifying 72 (0x0000000000000048) components
2013-09-09 01:55:27, Info CSI 000002f9 [SR] Beginning Verify and Repair transaction
2013-09-09 01:55:30, Info CSI 000002fb [SR] Verify complete
2013-09-09 01:55:30, Info CSI 000002fc [SR] Repairing 1 components
2013-09-09 01:55:30, Info CSI 000002fd [SR] Beginning Verify and Repair transaction
2013-09-09 01:55:30, Info CSI 000002fe [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-09-09 01:55:30, Info CSI 000002ff [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-09-09 01:55:30, Info CSI 00000300 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2013-09-09 01:55:31, Info CSI 00000302 [SR] Repair complete
2013-09-09 01:55:31, Info CSI 00000303 [SR] Committing transaction
2013-09-09 01:55:31, Info CSI 00000307 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
2013-09-09 16:06:39, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:06:39, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2013-09-09 16:06:41, Info CSI 0000000c [SR] Verify complete
2013-09-09 16:06:43, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:06:43, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2013-09-09 16:06:44, Info CSI 00000010 [SR] Verify complete
2013-09-09 16:06:46, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:06:46, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2013-09-09 16:06:48, Info CSI 00000014 [SR] Verify complete
2013-09-09 16:06:50, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:06:50, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2013-09-09 16:06:51, Info CSI 00000018 [SR] Verify complete
2013-09-09 16:06:52, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:06:52, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2013-09-09 16:06:57, Info CSI 0000001c [SR] Verify complete
2013-09-09 16:06:58, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:06:58, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2013-09-09 16:07:05, Info CSI 00000020 [SR] Verify complete
2013-09-09 16:07:07, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:07:07, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2013-09-09 16:07:11, Info CSI 00000024 [SR] Verify complete
2013-09-09 16:07:12, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:07:12, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2013-09-09 16:07:16, Info CSI 00000028 [SR] Verify complete
2013-09-09 16:07:17, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:07:17, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2013-09-09 16:07:24, Info CSI 0000002c [SR] Verify complete
2013-09-09 16:07:25, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:07:25, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2013-09-09 16:07:30, Info CSI 00000030 [SR] Verify complete
2013-09-09 16:07:31, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:07:31, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2013-09-09 16:07:35, Info CSI 00000034 [SR] Verify complete
2013-09-09 16:07:37, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:07:37, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2013-09-09 16:07:45, Info CSI 00000039 [SR] Verify complete
2013-09-09 16:07:46, Info CSI 0000003a [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:07:46, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2013-09-09 16:07:57, Info CSI 0000003f [SR] Verify complete
2013-09-09 16:07:59, Info CSI 00000040 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:07:59, Info CSI 00000041 [SR] Beginning Verify and Repair transaction
2013-09-09 16:08:05, Info CSI 00000044 [SR] Verify complete
2013-09-09 16:08:07, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:08:07, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2013-09-09 16:08:14, Info CSI 00000049 [SR] Verify complete
2013-09-09 16:08:15, Info CSI 0000004a [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:08:15, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2013-09-09 16:08:21, Info CSI 0000004c [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-09-09 16:08:23, Info CSI 0000004d [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-09-09 16:08:23, Info CSI 0000004e [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2013-09-09 16:08:25, Info CSI 00000050 [SR] Verify complete
2013-09-09 16:08:26, Info CSI 00000051 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:08:26, Info CSI 00000052 [SR] Beginning Verify and Repair transaction
2013-09-09 16:08:42, Info CSI 00000074 [SR] Verify complete
2013-09-09 16:08:43, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:08:43, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2013-09-09 16:08:53, Info CSI 0000007b [SR] Verify complete
2013-09-09 16:08:54, Info CSI 0000007c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:08:54, Info CSI 0000007d [SR] Beginning Verify and Repair transaction
2013-09-09 16:09:02, Info CSI 0000007f [SR] Verify complete
2013-09-09 16:09:03, Info CSI 00000080 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:09:03, Info CSI 00000081 [SR] Beginning Verify and Repair transaction
2013-09-09 16:09:11, Info CSI 00000083 [SR] Verify complete
2013-09-09 16:09:12, Info CSI 00000084 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:09:12, Info CSI 00000085 [SR] Beginning Verify and Repair transaction
2013-09-09 16:09:21, Info CSI 00000087 [SR] Verify complete
2013-09-09 16:09:23, Info CSI 00000088 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:09:23, Info CSI 00000089 [SR] Beginning Verify and Repair transaction
2013-09-09 16:09:30, Info CSI 0000008b [SR] Verify complete
2013-09-09 16:09:31, Info CSI 0000008c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:09:31, Info CSI 0000008d [SR] Beginning Verify and Repair transaction
2013-09-09 16:09:45, Info CSI 00000091 [SR] Verify complete
2013-09-09 16:09:46, Info CSI 00000092 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:09:46, Info CSI 00000093 [SR] Beginning Verify and Repair transaction
2013-09-09 16:10:01, Info CSI 000000b4 [SR] Verify complete
2013-09-09 16:10:03, Info CSI 000000b5 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:10:03, Info CSI 000000b6 [SR] Beginning Verify and Repair transaction
2013-09-09 16:10:18, Info CSI 000000b8 [SR] Verify complete
2013-09-09 16:10:19, Info CSI 000000b9 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:10:19, Info CSI 000000ba [SR] Beginning Verify and Repair transaction
2013-09-09 16:10:41, Info CSI 000000be [SR] Verify complete
2013-09-09 16:10:43, Info CSI 000000bf [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:10:43, Info CSI 000000c0 [SR] Beginning Verify and Repair transaction
2013-09-09 16:10:48, Info CSI 000000c2 [SR] Verify complete
2013-09-09 16:10:49, Info CSI 000000c3 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:10:49, Info CSI 000000c4 [SR] Beginning Verify and Repair transaction
2013-09-09 16:10:53, Info CSI 000000c6 [SR] Verify complete
2013-09-09 16:10:53, Info CSI 000000c7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:10:53, Info CSI 000000c8 [SR] Beginning Verify and Repair transaction
2013-09-09 16:10:58, Info CSI 000000ca [SR] Verify complete
2013-09-09 16:11:00, Info CSI 000000cb [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:11:00, Info CSI 000000cc [SR] Beginning Verify and Repair transaction
2013-09-09 16:11:16, Info CSI 000000df [SR] Verify complete
2013-09-09 16:11:17, Info CSI 000000e0 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:11:17, Info CSI 000000e1 [SR] Beginning Verify and Repair transaction
2013-09-09 16:11:21, Info CSI 000000e3 [SR] Verify complete
2013-09-09 16:11:22, Info CSI 000000e4 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:11:22, Info CSI 000000e5 [SR] Beginning Verify and Repair transaction
2013-09-09 16:11:28, Info CSI 000000e7 [SR] Verify complete
2013-09-09 16:11:29, Info CSI 000000e8 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:11:29, Info CSI 000000e9 [SR] Beginning Verify and Repair transaction
2013-09-09 16:11:34, Info CSI 000000eb [SR] Verify complete
2013-09-09 16:11:35, Info CSI 000000ec [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:11:35, Info CSI 000000ed [SR] Beginning Verify and Repair transaction
2013-09-09 16:11:43, Info CSI 000000f0 [SR] Verify complete
2013-09-09 16:11:45, Info CSI 000000f1 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:11:45, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
2013-09-09 16:12:01, Info CSI 000000f5 [SR] Verify complete
2013-09-09 16:12:02, Info CSI 000000f6 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:12:02, Info CSI 000000f7 [SR] Beginning Verify and Repair transaction
2013-09-09 16:12:07, Info CSI 000000f9 [SR] Verify complete
2013-09-09 16:12:07, Info CSI 000000fa [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:12:07, Info CSI 000000fb [SR] Beginning Verify and Repair transaction
2013-09-09 16:12:12, Info CSI 000000fd [SR] Verify complete
2013-09-09 16:12:13, Info CSI 000000fe [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:12:13, Info CSI 000000ff [SR] Beginning Verify and Repair transaction
2013-09-09 16:12:25, Info CSI 00000101 [SR] Verify complete
2013-09-09 16:12:26, Info CSI 00000102 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:12:26, Info CSI 00000103 [SR] Beginning Verify and Repair transaction
2013-09-09 16:12:36, Info CSI 00000105 [SR] Verify complete
2013-09-09 16:12:37, Info CSI 00000106 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:12:37, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2013-09-09 16:12:51, Info CSI 00000109 [SR] Verify complete
2013-09-09 16:12:52, Info CSI 0000010a [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:12:52, Info CSI 0000010b [SR] Beginning Verify and Repair transaction
2013-09-09 16:13:08, Info CSI 00000123 [SR] Verify complete
2013-09-09 16:13:09, Info CSI 00000124 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:13:09, Info CSI 00000125 [SR] Beginning Verify and Repair transaction
2013-09-09 16:13:18, Info CSI 00000127 [SR] Verify complete
2013-09-09 16:13:19, Info CSI 00000128 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:13:19, Info CSI 00000129 [SR] Beginning Verify and Repair transaction
2013-09-09 16:13:41, Info CSI 0000012b [SR] Verify complete
2013-09-09 16:13:41, Info CSI 0000012c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:13:41, Info CSI 0000012d [SR] Beginning Verify and Repair transaction
2013-09-09 16:13:58, Info CSI 00000130 [SR] Verify complete
2013-09-09 16:13:59, Info CSI 00000131 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:13:59, Info CSI 00000132 [SR] Beginning Verify and Repair transaction
2013-09-09 16:14:09, Info CSI 00000134 [SR] Verify complete
2013-09-09 16:14:09, Info CSI 00000135 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:14:09, Info CSI 00000136 [SR] Beginning Verify and Repair transaction
2013-09-09 16:14:20, Info CSI 00000138 [SR] Verify complete
2013-09-09 16:14:21, Info CSI 00000139 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:14:21, Info CSI 0000013a [SR] Beginning Verify and Repair transaction
2013-09-09 16:14:32, Info CSI 0000013c [SR] Verify complete
2013-09-09 16:14:33, Info CSI 0000013d [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:14:33, Info CSI 0000013e [SR] Beginning Verify and Repair transaction
2013-09-09 16:14:40, Info CSI 00000140 [SR] Verify complete
2013-09-09 16:14:41, Info CSI 00000141 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:14:41, Info CSI 00000142 [SR] Beginning Verify and Repair transaction
2013-09-09 16:14:48, Info CSI 00000146 [SR] Verify complete
2013-09-09 16:14:49, Info CSI 00000147 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:14:49, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2013-09-09 16:15:13, Info CSI 0000014a [SR] Verify complete
2013-09-09 16:15:13, Info CSI 0000014b [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:15:13, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2013-09-09 16:15:26, Info CSI 0000014f [SR] Verify complete
2013-09-09 16:15:27, Info CSI 00000150 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:15:27, Info CSI 00000151 [SR] Beginning Verify and Repair transaction
2013-09-09 16:15:35, Info CSI 00000153 [SR] Verify complete
2013-09-09 16:15:36, Info CSI 00000154 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:15:36, Info CSI 00000155 [SR] Beginning Verify and Repair transaction
2013-09-09 16:15:45, Info CSI 00000158 [SR] Verify complete
2013-09-09 16:15:46, Info CSI 00000159 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:15:46, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2013-09-09 16:15:59, Info CSI 0000015d [SR] Verify complete
2013-09-09 16:16:00, Info CSI 0000015e [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:16:00, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2013-09-09 16:16:08, Info CSI 00000161 [SR] Verify complete
2013-09-09 16:16:09, Info CSI 00000162 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:16:09, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2013-09-09 16:16:18, Info CSI 00000165 [SR] Verify complete
2013-09-09 16:16:18, Info CSI 00000166 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:16:18, Info CSI 00000167 [SR] Beginning Verify and Repair transaction
2013-09-09 16:16:27, Info CSI 00000169 [SR] Verify complete
2013-09-09 16:16:27, Info CSI 0000016a [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:16:27, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2013-09-09 16:16:39, Info CSI 0000016e [SR] Verify complete
2013-09-09 16:16:40, Info CSI 0000016f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:16:40, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2013-09-09 16:16:46, Info CSI 00000172 [SR] Verify complete
2013-09-09 16:16:47, Info CSI 00000173 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:16:47, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2013-09-09 16:16:53, Info CSI 00000176 [SR] Verify complete
2013-09-09 16:16:54, Info CSI 00000177 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:16:54, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2013-09-09 16:17:05, Info CSI 0000017b [SR] Verify complete
2013-09-09 16:17:05, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:17:05, Info CSI 0000017d [SR] Beginning Verify and Repair transaction
2013-09-09 16:17:14, Info CSI 00000181 [SR] Verify complete
2013-09-09 16:17:14, Info CSI 00000182 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:17:14, Info CSI 00000183 [SR] Beginning Verify and Repair transaction
2013-09-09 16:17:25, Info CSI 00000185 [SR] Verify complete
2013-09-09 16:17:25, Info CSI 00000186 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:17:25, Info CSI 00000187 [SR] Beginning Verify and Repair transaction
2013-09-09 16:17:36, Info CSI 0000018a [SR] Verify complete
2013-09-09 16:17:37, Info CSI 0000018b [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:17:37, Info CSI 0000018c [SR] Beginning Verify and Repair transaction
2013-09-09 16:17:45, Info CSI 0000018e [SR] Verify complete
2013-09-09 16:17:45, Info CSI 0000018f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:17:45, Info CSI 00000190 [SR] Beginning Verify and Repair transaction
2013-09-09 16:17:49, Info CSI 00000192 [SR] Verify complete
2013-09-09 16:17:49, Info CSI 00000193 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:17:49, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2013-09-09 16:17:57, Info CSI 00000196 [SR] Verify complete
2013-09-09 16:17:58, Info CSI 00000197 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:17:58, Info CSI 00000198 [SR] Beginning Verify and Repair transaction
2013-09-09 16:18:05, Info CSI 0000019a [SR] Verify complete
2013-09-09 16:18:06, Info CSI 0000019b [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:18:06, Info CSI 0000019c [SR] Beginning Verify and Repair transaction
2013-09-09 16:18:14, Info CSI 0000019e [SR] Verify complete
2013-09-09 16:18:15, Info CSI 0000019f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:18:15, Info CSI 000001a0 [SR] Beginning Verify and Repair transaction
2013-09-09 16:18:21, Info CSI 000001a2 [SR] Verify complete
2013-09-09 16:18:22, Info CSI 000001a3 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:18:22, Info CSI 000001a4 [SR] Beginning Verify and Repair transaction
2013-09-09 16:18:29, Info CSI 000001a6 [SR] Verify complete
2013-09-09 16:18:29, Info CSI 000001a7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:18:29, Info CSI 000001a8 [SR] Beginning Verify and Repair transaction
2013-09-09 16:18:46, Info CSI 000001aa [SR] Verify complete
2013-09-09 16:18:47, Info CSI 000001ab [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:18:47, Info CSI 000001ac [SR] Beginning Verify and Repair transaction
2013-09-09 16:19:11, Info CSI 000001ae [SR] Verify complete
2013-09-09 16:19:11, Info CSI 000001af [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:19:11, Info CSI 000001b0 [SR] Beginning Verify and Repair transaction
2013-09-09 16:19:20, Info CSI 000001b2 [SR] Verify complete
2013-09-09 16:19:20, Info CSI 000001b3 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:19:20, Info CSI 000001b4 [SR] Beginning Verify and Repair transaction
2013-09-09 16:19:28, Info CSI 000001b6 [SR] Verify complete
2013-09-09 16:19:29, Info CSI 000001b7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:19:29, Info CSI 000001b8 [SR] Beginning Verify and Repair transaction
2013-09-09 16:19:32, Info CSI 000001ba [SR] Verify complete
2013-09-09 16:19:33, Info CSI 000001bb [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:19:33, Info CSI 000001bc [SR] Beginning Verify and Repair transaction
2013-09-09 16:19:39, Info CSI 000001be [SR] Verify complete
2013-09-09 16:19:39, Info CSI 000001bf [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:19:39, Info CSI 000001c0 [SR] Beginning Verify and Repair transaction
2013-09-09 16:19:48, Info CSI 000001c2 [SR] Verify complete
2013-09-09 16:19:48, Info CSI 000001c3 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:19:48, Info CSI 000001c4 [SR] Beginning Verify and Repair transaction
2013-09-09 16:19:52, Info CSI 000001c6 [SR] Verify complete
2013-09-09 16:19:52, Info CSI 000001c7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:19:52, Info CSI 000001c8 [SR] Beginning Verify and Repair transaction
2013-09-09 16:19:54, Info CSI 000001ca [SR] Verify complete
2013-09-09 16:19:55, Info CSI 000001cb [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:19:55, Info CSI 000001cc [SR] Beginning Verify and Repair transaction
2013-09-09 16:20:03, Info CSI 000001d4 [SR] Verify complete
2013-09-09 16:20:04, Info CSI 000001d5 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:20:04, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction
2013-09-09 16:20:10, Info CSI 000001d8 [SR] Verify complete
2013-09-09 16:20:10, Info CSI 000001d9 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:20:10, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2013-09-09 16:20:15, Info CSI 000001dc [SR] Verify complete
2013-09-09 16:20:15, Info CSI 000001dd [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:20:15, Info CSI 000001de [SR] Beginning Verify and Repair transaction
2013-09-09 16:20:19, Info CSI 000001e0 [SR] Verify complete
2013-09-09 16:20:19, Info CSI 000001e1 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:20:19, Info CSI 000001e2 [SR] Beginning Verify and Repair transaction
2013-09-09 16:20:26, Info CSI 000001e4 [SR] Verify complete
2013-09-09 16:20:27, Info CSI 000001e5 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:20:27, Info CSI 000001e6 [SR] Beginning Verify and Repair transaction
2013-09-09 16:20:40, Info CSI 000001e9 [SR] Verify complete
2013-09-09 16:20:40, Info CSI 000001ea [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:20:40, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
2013-09-09 16:20:48, Info CSI 000001ed [SR] Verify complete
2013-09-09 16:20:49, Info CSI 000001ee [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:20:49, Info CSI 000001ef [SR] Beginning Verify and Repair transaction
2013-09-09 16:20:53, Info CSI 000001f1 [SR] Verify complete
2013-09-09 16:20:54, Info CSI 000001f2 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:20:54, Info CSI 000001f3 [SR] Beginning Verify and Repair transaction
2013-09-09 16:21:09, Info CSI 000001f6 [SR] Verify complete
2013-09-09 16:21:09, Info CSI 000001f7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:21:09, Info CSI 000001f8 [SR] Beginning Verify and Repair transaction
2013-09-09 16:21:23, Info CSI 000001fd [SR] Verify complete
2013-09-09 16:21:24, Info CSI 000001fe [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:21:24, Info CSI 000001ff [SR] Beginning Verify and Repair transaction
2013-09-09 16:21:32, Info CSI 00000203 [SR] Verify complete
2013-09-09 16:21:32, Info CSI 00000204 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:21:32, Info CSI 00000205 [SR] Beginning Verify and Repair transaction
2013-09-09 16:21:42, Info CSI 0000020d [SR] Verify complete
2013-09-09 16:21:42, Info CSI 0000020e [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:21:42, Info CSI 0000020f [SR] Beginning Verify and Repair transaction
2013-09-09 16:21:53, Info CSI 00000219 [SR] Verify complete
2013-09-09 16:21:53, Info CSI 0000021a [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:21:53, Info CSI 0000021b [SR] Beginning Verify and Repair transaction
2013-09-09 16:21:59, Info CSI 0000021d [SR] Verify complete
2013-09-09 16:22:00, Info CSI 0000021e [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:22:00, Info CSI 0000021f [SR] Beginning Verify and Repair transaction
2013-09-09 16:22:05, Info CSI 00000223 [SR] Verify complete
2013-09-09 16:22:05, Info CSI 00000224 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:22:05, Info CSI 00000225 [SR] Beginning Verify and Repair transaction
2013-09-09 16:22:11, Info CSI 00000227 [SR] Verify complete
2013-09-09 16:22:11, Info CSI 00000228 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:22:11, Info CSI 00000229 [SR] Beginning Verify and Repair transaction
2013-09-09 16:22:21, Info CSI 0000024e [SR] Verify complete
2013-09-09 16:22:22, Info CSI 0000024f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:22:22, Info CSI 00000250 [SR] Beginning Verify and Repair transaction
2013-09-09 16:22:27, Info CSI 00000252 [SR] Verify complete
2013-09-09 16:22:27, Info CSI 00000253 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:22:27, Info CSI 00000254 [SR] Beginning Verify and Repair transaction
2013-09-09 16:22:33, Info CSI 00000256 [SR] Verify complete
2013-09-09 16:22:33, Info CSI 00000257 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:22:33, Info CSI 00000258 [SR] Beginning Verify and Repair transaction
2013-09-09 16:22:39, Info CSI 0000025a [SR] Verify complete
2013-09-09 16:22:40, Info CSI 0000025b [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:22:40, Info CSI 0000025c [SR] Beginning Verify and Repair transaction
2013-09-09 16:22:46, Info CSI 0000026a [SR] Verify complete
2013-09-09 16:22:46, Info CSI 0000026b [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:22:46, Info CSI 0000026c [SR] Beginning Verify and Repair transaction
2013-09-09 16:22:57, Info CSI 0000026e [SR] Verify complete
2013-09-09 16:22:58, Info CSI 0000026f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:22:58, Info CSI 00000270 [SR] Beginning Verify and Repair transaction
2013-09-09 16:23:07, Info CSI 0000027e [SR] Verify complete
2013-09-09 16:23:08, Info CSI 0000027f [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:23:08, Info CSI 00000280 [SR] Beginning Verify and Repair transaction
2013-09-09 16:23:13, Info CSI 00000282 [SR] Verify complete
2013-09-09 16:23:14, Info CSI 00000283 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:23:14, Info CSI 00000284 [SR] Beginning Verify and Repair transaction
2013-09-09 16:23:17, Info CSI 00000286 [SR] Verify complete
2013-09-09 16:23:18, Info CSI 00000287 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:23:18, Info CSI 00000288 [SR] Beginning Verify and Repair transaction
2013-09-09 16:23:24, Info CSI 0000028b [SR] Verify complete
2013-09-09 16:23:24, Info CSI 0000028c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:23:24, Info CSI 0000028d [SR] Beginning Verify and Repair transaction
2013-09-09 16:23:27, Info CSI 0000028f [SR] Verify complete
2013-09-09 16:23:27, Info CSI 00000290 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:23:27, Info CSI 00000291 [SR] Beginning Verify and Repair transaction
2013-09-09 16:23:37, Info CSI 00000293 [SR] Verify complete
2013-09-09 16:23:37, Info CSI 00000294 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:23:37, Info CSI 00000295 [SR] Beginning Verify and Repair transaction
2013-09-09 16:23:44, Info CSI 00000297 [SR] Verify complete
2013-09-09 16:23:45, Info CSI 00000298 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:23:45, Info CSI 00000299 [SR] Beginning Verify and Repair transaction
2013-09-09 16:23:51, Info CSI 0000029b [SR] Verify complete
2013-09-09 16:23:52, Info CSI 0000029c [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:23:52, Info CSI 0000029d [SR] Beginning Verify and Repair transaction
2013-09-09 16:24:05, Info CSI 000002b7 [SR] Verify complete
2013-09-09 16:24:05, Info CSI 000002b8 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:24:05, Info CSI 000002b9 [SR] Beginning Verify and Repair transaction
2013-09-09 16:24:26, Info CSI 000002bb [SR] Verify complete
2013-09-09 16:24:26, Info CSI 000002bc [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:24:26, Info CSI 000002bd [SR] Beginning Verify and Repair transaction
2013-09-09 16:24:32, Info CSI 000002bf [SR] Verify complete
2013-09-09 16:24:32, Info CSI 000002c0 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:24:32, Info CSI 000002c1 [SR] Beginning Verify and Repair transaction
2013-09-09 16:24:37, Info CSI 000002c3 [SR] Verify complete
2013-09-09 16:24:38, Info CSI 000002c4 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:24:38, Info CSI 000002c5 [SR] Beginning Verify and Repair transaction
2013-09-09 16:24:42, Info CSI 000002c9 [SR] Verify complete
2013-09-09 16:24:43, Info CSI 000002ca [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:24:43, Info CSI 000002cb [SR] Beginning Verify and Repair transaction
2013-09-09 16:24:48, Info CSI 000002cd [SR] Verify complete
2013-09-09 16:24:48, Info CSI 000002ce [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:24:48, Info CSI 000002cf [SR] Beginning Verify and Repair transaction
2013-09-09 16:24:54, Info CSI 000002d1 [SR] Verify complete
2013-09-09 16:24:55, Info CSI 000002d2 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:24:55, Info CSI 000002d3 [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:01, Info CSI 000002d5 [SR] Verify complete
2013-09-09 16:25:01, Info CSI 000002d6 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:25:01, Info CSI 000002d7 [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:07, Info CSI 000002da [SR] Verify complete
2013-09-09 16:25:08, Info CSI 000002db [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:25:08, Info CSI 000002dc [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:12, Info CSI 000002de [SR] Verify complete
2013-09-09 16:25:13, Info CSI 000002df [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:25:13, Info CSI 000002e0 [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:20, Info CSI 000002e2 [SR] Verify complete
2013-09-09 16:25:20, Info CSI 000002e3 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:25:20, Info CSI 000002e4 [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:27, Info CSI 000002e6 [SR] Verify complete
2013-09-09 16:25:27, Info CSI 000002e7 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:25:27, Info CSI 000002e8 [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:31, Info CSI 000002eb [SR] Verify complete
2013-09-09 16:25:32, Info CSI 000002ec [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:25:32, Info CSI 000002ed [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:38, Info CSI 000002ef [SR] Verify complete
2013-09-09 16:25:39, Info CSI 000002f0 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:25:39, Info CSI 000002f1 [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:44, Info CSI 000002f3 [SR] Verify complete
2013-09-09 16:25:44, Info CSI 000002f4 [SR] Verifying 100 (0x0000000000000064) components
2013-09-09 16:25:44, Info CSI 000002f5 [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:50, Info CSI 000002f7 [SR] Verify complete
2013-09-09 16:25:50, Info CSI 000002f8 [SR] Verifying 72 (0x0000000000000048) components
2013-09-09 16:25:50, Info CSI 000002f9 [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:53, Info CSI 000002fb [SR] Verify complete
2013-09-09 16:25:53, Info CSI 000002fc [SR] Repairing 1 components
2013-09-09 16:25:53, Info CSI 000002fd [SR] Beginning Verify and Repair transaction
2013-09-09 16:25:53, Info CSI 000002fe [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-09-09 16:25:53, Info CSI 000002ff [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-09-09 16:25:53, Info CSI 00000300 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2013-09-09 16:25:54, Info CSI 00000302 [SR] Repair complete
2013-09-09 16:25:54, Info CSI 00000303 [SR] Committing transaction
2013-09-09 16:25:54, Info CSI 00000307 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
  • 0

#28
zac1

zac1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Hello Ron everything completed.Thank you ever so much for all the help you are giving me it is very much appreciated.
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 09/09/2013 16:44:31

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/09/2013 15:36:22
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 09/09/2013 15:26:22
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 09/09/2013 15:16:22
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 09/09/2013 15:06:22
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 09/09/2013 15:06:11
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Windows Defender service terminated with the following error: %%-2147024891

Log: 'System' Date/Time: 09/09/2013 15:05:54
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The SecureUpdate service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 09/09/2013 15:05:29
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: 4959228drv aswSnx nckkof ofvpmj

Log: 'System' Date/Time: 09/09/2013 15:05:29
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 09/09/2013 15:04:25
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Microsoft Antimalware Service service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 09/09/2013 15:03:24
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/09/2013 15:04:33
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 09/09/2013 15:04:14
Type: Warning Category: 0
Event: 5 Source: Microsoft-Windows-FilterManager
File System Filter '4959228drv' (Version 6.1, ?2010?-?11?-?13T14:38:07.000000000Z) failed to register with Filter Manager. The final status for this operation was 0xc0000034.

Log: 'System' Date/Time: 09/09/2013 15:03:36
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,017 posts
  • MVP
See post #22: http://www.geekstogo...ost__p__2329831
  • 0

#30
zac1

zac1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Hello Ron,
Struggling with getting the download from browser to desktop.I am using IE9.I can get a short cut download to my desk top.I can pin it to my taskbar.If you right click on the download that shows in the browsers list of downloads you get a number of options one of which is to open it.If you do this as in AdwCleaner it takes you to a window which is ready to do the scan.Please advise.

Best wishes
Zac1
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP