Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop running slow- Infection found: AsPatch10430001 and others


  • Please log in to reply

#1
Paty

Paty

    Member

  • Member
  • PipPip
  • 10 posts
Hello everybody, I came to this site for help.
My laptop is very slow again, took about 2 min. to boot, 4 min to open an application. This behavior happened 5 days ago, then it returned to normal and now it is slow again. I run Kasperky online, which found none infection but vulnerabilites. Malwarebytes didn't detect anything wrong, Avast on boot mode detected 8 infections and it moved to quarantine

El archivo C:\$Recycle.Bin\S-1-5-21-1324935523-3930393997-533353513-1001\$RLA8SLC.rar|>ISNor_2013\NIS-TW-30-20-1-0-24-ES.exe Error 42126 {El archivo RAR está dañado.}
El archivo C:\backup\PC XP\copia de seguridad del Nokia\2009-08-30 Nokia 6131.nbu|>start.class esta infectado por Java:BTInfo-A [PUP], Movido al baúl
El archivo C:\compartida\Patricia\codecs\CodecPackElisoft140.zip|>CodecPackElisoft140.exe esta infectado por Win32:Adware-PK [PUP], Movido al baúl
El archivo C:\compartida\Patricia\codecs\CodecPackElisoft140.zip esta infectado por Win32:Adware-PK [PUP], Movido al baúl
El archivo C:\compartida\Patricia\DVDFab Platinum 5.0.9.0 Español Desatendido.exe|>setup.exe|>@$&%04\DVDFab.exe esta infectado por Win32:Trojan-gen, Movido al baúl
El archivo C:\compartida\Patricia\DVDFab Platinum 5.0.9.0 Español Desatendido.exe|>setup.exe esta infectado por Win32:Dropper-gen [Drp], Movido al baúl
El archivo C:\compartida\Patricia\juegos\Magic Academy 2\MAGIC ACADEMY 2.exe Error 42110 {El archivo es una bomba de descompresión.}
El archivo C:\compartida\Patricia\Total commander (registrado) Win 7\Setup Total Commander + Plugins for windows 7.exe Error 42110 {El archivo es una bomba de descompresión.}
El archivo C:\descargas\norintsec2013ver201024es.rar.part|>ISNor_2013\NIS-TW-30-20-1-0-24-ES.exe Error 42126 {El archivo RAR está dañado.}
El archivo C:\Make_PE3\PE3_mod\PE3_add\amd64\Windows\SysWOW64\hide.exe esta infectado por Win32:HiddenStart [PUP], Movido al baúl
El archivo C:\Make_PE3\PE3_mod\PE3_add\ia64\Windows\SysWOW64\hide.exe esta infectado por Win32:HiddenStart [PUP], Movido al baúl
El archivo C:\Make_PE3\PE3_mod\PE3_add\x86\Windows\System32\hide.exe esta infectado por Win32:HiddenStart [PUP], Movido al baúl
Número de carpetas analizadas: 48152
Número de archivos examinados: 2243065
Número de archivos infectados: 8


Roguekiller found this:
¤¤¤ Registry Entries : 4 ¤¤¤
[TASK][SUSP PATH] ASUS Patch 10430001 : C:\Windows\AsPatch10430001.exe -e -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

This is my OTL report:

OTL logfile created on: 10/12/2012 14:05:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pati\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

13,91 Gb Total Physical Memory | 11,47 Gb Available Physical Memory | 82,46% Memory free
27,81 Gb Paging File | 25,22 Gb Available in Paging File | 90,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673,63 Gb Total Space | 557,30 Gb Free Space | 82,73% Space Free | Partition Type: NTFS

Computer Name: AS-PC | User Name: Pati | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Pati\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\ExpressGateUtil\VAWinService.exe ()
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (VideAceWindowsService) -- C:\ExpressGateUtil\VAWinService.exe ()
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)


========== Driver Services (SafeList) ==========

DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman273) -- C:\Windows\SysNative\drivers\tdrpm273.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (FLxHCIc) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic)
DRV:64bit: - (FLxHCIh) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel® Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (AiCharger) -- C:\Windows\SysWOW64\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://ar.search.yah...}&fr=chr-comodo
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
FF - prefs.js..extensions.enabledAddons: copylinkurl%40bluelightdev.com:1.5
FF - prefs.js..extensions.enabledAddons: properties%40darktrojan.net:7
FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: %7Bd09e32df-8610-4b33-b929-1e631b764130%7D:0.5.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5
FF - prefs.js..extensions.enabledAddons: status4evar%40caligonstudios.com:2012.07.08.17
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.3
FF - prefs.js..extensions.enabledAddons: %7B4BBDD651-70CF-4821-84F8-2B918CF89CA3%7D:7.0.3.5
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7B5FF97DB7-2EF7-4a7f-8E36-5214B5C5C65A%7D:6
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.01
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.2.2rc3
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledItems: [email protected]:6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20111107
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.1
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
FF - prefs.js..extensions.enabledItems: {E4091D66-127C-11DB-903A-DE80D2EFDFE8}:1.6.5.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.8.0.5
FF - prefs.js..extensions.enabledItems: {038dc421-b19e-4711-a218-1fd10de9163b}:1.0.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.67
FF - prefs.js..extensions.enabledItems: {a3a5c777-f583-4fef-9380-ab4add1bc2a8}:2.0.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.6
FF - prefs.js..extensions.enabledItems: {C8E400E3-44BC-4e78-8C17-8C48E74C67F4}:3.6
FF - prefs.js..keyword.URL: "http://ar.search.yah...ytff-comodo&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/02 12:21:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/12/02 12:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\Extensions
[2012/12/08 15:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions
[2012/12/02 12:27:18 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2012/12/02 13:02:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/12/01 18:38:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/12/05 19:55:05 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/12/06 16:05:14 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\[email protected]
[2012/04/13 23:34:47 | 000,012,755 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]
[2012/06/22 12:41:25 | 000,008,010 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]
[2012/07/31 22:18:37 | 000,146,901 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]
[2012/06/22 11:55:20 | 000,097,400 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]
[2012/12/02 16:13:25 | 000,163,080 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]
[2012/07/31 22:10:46 | 001,675,213 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}.xpi
[2012/08/02 22:08:20 | 002,227,573 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{5FF97DB7-2EF7-4a7f-8E36-5214B5C5C65A}.xpi
[2012/12/04 22:23:46 | 000,531,070 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/04/13 23:45:28 | 000,088,719 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012/08/01 11:38:45 | 002,831,746 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{C8E400E3-44BC-4e78-8C17-8C48E74C67F4}.xpi
[2012/06/22 12:52:23 | 000,029,829 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{d09e32df-8610-4b33-b929-1e631b764130}.xpi
[2012/07/31 22:11:48 | 001,669,514 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{ded0fc70-7215-4802-afeb-b2982d3e7225}.xpi
[2012/11/20 21:42:49 | 000,243,496 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/12/05 12:11:56 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]\chrome\content\ff\view_expiry.js
[2012/12/02 12:21:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/11/29 05:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/29 07:20:17 | 000,004,293 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
[2012/11/29 07:20:17 | 000,002,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-ar.xml
[2012/11/29 07:20:17 | 000,001,391 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
[2012/11/29 07:20:17 | 000,001,037 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-ar.xml

O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [FLxHCIm64] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.49.130.23 200.49.130.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5E61161-68EB-4A85-BE4A-7E80004C6B47}: DhcpNameServer = 200.49.130.23 200.49.130.22
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/10 14:02:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pati\Desktop\OTL.exe
[2012/12/10 13:37:26 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012/12/10 13:35:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012/12/10 13:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012/12/09 14:50:27 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\TechSmith
[2012/12/09 14:43:23 | 000,000,000 | ---D | C] -- C:\Users\Pati\Documents\SnagIt Catalog
[2012/12/08 18:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2012/12/08 18:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2012/12/08 16:19:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2012/12/08 15:21:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/12/08 11:23:02 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/12/08 10:16:15 | 000,000,000 | ---D | C] -- C:\Symbols
[2012/12/07 22:08:31 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\SSW
[2012/12/07 22:08:28 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SSW Diagnostics 5.52
[2012/12/07 22:07:26 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Deployment
[2012/12/06 01:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2012/12/06 01:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2012/12/05 23:21:00 | 000,000,000 | ---D | C] -- C:\Users\Pati\Desktop\RK_Quarantine
[2012/12/05 19:56:17 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\QuickScan
[2012/12/05 19:12:58 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2012/12/05 17:26:27 | 000,000,000 | ---D | C] -- C:\Make_PE3
[2012/12/05 15:12:47 | 000,000,000 | ---D | C] -- C:\Users\Pati\Documents\ProcAlyzer Dumps
[2012/12/05 14:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/12/05 14:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012/12/05 14:42:44 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2012/12/05 14:42:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012/12/05 14:40:12 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Programs
[2012/12/05 14:20:39 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Malwarebytes
[2012/12/05 14:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/12/05 14:20:18 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/05 14:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/12/04 20:36:17 | 000,000,000 | ---D | C] -- C:\prueba
[2012/12/04 18:58:54 | 000,000,000 | ---D | C] -- C:\Users\Pati\SystemRequirementsLab
[2012/12/04 18:24:45 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\WinRAR
[2012/12/04 15:55:23 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\CrashDumps
[2012/12/04 15:46:43 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\mkvtoolnix
[2012/12/04 15:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
[2012/12/04 15:37:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVToolNix
[2012/12/04 15:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/12/04 15:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/12/04 13:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rixane Interactive
[2012/12/04 01:19:21 | 000,000,000 | ---D | C] -- C:\JDownloader
[2012/12/04 01:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/12/04 01:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/12/04 01:15:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/12/03 23:40:49 | 000,000,000 | ---D | C] -- C:\descargas
[2012/12/03 23:37:39 | 000,000,000 | ---D | C] -- C:\uTorrent 2.2.1
[2012/12/03 23:33:34 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\uTorrent
[2012/12/03 19:50:00 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Macromedia
[2012/12/03 19:49:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/12/03 19:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/12/03 19:12:00 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Apps
[2012/12/03 15:39:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2012/12/02 23:00:21 | 000,000,000 | ---D | C] -- C:\iconos sistema
[2012/12/02 22:58:48 | 000,000,000 | ---D | C] -- C:\Windows\Amazing Bubbles 3D
[2012/12/02 19:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2012/12/02 19:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2012/12/02 19:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/12/02 18:55:10 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Ashampoo
[2012/12/02 18:54:35 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\ashampoo
[2012/12/02 18:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012/12/02 18:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2012/12/02 18:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2012/12/02 18:27:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\[bleep] NFO Viewer
[2012/12/02 18:12:46 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Diagnostics
[2012/12/02 17:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Catalog Expert
[2012/12/02 17:28:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD Catalog Expert
[2012/12/02 16:49:42 | 000,000,000 | ---D | C] -- C:\Archivos de programa
[2012/12/02 16:47:11 | 000,000,000 | R--D | C] -- C:\juegos
[2012/12/02 15:34:25 | 000,000,000 | ---D | C] -- C:\recuperacion
[2012/12/02 15:07:03 | 000,000,000 | ---D | C] -- C:\eSupport
[2012/12/02 15:05:22 | 000,000,000 | ---D | C] -- C:\WIMAPPLY
[2012/12/02 14:45:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/12/02 14:42:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012/12/02 14:40:51 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\SolSuite
[2012/12/02 14:40:35 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
[2012/12/02 14:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
[2012/12/02 14:40:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SolSuite
[2012/12/02 14:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
[2012/12/02 14:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2012/12/02 14:32:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis
[2012/12/02 14:32:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis
[2012/12/02 14:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\USBChargerPlus
[2012/12/02 14:31:08 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Acronis
[2012/12/02 14:31:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2012/12/02 14:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
[2012/12/02 14:26:10 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\CyberLink
[2012/12/02 14:26:01 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Cyberlink
[2012/12/02 14:25:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012/12/02 14:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/12/02 14:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/12/02 14:24:55 | 000,000,000 | -H-D | C] -- C:\ExpressGateUtil
[2012/12/02 14:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/12/02 14:23:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Music Maker
[2012/12/02 14:23:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ASUS Music Maker
[2012/12/02 14:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS Music Maker
[2012/12/02 14:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS Music Maker
[2012/12/02 14:23:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2012/12/02 14:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2012/12/02 14:22:58 | 000,016,768 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysNative\drivers\AiCharger.sys
[2012/12/02 14:22:55 | 000,379,520 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\FBAgent.exe
[2012/12/02 14:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2012/12/02 14:22:45 | 000,520,192 | ---- | C] (ScreenTime Media) -- C:\Windows\SysWow64\ASUS_Screensaver.scr
[2012/12/02 14:22:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ASUS_Screensaver dir
[2012/12/02 14:22:42 | 003,058,304 | ---- | C] (ASUS) -- C:\Windows\AsScrPro.exe
[2012/12/02 14:22:41 | 000,155,648 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\ACEngSvr.exe
[2012/12/02 14:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\P4G
[2012/12/02 14:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\P4G
[2012/12/02 14:21:59 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2012/12/02 14:21:56 | 002,769,920 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2012/12/02 14:21:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
[2012/12/02 14:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer
[2012/12/02 14:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012/12/02 14:21:02 | 000,428,136 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012/12/02 14:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virage Logic, Corp
[2012/12/02 14:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SonicFocus
[2012/12/02 14:20:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/12/02 14:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/12/02 14:20:34 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/12/02 14:20:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/12/02 14:20:34 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/12/02 14:20:34 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/12/02 14:20:34 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/12/02 14:20:34 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012/12/02 14:20:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012/12/02 14:20:34 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/12/02 14:20:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012/12/02 14:20:34 | 000,180,048 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFProc64.dll
[2012/12/02 14:20:34 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/12/02 14:20:34 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/12/02 14:20:34 | 000,086,352 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFComm64.dll
[2012/12/02 14:20:34 | 000,083,792 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFSAPO64.dll
[2012/12/02 14:20:34 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFHAPO64.dll
[2012/12/02 14:20:34 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFDAPO64.dll
[2012/12/02 14:20:34 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012/12/02 14:20:34 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012/12/02 14:20:34 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/12/02 14:20:34 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012/12/02 14:20:33 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012/12/02 14:20:33 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012/12/02 14:20:32 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/12/02 14:20:32 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012/12/02 14:20:32 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012/12/02 14:20:32 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012/12/02 14:20:32 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012/12/02 14:20:32 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012/12/02 14:20:32 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012/12/02 14:20:32 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012/12/02 14:20:32 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012/12/02 14:20:32 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012/12/02 14:20:32 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012/12/02 14:20:32 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012/12/02 14:20:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/12/02 14:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/12/02 14:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012/12/02 14:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/12/02 14:19:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2012/12/02 14:19:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2012/12/02 14:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2012/12/02 14:18:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2012/12/02 14:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2012/12/02 14:18:18 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2012/12/02 14:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Fresco Logic
[2012/12/02 14:17:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/12/02 14:17:54 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/12/02 14:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/12/02 14:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/12/02 14:17:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/12/02 14:17:07 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/12/02 14:17:07 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/12/02 14:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/12/02 14:16:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/12/02 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/12/02 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012/12/02 14:16:13 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/12/02 14:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/12/02 14:16:09 | 000,000,000 | ---D | C] -- C:\Intel
[2012/12/02 14:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2012/12/02 14:13:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2012/12/02 14:11:25 | 000,000,000 | ---D | C] -- C:\Windows\softwaredistribution.bak
[2012/12/02 14:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2012/12/02 14:07:54 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/12/02 13:11:38 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/12/02 13:11:38 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/12/02 13:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/12/02 13:11:37 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/12/02 13:11:37 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/12/02 13:11:37 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/12/02 13:11:32 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/12/02 13:11:32 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/12/02 13:11:12 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/12/02 13:11:12 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/12/02 13:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/12/02 13:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/12/02 12:53:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/12/02 12:53:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/12/02 12:43:45 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\ElevatedDiagnostics
[2012/12/02 12:43:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/12/02 12:21:19 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Mozilla
[2012/12/02 12:21:19 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Mozilla
[2012/12/02 12:21:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/12/02 12:21:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/12/02 12:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/12/02 12:17:47 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Macromedia
[2012/12/02 12:17:46 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Adobe
[2012/12/02 11:48:40 | 000,000,000 | ---D | C] -- C:\Portable Snagit 8.0.2
[2012/12/02 11:48:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\GHISLER
[2012/12/02 11:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy CD-DA Extractor 9.1
[2012/12/02 11:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy CD-DA Extractor 9
[2012/12/02 11:43:33 | 000,000,000 | ---D | C] -- C:\Windows\Easy CD-DA Extractor
[2012/12/02 11:36:18 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Zeon
[2012/12/02 11:28:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Reader
[2012/12/02 11:17:05 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2012/12/02 11:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2012/12/02 11:16:55 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\Pcdlib32.dll
[2012/12/02 11:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ACDSee32
[2012/12/02 11:14:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012/12/02 11:11:10 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\ASUS WebStorage
[2012/12/02 11:02:32 | 002,770,944 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/12/02 10:50:58 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Power2Go
[2012/12/02 10:49:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\BMExplorer
[2012/12/02 10:49:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\Documents\Bluetooth Folder
[2012/12/02 10:49:29 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Atheros
[2012/12/02 10:48:28 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/12/02 10:48:28 | 000,000,000 | R--D | C] -- C:\Users\Pati\Searches
[2012/12/02 10:48:28 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/12/02 10:48:21 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Identities
[2012/12/02 10:48:19 | 000,000,000 | R--D | C] -- C:\Users\Pati\Contacts
[2012/12/02 10:48:04 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\ASUS
[2012/12/02 10:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/12/02 10:47:47 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\VirtualStore
[2012/12/02 10:47:38 | 000,000,000 | --SD | C] -- C:\Users\Pati\AppData\Roaming\Microsoft
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Videos
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Saved Games
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Pictures
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Music
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Links
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Favorites
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Downloads
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Documents
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Desktop
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\SendTo
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Reciente
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Plantillas
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Documents\Mis vídeos
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Documents\Mis imágenes
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Mis documentos
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Documents\Mi música
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Menú Inicio
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Impresoras
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\AppData\Local\Historial
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Entorno de red
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Datos de programa
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\AppData\Local\Datos de programa
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Cookies
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Configuración local
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\AppData\Local\Archivos temporales de Internet
[2012/12/02 10:47:38 | 000,000,000 | -H-D | C] -- C:\Users\Pati\AppData
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Temp
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Microsoft
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Media Center Programs
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic

========== Files - Modified Within 30 Days ==========

[2012/12/10 13:51:34 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/10 13:51:34 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/10 13:44:40 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/12/10 13:44:24 | 000,003,400 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/12/10 13:44:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/10 13:43:52 | 2609,688,574 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/10 13:37:59 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012/12/10 13:17:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/10 09:06:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pati\Desktop\OTL.exe
[2012/12/08 18:13:49 | 000,001,738 | ---- | M] () -- C:\Users\Pati\Desktop\PeerBlock.lnk
[2012/12/08 16:19:11 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2012/12/08 14:01:22 | 001,701,346 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/08 14:01:22 | 000,756,898 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012/12/08 14:01:22 | 000,663,560 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/08 14:01:22 | 000,161,706 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012/12/08 14:01:22 | 000,124,832 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/06 09:29:55 | 000,001,368 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/12/06 01:16:24 | 000,001,081 | ---- | M] () -- C:\Users\Pati\Desktop\SpywareBlaster.lnk
[2012/12/05 19:12:58 | 000,002,514 | ---- | M] () -- C:\Users\Pati\Desktop\Windows 7 USB DVD Download Tool.lnk
[2012/12/05 19:05:01 | 000,001,085 | ---- | M] () -- C:\Users\Pati\Desktop\Phenomenon. La Ciudad del Cian_.exe - Acceso directo.lnk
[2012/12/05 19:04:52 | 000,002,008 | ---- | M] () -- C:\Users\Pati\Desktop\jugar amazingadventuresthecaribbeansecrettm.exe - Acceso directo.lnk
[2012/12/05 14:42:49 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012/12/05 14:20:19 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/04 22:40:53 | 000,007,626 | ---- | M] () -- C:\Users\Pati\AppData\Local\Resmon.ResmonCfg
[2012/12/04 20:29:30 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/12/04 20:29:30 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/12/04 18:24:44 | 3252,027,392 | R--- | M] () -- C:\X17-58859.iso
[2012/12/04 15:55:53 | 000,001,860 | ---- | M] () -- C:\Users\Pati\Desktop\burningstudio8.lnk
[2012/12/04 15:37:18 | 000,001,864 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2012/12/04 15:15:50 | 000,001,124 | ---- | M] () -- C:\Users\Pati\Desktop\7zFM.exe - Acceso directo.lnk
[2012/12/04 13:58:35 | 000,000,893 | ---- | M] () -- C:\Users\Pati\Desktop\Amazing Bubbles 3D Screensaver.lnk
[2012/12/04 13:17:25 | 000,002,140 | ---- | M] () -- C:\Users\Pati\Desktop\IrfanViewPortable.lnk
[2012/12/04 13:14:30 | 000,001,819 | ---- | M] () -- C:\Users\Pati\Desktop\ACDSee 32.lnk
[2012/12/04 01:23:55 | 000,001,598 | ---- | M] () -- C:\Users\Pati\Desktop\JDownloader.lnk
[2012/12/03 23:37:39 | 000,000,616 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent 2.2.1.lnk
[2012/12/02 23:22:46 | 000,001,929 | ---- | M] () -- C:\Users\Pati\Desktop\KMPlayer.lnk
[2012/12/02 19:33:58 | 000,000,272 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012/12/02 19:32:17 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012/12/02 19:08:20 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/02 18:23:28 | 000,001,511 | ---- | M] () -- C:\Users\Pati\Desktop\Total Commander.lnk
[2012/12/02 17:28:45 | 000,000,959 | ---- | M] () -- C:\Users\Pati\Desktop\CD Catalog Expert.lnk
[2012/12/02 15:44:46 | 000,001,160 | ---- | M] () -- C:\Users\Pati\Desktop\IPE - Acceso directo.lnk
[2012/12/02 14:44:14 | 000,192,264 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/12/02 14:44:14 | 000,192,264 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/12/02 14:43:27 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2012/12/02 14:40:35 | 000,000,945 | ---- | M] () -- C:\Users\Pati\Desktop\SolSuite.lnk
[2012/12/02 14:32:47 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
[2012/12/02 14:32:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_N53SM_V20_WIN7.MRK
[2012/12/02 14:23:46 | 000,001,065 | ---- | M] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
[2012/12/02 14:23:33 | 000,000,716 | ---- | M] () -- C:\Users\Public\Desktop\eManual.Lnk
[2012/12/02 14:22:45 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\Windows\SysWow64\ASUS_Screensaver.scr
[2012/12/02 14:22:43 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
[2012/12/02 14:20:20 | 000,019,194 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012/12/02 14:18:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf
[2012/12/02 14:15:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2012/12/02 14:14:27 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin
[2012/12/02 14:14:27 | 000,001,242 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x01.dfu
[2012/12/02 14:14:27 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x02.dfu
[2012/12/02 14:14:27 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40.dfu
[2012/12/02 14:14:27 | 000,001,198 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26.dfu
[2012/12/02 13:11:38 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/12/02 13:11:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/12/02 12:36:22 | 000,358,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/02 12:28:01 | 004,465,036 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/12/02 12:21:14 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/02 11:49:22 | 000,001,285 | ---- | M] () -- C:\Users\Pati\Desktop\SnagIt32.lnk
[2012/12/02 11:43:34 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2012/12/02 11:01:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SM.alu
[2012/12/02 10:47:16 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini

========== Files Created - No Company Name ==========

[2012/12/10 13:37:59 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012/12/08 18:13:49 | 000,001,738 | ---- | C] () -- C:\Users\Pati\Desktop\PeerBlock.lnk
[2012/12/08 16:19:11 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2012/12/06 01:16:24 | 000,001,081 | ---- | C] () -- C:\Users\Pati\Desktop\SpywareBlaster.lnk
[2012/12/05 19:12:58 | 000,002,514 | ---- | C] () -- C:\Users\Pati\Desktop\Windows 7 USB DVD Download Tool.lnk
[2012/12/05 19:05:01 | 000,001,085 | ---- | C] () -- C:\Users\Pati\Desktop\Phenomenon. La Ciudad del Cian_.exe - Acceso directo.lnk
[2012/12/05 19:04:52 | 000,002,008 | ---- | C] () -- C:\Users\Pati\Desktop\jugar amazingadventuresthecaribbeansecrettm.exe - Acceso directo.lnk
[2012/12/05 14:42:49 | 000,002,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012/12/05 14:42:49 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012/12/05 14:20:19 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/04 22:40:53 | 000,007,626 | ---- | C] () -- C:\Users\Pati\AppData\Local\Resmon.ResmonCfg
[2012/12/04 20:28:32 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/12/04 20:28:32 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/12/04 15:55:53 | 000,001,860 | ---- | C] () -- C:\Users\Pati\Desktop\burningstudio8.lnk
[2012/12/04 15:37:18 | 000,001,864 | ---- | C] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2012/12/04 15:17:32 | 3252,027,392 | R--- | C] () -- C:\X17-58859.iso
[2012/12/04 15:15:50 | 000,001,124 | ---- | C] () -- C:\Users\Pati\Desktop\7zFM.exe - Acceso directo.lnk
[2012/12/04 13:58:35 | 001,122,304 | ---- | C] () -- C:\Windows\SysWow64\Amazing_Bubbles_3D.scr
[2012/12/04 13:58:35 | 000,000,893 | ---- | C] () -- C:\Users\Pati\Desktop\Amazing Bubbles 3D Screensaver.lnk
[2012/12/04 13:58:35 | 000,000,081 | ---- | C] () -- C:\Windows\amazing-bubbles-3D-homepage.url
[2012/12/04 12:10:04 | 000,000,046 | ---- | C] () -- C:\Windows\rixane-screensavers.url
[2012/12/04 01:23:55 | 000,001,598 | ---- | C] () -- C:\Users\Pati\Desktop\JDownloader.lnk
[2012/12/04 01:23:49 | 000,001,562 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012/12/04 01:23:49 | 000,001,506 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012/12/04 01:23:49 | 000,001,485 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012/12/03 23:37:39 | 000,000,616 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent 2.2.1.lnk
[2012/12/03 19:49:20 | 000,000,838 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/02 23:28:27 | 000,002,140 | ---- | C] () -- C:\Users\Pati\Desktop\IrfanViewPortable.lnk
[2012/12/02 19:33:58 | 000,000,272 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012/12/02 19:32:17 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012/12/02 19:08:20 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/02 17:28:45 | 000,000,959 | ---- | C] () -- C:\Users\Pati\Desktop\CD Catalog Expert.lnk
[2012/12/02 16:53:35 | 000,072,448 | ---- | C] () -- C:\Windows\SysWow64\MYICONS.DLL
[2012/12/02 15:44:46 | 000,001,160 | ---- | C] () -- C:\Users\Pati\Desktop\IPE - Acceso directo.lnk
[2012/12/02 14:43:27 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2012/12/02 14:40:35 | 000,000,957 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite.lnk
[2012/12/02 14:40:35 | 000,000,945 | ---- | C] () -- C:\Users\Pati\Desktop\SolSuite.lnk
[2012/12/02 14:32:47 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
[2012/12/02 14:32:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_N53SM_V20_WIN7.MRK
[2012/12/02 14:32:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/12/02 14:23:33 | 000,000,716 | ---- | C] () -- C:\Users\Public\Desktop\eManual.Lnk
[2012/12/02 14:22:55 | 000,003,400 | ---- | C] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/12/02 14:22:55 | 000,001,368 | ---- | C] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/12/02 14:22:55 | 000,000,105 | ---- | C] () -- C:\Windows\SysNative\FastBoot.ini
[2012/12/02 14:22:55 | 000,000,080 | ---- | C] () -- C:\Windows\SysNative\Defrag.ini
[2012/12/02 14:22:55 | 000,000,052 | ---- | C] () -- C:\Windows\SysNative\RemoveFont.ini
[2012/12/02 14:22:55 | 000,000,015 | ---- | C] () -- C:\Windows\SysNative\BootTime.ini
[2012/12/02 14:22:36 | 000,003,116 | ---- | C] () -- C:\Windows\SysNative\wimfltr.inf
[2012/12/02 14:22:00 | 000,001,929 | ---- | C] () -- C:\Users\Pati\Desktop\KMPlayer.lnk
[2012/12/02 14:21:56 | 000,443,274 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2012/12/02 14:21:56 | 000,068,275 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2012/12/02 14:21:35 | 000,001,083 | ---- | C] () -- C:\setup.iss
[2012/12/02 14:21:02 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012/12/02 14:20:20 | 000,019,194 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012/12/02 14:18:19 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2012/12/02 14:18:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf
[2012/12/02 14:18:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/12/02 14:17:34 | 003,536,817 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/12/02 14:17:08 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/12/02 14:15:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2012/12/02 14:07:55 | 2609,688,574 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/02 13:11:38 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/12/02 13:11:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/12/02 12:22:46 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/02 12:21:14 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/12/02 12:21:14 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/02 12:08:22 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/02 11:49:22 | 000,001,285 | ---- | C] () -- C:\Users\Pati\Desktop\SnagIt32.lnk
[2012/12/02 11:43:34 | 000,002,004 | ---- | C] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2012/12/02 11:17:05 | 000,001,819 | ---- | C] () -- C:\Users\Pati\Desktop\ACDSee 32.lnk
[2012/12/02 11:14:40 | 000,001,511 | ---- | C] () -- C:\Users\Pati\Desktop\Total Commander.lnk
[2012/12/02 11:01:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SM.alu
[2012/12/02 10:49:34 | 000,001,065 | ---- | C] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
[2012/12/02 10:49:21 | 000,001,395 | ---- | C] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/12/02 10:48:35 | 000,001,429 | ---- | C] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2011/11/03 09:46:43 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/11/03 09:46:40 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/11/03 09:46:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/10/18 01:17:57 | 004,465,036 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/02 14:57:27 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Acronis
[2012/12/02 18:55:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Ashampoo
[2012/12/02 11:11:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\ASUS WebStorage
[2012/12/04 15:46:43 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\mkvtoolnix
[2012/12/05 19:56:33 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\QuickScan
[2012/12/09 23:39:06 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\SolSuite
[2012/12/07 22:08:31 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\SSW
[2012/12/04 00:02:51 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\uTorrent
[2012/12/02 11:36:18 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Zeon

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >

I would appreciate any help.
Thank you.
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute then
File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#3
Paty

Paty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
When I try to click in Options - Verify Image Signatures, the application hangs and a window appears:
Sysinternals Process Explorer stop functioning. Windows will close the program.
It doesn't let the program work. I repeated this 5 times.

Should I continue with the other steps?

Please, I don't understand quite well "clear log"

Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.


Could you explain me if this means that I have to erase de Windows logs?

Thank you for your help, Ron.
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Make sure you Right Click on Process Explorer and Run As Administrator when you start it. If it still won't let you Verify Image Signatures then see if you can get it to run without.



Clear Log is one of the options (in English) when you right click on System. We are trying to erase the old log so that after a reboot we will only see active problems when VEW looks at the logs.
  • 0

#5
Paty

Paty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Result of Process Explorer:

Process PID CPU Private Bytes Working Set Description Company Name Verified Signer
System Idle Process 0 94.24 0 K 24 K
procexp64.exe 3540 3.09 73.252 K 87.028 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
dwm.exe 2368 0.60 47.952 K 55.504 K Administrador de ventanas del escritorio Microsoft Corporation (Verified) Microsoft Windows
Interrupts n/a 0.52 0 K 0 K Hardware Interrupts and DPCs
cfp.exe 4128 0.38 58.384 K 8.532 K COMODO Internet Security COMODO (Verified) Comodo Security Solutions
System 4 0.34 192 K 1.052 K
csrss.exe 892 0.26 3.552 K 34.560 K Proceso en tiempo de ejecución del cliente-servidor Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1232 0.11 32.624 K 35.148 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
SDWSCSvc.exe 3648 0.10 3.116 K 6.748 K Windows Security Center integration. Safer-Networking Ltd. (Verified) Safer Networking Ltd.
SDFSSvc.exe 3056 0.05 26.768 K 34.780 K Spybot-S&D 2 Scanner Service Safer-Networking Ltd. (Verified) Safer Networking Ltd.
explorer.exe 2392 0.04 89.068 K 111.328 K Explorador de Windows Microsoft Corporation (Verified) Microsoft Windows
services.exe 932 0.04 9.252 K 16.684 K Aplicación de servicios y controlador Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1312 0.03 28.380 K 44.124 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
kss.exe 5408 0.03 17.500 K 3.164 K Kaspersky Security Scan Kaspersky Lab ZAO (Verified) Kaspersky Lab
LMS.exe 6592 0.03 3.024 K 6.988 K Local Manageability Service Intel Corporation (Verified) Intel Corporation
kss.exe 956 0.02 94.544 K 11.780 K Kaspersky Security Scan Kaspersky Lab ZAO (Verified) Kaspersky Lab
svchost.exe 5596 0.02 7.808 K 41.420 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
FBAgent.exe 1696 0.02 8.192 K 15.620 K ASUS FastBoot ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
SDUpdSvc.exe 3532 0.02 8.016 K 16.184 K Spybot-S&D 2 Background update service Safer-Networking Ltd. (Verified) Safer Networking Ltd.
svchost.exe 752 0.02 7.660 K 13.692 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 976 0.01 4.564 K 7.008 K Servicio de administrador de sesión local Microsoft Corporation (Verified) Microsoft Windows
cmdagent.exe 1140 0.01 45.668 K 4.016 K COMODO Internet Security COMODO (Verified) Comodo Security Solutions
AvastUI.exe 5520 0.01 7.224 K 4.820 K avast! Antivirus AVAST Software (Verified) AVAST Software
svchost.exe 6752 0.01 101.028 K 15.296 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
ETDCtrl.exe 3836 < 0.01 9.480 K 18.576 K ETD Control Center ELAN Microelectronic Corp. (Verified) Microsoft Windows Hardware Compatibility Publisher
AvastSvc.exe 1820 < 0.01 38.640 K 43.584 K avast! Service AVAST Software (Verified) AVAST Software
CLMLSvc.exe 3688 < 0.01 4.816 K 10.828 K CyberLink MediaLibray Service CyberLink (Verified) CyberLink
svchost.exe 1056 < 0.01 7.492 K 12.424 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
BatteryLife.exe 2472 < 0.01 8.284 K 932 K Power4Gear Hybrid ASUS (Verified) ASUSTeK Computer Inc.
svchost.exe 1188 < 0.01 18.952 K 22.580 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 968 < 0.01 9.308 K 17.556 K Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1432 < 0.01 12.024 K 20.980 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 760 < 0.01 2.948 K 5.428 K Proceso en tiempo de ejecución del cliente-servidor Microsoft Corporation (Verified) Microsoft Windows
ACMON.exe 2600 < 0.01 4.352 K 808 K ACMON ASUS (Unable to verify) ASUS
daemonu.exe 6660 < 0.01 5.240 K 12.552 K NVIDIA Settings Update Manager NVIDIA Corporation (Verified) NVIDIA Corporation
AsScrPro.exe 3360 < 0.01 3.560 K 8.204 K AsScrPro ASUS (Verified) ASUSTeK Computer Inc.
HControl.exe 2708 < 0.01 7.988 K 9.476 K HControl ASUS (Verified) ASUSTeK Computer Inc.
nvvsvc.exe 1500 < 0.01 8.444 K 17.732 K NVIDIA Driver Helper Service, Version 306.97 NVIDIA Corporation (Verified) NVIDIA Corporation
VAWinService.exe 3344 < 0.01 11.360 K 14.276 K (Verified) VideACE Technology Co.
WmiPrvSE.exe 5420 5.256 K 10.300 K WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 3576 3.896 K 6.660 K Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WLIDSVC.EXE 3392 6.532 K 15.308 K Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
winlogon.exe 136 5.044 K 9.772 K Aplicación de inicio de sesión de Windows Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 868 3.020 K 6.484 K Aplicación de inicio de Windows Microsoft Corporation (Verified) Microsoft Windows
WDC.exe 5836 3.236 K 8.008 K WDC ASUS (Verified) ASUSTeK Computer Inc.
wcourier.exe 5444 9.332 K 16.036 K Wireless Console 3 ASUS (Unable to verify) ASUS
USBChargerPlus.exe 2612 3.556 K 668 K USB Charger+ ASUSTek Computer Inc. (Verified) ASUSTeK Computer Inc.
UNS.exe 6828 4.708 K 9.480 K User Notification Service Intel Corporation (Verified) Intel Corporation
TurboBoost.exe 5220 4.336 K 9.144 K Turbo Boost Monitor Service Intel® Corporation (Verified) Intel® Software
taskhost.exe 1528 4.868 K 11.128 K Proceso de host para tareas de Windows Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2492 4.968 K 10.076 K Motor de Programador de tareas Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 6324 4.392 K 8.772 K Motor de Programador de tareas Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2424 5.188 K 9.756 K Motor de Programador de tareas Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4724 14.816 K 19.536 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1268 165.564 K 177.672 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1852 14.356 K 16.452 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4796 4.220 K 8.140 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4956 4.328 K 8.740 K Proceso host para los servicios de Windows Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 1360 8.284 K 14.988 K Aplicación de subsistema de cola Microsoft Corporation (Verified) Microsoft Windows
SonicMasterTray.exe 6112 7.936 K 9.136 K ASUS_MATray.exe Virage Logic Corporation / Sonic Focus (Verified) Sonic Focus
smss.exe 568 732 K 1.372 K Administrador de sesión de Windows Microsoft Corporation (Verified) Microsoft Windows
sidebar.exe 4136 48.032 K 47.936 K Gadgets de escritorio de Windows Microsoft Corporation (Verified) Microsoft Windows
sensorsrv.exe 2484 3.036 K 528 K SmartLogon Application ASUS (Verified) ASUSTeK Computer Inc.
SDUpdate.exe 6964 16.836 K 1.104 K Update Safer-Networking Ltd. (Verified) Safer Networking Ltd.
schedul2.exe 2120 4.164 K 8.088 K Acronis Scheduler 2 Acronis (Verified) Acronis
RichVideo.exe 4756 2.336 K 6.016 K RichVideo Module (Unable to verify)
RAVCpl64.exe 4184 13.000 K 16.252 K Realtek HD Audio Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
RAVBg64.exe 3912 19.424 K 16.868 K HD Audio Background Process Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
procexp.exe 1408 3.900 K 10.148 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 5828 29.736 K 23.672 K PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Windows
nvxdsync.exe 1488 12.004 K 24.228 K NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
nvvsvc.exe 740 4.760 K 9.908 K NVIDIA Driver Helper Service, Version 306.97 NVIDIA Corporation (Verified) NVIDIA Corporation
nvtray.exe 1508 11.872 K 19.880 K NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
notepad.exe 6068 5.076 K 11.348 K Bloc de notas Microsoft Corporation (Verified) Microsoft Windows
KBFiltr.exe 5052 2.804 K 7.072 K KBFiltr ASUS (Verified) ASUSTeK Computer Inc.
igfxtray.exe 4020 6.596 K 11.664 K igfxTray Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
igfxpers.exe 2668 7.996 K 15.788 K persistence Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
hkcmd.exe 4056 6.160 K 11.412 K hkcmd Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
HControlUser.exe 3900 2.624 K 6.528 K HControlUser ASUS (Verified) ASUSTeK Computer Inc.
GFNEXSrv.exe 1780 1.836 K 4.508 K GFNEXSrv ASUS (Verified) ASUSTeK Computer Inc.
FABS.exe 6556 2.564 K 6.836 K Verzeichnisüberwachung und Hilfsaufgaben für die Medienbibliothek MAGIX AG (Unable to verify) MAGIX AG
ETDCtrlHelper.exe 5924 6.680 K 12.484 K ETD Control Center Helper ELAN Microelectronic Corp. (Verified) Microsoft Windows Hardware Compatibility Publisher
DMedia.exe 4104 2.844 K 7.388 K ATK Media ASUS (Verified) ASUSTeK Computer Inc.
dllhost.exe 6396 5.400 K 10.680 K COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
BtvStack.exe 3808 19.412 K 24.432 K Servidor de pilas Bluetooth Atheros Communications (Verified) Atheros Communications Inc.
audiodg.exe 2028 20.276 K 19.520 K Aislamiento de gráficos de dispositivo de audio de Windows Microsoft Corporation (Verified) Microsoft Windows
ATKOSD2.exe 2588 2.740 K 528 K ATKOSD2 ASUS (Verified) ASUSTeK Computer Inc.
ATKOSD.exe 6088 2.620 K 8.852 K ATKOSD ASUS (Verified) ASUSTeK Computer Inc.
AthBtTray.exe 3824 9.032 K 19.604 K Bluetooth Tray Atheros Commnucations (Verified) Atheros Communications Inc.
Ath_CoexAgent.exe 2240 3.200 K 7.052 K Atheros Coex Service Application Atheros (Verified) Atheros Communications Inc.
AsLdrSrv.exe 1736 1.864 K 5.164 K ASLDR Service ASUS (Verified) ASUSTeK Computer Inc.
AmIcoSinglun64.exe 3852 5.912 K 10.896 K Single LUN Icon Utility for VID 058F PID 6366 Alcor Micro Corp. (Unable to verify) Alcor Micro Corp.
ALU.exe 2460 5.224 K 976 K ALU (Verified) ASUSTeK Computer Inc.
afcdpsrv.exe 2176 6.988 K 11.188 K File Level CDP Manager Service Acronis (Verified) Acronis
AdminService.exe 2272 4.108 K 9.048 K AdminService Application Atheros Commnucations (Verified) Atheros Communications Inc.
ACEngSvr.exe 2656 12.548 K 16.652 K ACEngSvr Module ASUSTeK (Unable to verify) ASUSTeK

-------------------

sfc /scannow result says:

Windows resources protection found damaged files and cannot repair some of them. To get more details check CBS.log
windir\Logs\CBS\CBS.log



VEW wont run. Message says:

VEW has not been coded for your language (Spanish)
contact the author.


Is there a way to fix this?
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Process Explorer doesn't show any slowness.

Let's try DDS instead of VEW.

Please download DDS from http://download.blee...om/sUBs/dds.com or http://download.blee...om/sUBs/dds.scr
and save it to your desktop.

* Disable any script blocking protection
* Double click dds.pif to run the tool.
* When done, two DDS.txt's will open.
* Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt
Attach.txt.
  • 0

#7
Paty

Paty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Avast doesn't let me download DDS (both versions), it blocks the downloading with a red window "Rootkit blocked
Win32:Rootkit-gen [RTK]" and the browser hangs.

I'm sorry I am giving you a hard time, I suppose this may not be a virus and I follow your instructions exactly.
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
I have Avast and it doesn't complain about dds.com to me. Perhaps you do have a virus. Let's see how much of the following you can do. If a step won't work just go on to the next.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Right click on TDSSKiller.exe and select Run As Administrator to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Right-click mbam-setup.exe and select Run As Administrator to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow



(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Download ESET's Service Repair http://kb.eset.com/l...vicesRepair.exe and Save it then right click on it and Run As Admin.

If it doesn't do it for you:
Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.


Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.



Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Ron
  • 0

#9
Paty

Paty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply


aswMBR.exe is not 511 kb but 3.314.799 kb, so I went to VirusTotal.

VirusTotal results:

aswMBR

SHA256: 7af5e982f35f0865124cfee620a8279e420ae48db926480377f6f612615ab9cd
Nombre: aswMBR.exe
Detecciones: 7 / 44
Fecha de análisis: 2012-12-11 13:54:05 UTC ( hace 2 minutos )


AhnLab-V3 ASD.Prevention 20121211
McAfee Artemis!BE3AB4803C96 20121211
McAfee-GW-Edition Artemis!BE3AB4803C96 20121211
Norman W32/Rootkit.EODN 20121211
Panda Suspicious file 20121211
Symantec WS.Reputation.1 20121211
TrendMicro-HouseCall TROJ_GEN.RC1H1KI 20121211


https://www.virustot...sis/1355234045/


Combofix

SHA256: 3cd9dcdcd537a5c6e4f25bc8a0640f952fb719b14610f2a31b14215313ba7a49
Nombre: ComboFix.exe
Detecciones: 3 / 45
Fecha de análisis: 2012-12-11 12:58:01 UTC ( hace 1 hora, 3 minutos )

Jiangmin Trojan/JmGenGeneric.boe 20121211
Sophos NirCmd 20121211
TrendMicro-HouseCall TROJ_GEN.RC1H1LA 20121211


https://www.virustot...a7a49/analysis/


Services Repair

SHA256: 8cabc5dfda708d6c6fb7e3eaee83c050dd913da623012cfe2d50c3709f7038c5
Nombre: ServicesRepair.exe
Detecciones: 2 / 45
Fecha de análisis: 2012-12-11 14:04:42 UTC ( hace 0 minutos )

Antiy-AVL Trojan/Win32.Chifrax.gen 20121211
TrendMicro-HouseCall TROJ_GEN.F47V0723 20121211


https://www.virustot...sis/1355234682/


Farbar Service Scanner

SHA256: 2872007e83bccaaf3f1695463d72bcbf1af0f369dddc74930ae0f50e46d252de
Nombre: FSS.exe
Detecciones: 2 / 45
Fecha de análisis: 2012-12-11 14:11:11 UTC ( hace 0 minutos )

Antiy-AVL Trojan/Win32.Chifrax.gen 20121211
VBA32 Trojan.Autoit.Wirus 20121211


https://www.virustot...sis/1355235071/

I am surprised with these detections, so could you please explain me about that before I try any of these tools?


TDSSKiller log

11:17:01.0440 4200 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:17:02.0033 4200 ============================================================
11:17:02.0033 4200 Current date / time: 2012/12/11 11:17:02.0033
11:17:02.0033 4200 SystemInfo:
11:17:02.0033 4200
11:17:02.0033 4200 OS Version: 6.1.7601 ServicePack: 1.0
11:17:02.0033 4200 Product type: Workstation
11:17:02.0033 4200 ComputerName: AS-PC
11:17:02.0033 4200 UserName: Pati
11:17:02.0033 4200 Windows directory: C:\Windows
11:17:02.0033 4200 System windows directory: C:\Windows
11:17:02.0033 4200 Running under WOW64
11:17:02.0033 4200 Processor architecture: Intel x64
11:17:02.0033 4200 Number of processors: 8
11:17:02.0033 4200 Page size: 0x1000
11:17:02.0033 4200 Boot type: Normal boot
11:17:02.0033 4200 ============================================================
11:17:04.0186 4200 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:17:04.0202 4200 ============================================================
11:17:04.0202 4200 \Device\Harddisk0\DR0:
11:17:04.0202 4200 MBR partitions:
11:17:04.0202 4200 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x54345000
11:17:04.0202 4200 ============================================================
11:17:04.0202 4200 C: <-> \Device\Harddisk0\DR0\Partition1
11:17:04.0202 4200 ============================================================
11:17:04.0202 4200 Initialize success
11:17:04.0202 4200 ============================================================
11:17:29.0255 6224 ============================================================
11:17:29.0255 6224 Scan started
11:17:29.0255 6224 Mode: Manual; SigCheck; TDLFS;
11:17:29.0255 6224 ============================================================
11:17:29.0443 6224 ================ Scan system memory ========================
11:17:29.0443 6224 System memory - ok
11:17:29.0443 6224 ================ Scan services =============================
11:17:29.0817 6224 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:17:29.0926 6224 1394ohci - ok
11:17:29.0973 6224 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:17:30.0004 6224 ACPI - ok
11:17:30.0004 6224 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:17:30.0051 6224 AcpiPmi - ok
11:17:30.0706 6224 [ 4A17148EEA504A50181280875203F27E ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
11:17:30.0753 6224 AcrSch2Svc - ok
11:17:30.0831 6224 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:17:30.0862 6224 AdobeFlashPlayerUpdateSvc - ok
11:17:30.0893 6224 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:17:30.0925 6224 adp94xx - ok
11:17:30.0940 6224 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:17:30.0956 6224 adpahci - ok
11:17:30.0971 6224 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:17:30.0987 6224 adpu320 - ok
11:17:31.0003 6224 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:17:31.0034 6224 AeLookupSvc - ok
11:17:31.0065 6224 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
11:17:31.0096 6224 AFBAgent - ok
11:17:31.0127 6224 [ AE1FCE2CD1E99BEA89183BA8CD320872 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
11:17:31.0143 6224 afcdp - ok
11:17:31.0205 6224 [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
11:17:31.0252 6224 afcdpsrv - ok
11:17:31.0299 6224 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:17:31.0346 6224 AFD - ok
11:17:31.0377 6224 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:17:31.0393 6224 agp440 - ok
11:17:31.0408 6224 [ 3F66D9AC081B495F91529C80BFA73E97 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
11:17:31.0424 6224 AiCharger - ok
11:17:31.0455 6224 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:17:31.0471 6224 ALG - ok
11:17:31.0486 6224 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:17:31.0502 6224 aliide - ok
11:17:31.0517 6224 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:17:31.0517 6224 amdide - ok
11:17:31.0533 6224 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:17:31.0549 6224 AmdK8 - ok
11:17:31.0564 6224 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:17:31.0580 6224 AmdPPM - ok
11:17:31.0580 6224 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:17:31.0595 6224 amdsata - ok
11:17:31.0595 6224 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:17:31.0611 6224 amdsbs - ok
11:17:31.0627 6224 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:17:31.0642 6224 amdxata - ok
11:17:31.0673 6224 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:17:31.0705 6224 AppID - ok
11:17:31.0736 6224 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:17:31.0767 6224 AppIDSvc - ok
11:17:31.0783 6224 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:17:31.0829 6224 Appinfo - ok
11:17:31.0845 6224 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:17:31.0861 6224 arc - ok
11:17:31.0861 6224 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:17:31.0876 6224 arcsas - ok
11:17:31.0939 6224 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
11:17:31.0970 6224 ASLDRService - ok
11:17:31.0985 6224 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
11:17:32.0001 6224 ASMMAP64 - ok
11:17:32.0095 6224 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:17:32.0126 6224 aspnet_state - ok
11:17:32.0141 6224 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
11:17:32.0157 6224 aswFsBlk - ok
11:17:32.0188 6224 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
11:17:32.0204 6224 aswMonFlt - ok
11:17:32.0219 6224 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
11:17:32.0235 6224 aswRdr - ok
11:17:32.0251 6224 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
11:17:32.0282 6224 aswSnx - ok
11:17:32.0313 6224 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
11:17:32.0329 6224 aswSP - ok
11:17:32.0344 6224 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
11:17:32.0360 6224 aswTdi - ok
11:17:32.0391 6224 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:17:32.0422 6224 AsyncMac - ok
11:17:32.0453 6224 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:17:32.0453 6224 atapi - ok
11:17:32.0485 6224 [ 185F180536188C1A4ED605234721A5B9 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
11:17:32.0516 6224 AthBTPort - ok
11:17:32.0547 6224 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
11:17:32.0563 6224 Atheros Bt&Wlan Coex Agent - ok
11:17:32.0578 6224 [ 944D401B4DB9C64E78E9EDB6690F7368 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:17:32.0594 6224 AtherosSvc - ok
11:17:32.0672 6224 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:17:32.0797 6224 athr - ok
11:17:32.0828 6224 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
11:17:32.0843 6224 ATKGFNEXSrv - ok
11:17:32.0906 6224 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
11:17:32.0937 6224 ATKWMIACPIIO - ok
11:17:32.0984 6224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:17:33.0062 6224 AudioEndpointBuilder - ok
11:17:33.0093 6224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:17:33.0140 6224 AudioSrv - ok
11:17:33.0202 6224 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:17:33.0233 6224 avast! Antivirus - ok
11:17:33.0265 6224 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:17:33.0327 6224 AxInstSV - ok
11:17:33.0358 6224 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:17:33.0405 6224 b06bdrv - ok
11:17:33.0436 6224 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:17:33.0499 6224 b57nd60a - ok
11:17:33.0530 6224 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:17:33.0561 6224 BDESVC - ok
11:17:33.0577 6224 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:17:33.0655 6224 Beep - ok
11:17:33.0686 6224 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:17:33.0795 6224 BFE - ok
11:17:33.0826 6224 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:17:33.0889 6224 BITS - ok
11:17:33.0904 6224 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:17:33.0935 6224 blbdrive - ok
11:17:33.0951 6224 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:17:33.0982 6224 bowser - ok
11:17:34.0013 6224 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:17:34.0045 6224 BrFiltLo - ok
11:17:34.0045 6224 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:17:34.0060 6224 BrFiltUp - ok
11:17:34.0107 6224 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:17:34.0154 6224 Browser - ok
11:17:34.0154 6224 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:17:34.0185 6224 Brserid - ok
11:17:34.0185 6224 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:17:34.0216 6224 BrSerWdm - ok
11:17:34.0216 6224 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:17:34.0232 6224 BrUsbMdm - ok
11:17:34.0247 6224 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:17:34.0263 6224 BrUsbSer - ok
11:17:34.0294 6224 [ D74A81CCF0372C955862692B7AF272C9 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
11:17:34.0294 6224 BTATH_A2DP - ok
11:17:34.0325 6224 [ 3118072D09DAA1961A9F6549A4E8433A ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
11:17:34.0325 6224 btath_avdt - ok
11:17:34.0357 6224 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
11:17:34.0357 6224 BTATH_BUS - ok
11:17:34.0388 6224 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
11:17:34.0403 6224 BTATH_HCRP - ok
11:17:34.0419 6224 [ 8008D892A2BDA67EEFBE25E14EB5DC83 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
11:17:34.0419 6224 BTATH_LWFLT - ok
11:17:34.0450 6224 [ 58535686697E5E82EC3A87938AC3DA54 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
11:17:34.0466 6224 BTATH_RCP - ok
11:17:34.0481 6224 [ 3DF6C4913A683C76F29F376EE814221E ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
11:17:34.0497 6224 BtFilter - ok
11:17:34.0528 6224 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:17:34.0544 6224 BthEnum - ok
11:17:34.0591 6224 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:17:34.0637 6224 BTHMODEM - ok
11:17:34.0653 6224 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:17:34.0684 6224 BthPan - ok
11:17:34.0731 6224 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:17:34.0747 6224 BTHPORT - ok
11:17:34.0778 6224 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:17:34.0809 6224 bthserv - ok
11:17:34.0825 6224 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:17:34.0840 6224 BTHUSB - ok
11:17:34.0871 6224 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:17:34.0903 6224 cdfs - ok
11:17:34.0934 6224 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:17:34.0996 6224 cdrom - ok
11:17:35.0027 6224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:17:35.0105 6224 CertPropSvc - ok
11:17:35.0152 6224 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:17:35.0215 6224 circlass - ok
11:17:35.0230 6224 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:17:35.0246 6224 CLFS - ok
11:17:35.0277 6224 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:17:35.0308 6224 clr_optimization_v2.0.50727_32 - ok
11:17:35.0339 6224 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:17:35.0371 6224 clr_optimization_v2.0.50727_64 - ok
11:17:35.0433 6224 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:17:35.0464 6224 clr_optimization_v4.0.30319_32 - ok
11:17:35.0495 6224 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:17:35.0511 6224 clr_optimization_v4.0.30319_64 - ok
11:17:35.0527 6224 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:17:35.0558 6224 CmBatt - ok
11:17:35.0667 6224 [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
11:17:35.0714 6224 cmdAgent - ok
11:17:35.0729 6224 [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
11:17:35.0745 6224 cmdGuard - ok
11:17:35.0761 6224 [ F8FECE0F1D44C4A58778083B00EEADAC ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
11:17:35.0776 6224 cmdHlp - ok
11:17:35.0792 6224 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:17:35.0792 6224 cmdide - ok
11:17:35.0823 6224 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
11:17:35.0854 6224 CNG - ok
11:17:35.0885 6224 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:17:35.0901 6224 Compbatt - ok
11:17:35.0917 6224 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:17:35.0963 6224 CompositeBus - ok
11:17:35.0963 6224 COMSysApp - ok
11:17:36.0026 6224 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:17:36.0057 6224 cphs - ok
11:17:36.0073 6224 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:17:36.0088 6224 crcdisk - ok
11:17:36.0119 6224 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:17:36.0151 6224 CryptSvc - ok
11:17:36.0182 6224 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:17:36.0260 6224 DcomLaunch - ok
11:17:36.0322 6224 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:17:36.0400 6224 defragsvc - ok
11:17:36.0416 6224 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:17:36.0463 6224 DfsC - ok
11:17:36.0494 6224 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:17:36.0509 6224 Dhcp - ok
11:17:36.0525 6224 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:17:36.0572 6224 discache - ok
11:17:36.0603 6224 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:17:36.0619 6224 Disk - ok
11:17:36.0634 6224 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:17:36.0650 6224 Dnscache - ok
11:17:36.0665 6224 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:17:36.0697 6224 dot3svc - ok
11:17:36.0712 6224 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:17:36.0759 6224 DPS - ok
11:17:36.0775 6224 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:17:36.0806 6224 drmkaud - ok
11:17:36.0837 6224 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:17:36.0853 6224 DXGKrnl - ok
11:17:36.0868 6224 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:17:36.0899 6224 EapHost - ok
11:17:36.0962 6224 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:17:37.0009 6224 ebdrv - ok
11:17:37.0024 6224 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:17:37.0055 6224 EFS - ok
11:17:37.0118 6224 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:17:37.0149 6224 ehRecvr - ok
11:17:37.0165 6224 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:17:37.0180 6224 ehSched - ok
11:17:37.0243 6224 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:17:37.0258 6224 elxstor - ok
11:17:37.0258 6224 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:17:37.0274 6224 ErrDev - ok
11:17:37.0305 6224 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
11:17:37.0321 6224 ETD - ok
11:17:37.0352 6224 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:17:37.0399 6224 EventSystem - ok
11:17:37.0430 6224 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:17:37.0461 6224 exfat - ok
11:17:37.0508 6224 Fabs - ok
11:17:37.0523 6224 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:17:37.0555 6224 fastfat - ok
11:17:37.0601 6224 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:17:37.0633 6224 Fax - ok
11:17:37.0648 6224 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:17:37.0664 6224 fdc - ok
11:17:37.0679 6224 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:17:37.0726 6224 fdPHost - ok
11:17:37.0742 6224 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:17:37.0789 6224 FDResPub - ok
11:17:37.0804 6224 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:17:37.0820 6224 FileInfo - ok
11:17:37.0835 6224 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:17:37.0867 6224 Filetrace - ok
11:17:37.0960 6224 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
11:17:38.0023 6224 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
11:17:38.0023 6224 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
11:17:38.0038 6224 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:17:38.0054 6224 flpydisk - ok
11:17:38.0069 6224 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:17:38.0085 6224 FltMgr - ok
11:17:38.0132 6224 [ BCE31F2F2837DBB763FA2F8636FD24F1 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
11:17:38.0163 6224 FLxHCIc - ok
11:17:38.0163 6224 [ BAA12DC50104B73C96872BD3C363B044 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
11:17:38.0179 6224 FLxHCIh - ok
11:17:38.0210 6224 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:17:38.0257 6224 FontCache - ok
11:17:38.0288 6224 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:17:38.0319 6224 FontCache3.0.0.0 - ok
11:17:38.0319 6224 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:17:38.0335 6224 FsDepends - ok
11:17:38.0366 6224 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
11:17:38.0381 6224 fssfltr - ok
11:17:38.0459 6224 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:17:38.0491 6224 fsssvc - ok
11:17:38.0522 6224 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:17:38.0537 6224 Fs_Rec - ok
11:17:38.0584 6224 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:17:38.0615 6224 fvevol - ok
11:17:38.0662 6224 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:17:38.0678 6224 gagp30kx - ok
11:17:38.0709 6224 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:17:38.0756 6224 gpsvc - ok
11:17:38.0771 6224 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:17:38.0787 6224 hcw85cir - ok
11:17:38.0818 6224 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:17:38.0849 6224 HdAudAddService - ok
11:17:38.0881 6224 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:17:38.0896 6224 HDAudBus - ok
11:17:38.0912 6224 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:17:38.0927 6224 HidBatt - ok
11:17:38.0943 6224 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:17:38.0959 6224 HidBth - ok
11:17:38.0974 6224 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:17:38.0990 6224 HidIr - ok
11:17:39.0005 6224 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:17:39.0037 6224 hidserv - ok
11:17:39.0068 6224 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:17:39.0083 6224 HidUsb - ok
11:17:39.0099 6224 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:17:39.0146 6224 hkmsvc - ok
11:17:39.0161 6224 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:17:39.0193 6224 HomeGroupListener - ok
11:17:39.0208 6224 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:17:39.0239 6224 HomeGroupProvider - ok
11:17:39.0271 6224 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:17:39.0271 6224 HpSAMD - ok
11:17:39.0317 6224 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:17:39.0364 6224 HTTP - ok
11:17:39.0364 6224 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:17:39.0380 6224 hwpolicy - ok
11:17:39.0411 6224 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:17:39.0427 6224 i8042prt - ok
11:17:39.0442 6224 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:17:39.0458 6224 iaStor - ok
11:17:39.0489 6224 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:17:39.0505 6224 iaStorV - ok
11:17:39.0551 6224 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:17:39.0567 6224 idsvc - ok
11:17:39.0707 6224 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:17:39.0817 6224 igfx - ok
11:17:39.0832 6224 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:17:39.0848 6224 iirsp - ok
11:17:39.0879 6224 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:17:39.0926 6224 IKEEXT - ok
11:17:39.0957 6224 [ C4E67D3037DC79E39D7136581A947F50 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
11:17:39.0973 6224 inspect - ok
11:17:40.0082 6224 [ 68E799ADC93086EA170D3314DF23BEDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:17:40.0144 6224 IntcAzAudAddService - ok
11:17:40.0191 6224 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:17:40.0222 6224 IntcDAud - ok
11:17:40.0238 6224 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:17:40.0253 6224 intelide - ok
11:17:40.0269 6224 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:17:40.0316 6224 intelppm - ok
11:17:40.0347 6224 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:17:40.0409 6224 IPBusEnum - ok
11:17:40.0441 6224 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:17:40.0487 6224 IpFilterDriver - ok
11:17:40.0503 6224 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:17:40.0534 6224 iphlpsvc - ok
11:17:40.0534 6224 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:17:40.0565 6224 IPMIDRV - ok
11:17:40.0565 6224 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:17:40.0612 6224 IPNAT - ok
11:17:40.0628 6224 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:17:40.0659 6224 IRENUM - ok
11:17:40.0706 6224 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:17:40.0737 6224 isapnp - ok
11:17:40.0753 6224 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:17:40.0768 6224 iScsiPrt - ok
11:17:40.0784 6224 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:17:40.0799 6224 kbdclass - ok
11:17:40.0799 6224 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:17:40.0831 6224 kbdhid - ok
11:17:40.0862 6224 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
11:17:40.0862 6224 kbfiltr - ok
11:17:40.0893 6224 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:17:40.0909 6224 KeyIso - ok
11:17:40.0924 6224 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:17:40.0940 6224 KSecDD - ok
11:17:40.0971 6224 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:17:40.0987 6224 KSecPkg - ok
11:17:41.0111 6224 [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
11:17:41.0158 6224 KSS - ok
11:17:41.0174 6224 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:17:41.0221 6224 ksthunk - ok
11:17:41.0252 6224 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:17:41.0299 6224 KtmRm - ok
11:17:41.0314 6224 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
11:17:41.0330 6224 L1C - ok
11:17:41.0361 6224 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:17:41.0408 6224 LanmanServer - ok
11:17:41.0423 6224 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:17:41.0470 6224 LanmanWorkstation - ok
11:17:41.0501 6224 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:17:41.0533 6224 lltdio - ok
11:17:41.0564 6224 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:17:41.0595 6224 lltdsvc - ok
11:17:41.0611 6224 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:17:41.0657 6224 lmhosts - ok
11:17:41.0689 6224 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:17:41.0704 6224 LMS - ok
11:17:41.0735 6224 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:17:41.0751 6224 LSI_FC - ok
11:17:41.0751 6224 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:17:41.0767 6224 LSI_SAS - ok
11:17:41.0782 6224 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:17:41.0782 6224 LSI_SAS2 - ok
11:17:41.0798 6224 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:17:41.0798 6224 LSI_SCSI - ok
11:17:41.0813 6224 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:17:41.0845 6224 luafv - ok
11:17:41.0860 6224 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:17:41.0876 6224 Mcx2Svc - ok
11:17:41.0876 6224 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:17:41.0891 6224 megasas - ok
11:17:41.0907 6224 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:17:41.0923 6224 MegaSR - ok
11:17:41.0938 6224 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:17:41.0954 6224 MEIx64 - ok
11:17:41.0969 6224 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:17:42.0016 6224 MMCSS - ok
11:17:42.0016 6224 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:17:42.0250 6224 Modem - ok
11:17:42.0297 6224 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:17:42.0313 6224 monitor - ok
11:17:42.0328 6224 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:17:42.0344 6224 mouclass - ok
11:17:42.0375 6224 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:17:42.0391 6224 mouhid - ok
11:17:42.0422 6224 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:17:42.0437 6224 mountmgr - ok
11:17:42.0469 6224 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:17:42.0484 6224 MozillaMaintenance - ok
11:17:42.0500 6224 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:17:42.0500 6224 mpio - ok
11:17:42.0515 6224 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:17:42.0562 6224 mpsdrv - ok
11:17:42.0593 6224 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:17:42.0640 6224 MpsSvc - ok
11:17:42.0640 6224 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:17:42.0671 6224 MRxDAV - ok
11:17:42.0687 6224 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:17:42.0718 6224 mrxsmb - ok
11:17:42.0734 6224 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:17:42.0749 6224 mrxsmb10 - ok
11:17:42.0765 6224 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:17:42.0796 6224 mrxsmb20 - ok
11:17:42.0796 6224 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:17:42.0812 6224 msahci - ok
11:17:42.0827 6224 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:17:42.0843 6224 msdsm - ok
11:17:42.0859 6224 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:17:42.0874 6224 MSDTC - ok
11:17:42.0890 6224 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:17:42.0937 6224 Msfs - ok
11:17:42.0952 6224 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:17:42.0983 6224 mshidkmdf - ok
11:17:42.0983 6224 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:17:42.0999 6224 msisadrv - ok
11:17:43.0030 6224 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:17:43.0077 6224 MSiSCSI - ok
11:17:43.0077 6224 msiserver - ok
11:17:43.0093 6224 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:17:43.0139 6224 MSKSSRV - ok
11:17:43.0155 6224 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:17:43.0186 6224 MSPCLOCK - ok
11:17:43.0217 6224 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:17:43.0249 6224 MSPQM - ok
11:17:43.0264 6224 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:17:43.0280 6224 MsRPC - ok
11:17:43.0295 6224 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:17:43.0311 6224 mssmbios - ok
11:17:43.0327 6224 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:17:43.0358 6224 MSTEE - ok
11:17:43.0358 6224 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:17:43.0389 6224 MTConfig - ok
11:17:43.0405 6224 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:17:43.0420 6224 Mup - ok
11:17:43.0436 6224 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:17:43.0483 6224 napagent - ok
11:17:43.0514 6224 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:17:43.0529 6224 NativeWifiP - ok
11:17:43.0576 6224 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:17:43.0592 6224 NDIS - ok
11:17:43.0607 6224 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:17:43.0639 6224 NdisCap - ok
11:17:43.0670 6224 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:17:43.0701 6224 NdisTapi - ok
11:17:43.0717 6224 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:17:43.0763 6224 Ndisuio - ok
11:17:43.0779 6224 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:17:43.0826 6224 NdisWan - ok
11:17:43.0841 6224 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:17:43.0873 6224 NDProxy - ok
11:17:43.0888 6224 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:17:43.0919 6224 NetBIOS - ok
11:17:43.0919 6224 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:17:43.0966 6224 NetBT - ok
11:17:43.0966 6224 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:17:43.0982 6224 Netlogon - ok
11:17:44.0013 6224 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:17:44.0060 6224 Netman - ok
11:17:44.0122 6224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:44.0138 6224 NetMsmqActivator - ok
11:17:44.0153 6224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:44.0169 6224 NetPipeActivator - ok
11:17:44.0185 6224 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:17:44.0231 6224 netprofm - ok
11:17:44.0247 6224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:44.0263 6224 NetTcpActivator - ok
11:17:44.0263 6224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:44.0278 6224 NetTcpPortSharing - ok
11:17:44.0309 6224 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:17:44.0325 6224 nfrd960 - ok
11:17:44.0356 6224 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:17:44.0372 6224 NlaSvc - ok
11:17:44.0387 6224 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:17:44.0419 6224 Npfs - ok
11:17:44.0434 6224 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:17:44.0481 6224 nsi - ok
11:17:44.0497 6224 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:17:44.0543 6224 nsiproxy - ok
11:17:44.0606 6224 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:17:44.0637 6224 Ntfs - ok
11:17:44.0637 6224 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:17:44.0684 6224 Null - ok
11:17:44.0933 6224 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:17:45.0105 6224 nvlddmkm - ok
11:17:45.0136 6224 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
11:17:45.0136 6224 nvpciflt - ok
11:17:45.0167 6224 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:17:45.0183 6224 nvraid - ok
11:17:45.0199 6224 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:17:45.0214 6224 nvstor - ok
11:17:45.0245 6224 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
11:17:45.0261 6224 nvsvc - ok
11:17:45.0323 6224 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:17:45.0355 6224 nvUpdatusService - ok
11:17:45.0370 6224 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:17:45.0386 6224 nv_agp - ok
11:17:45.0386 6224 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:17:45.0401 6224 ohci1394 - ok
11:17:45.0417 6224 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:17:45.0448 6224 p2pimsvc - ok
11:17:45.0464 6224 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:17:45.0495 6224 p2psvc - ok
11:17:45.0495 6224 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:17:45.0526 6224 Parport - ok
11:17:45.0542 6224 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:17:45.0557 6224 partmgr - ok
11:17:45.0573 6224 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:17:45.0604 6224 PcaSvc - ok
11:17:45.0620 6224 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:17:45.0635 6224 pci - ok
11:17:45.0667 6224 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:17:45.0667 6224 pciide - ok
11:17:45.0682 6224 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:17:45.0698 6224 pcmcia - ok
11:17:45.0713 6224 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:17:45.0729 6224 pcw - ok
11:17:45.0745 6224 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:17:45.0776 6224 PEAUTH - ok
11:17:45.0823 6224 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:17:45.0854 6224 PerfHost - ok
11:17:45.0885 6224 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:17:45.0932 6224 pla - ok
11:17:45.0979 6224 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:17:45.0994 6224 PlugPlay - ok
11:17:46.0010 6224 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:17:46.0041 6224 PNRPAutoReg - ok
11:17:46.0057 6224 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:17:46.0072 6224 PNRPsvc - ok
11:17:46.0088 6224 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:17:46.0135 6224 PolicyAgent - ok
11:17:46.0150 6224 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:17:46.0197 6224 Power - ok
11:17:46.0213 6224 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:17:46.0244 6224 PptpMiniport - ok
11:17:46.0259 6224 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:17:46.0275 6224 Processor - ok
11:17:46.0306 6224 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:17:46.0322 6224 ProfSvc - ok
11:17:46.0337 6224 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:17:46.0353 6224 ProtectedStorage - ok
11:17:46.0369 6224 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:17:46.0415 6224 Psched - ok
11:17:46.0462 6224 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:17:46.0493 6224 ql2300 - ok
11:17:46.0509 6224 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:17:46.0525 6224 ql40xx - ok
11:17:46.0540 6224 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:17:46.0571 6224 QWAVE - ok
11:17:46.0587 6224 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:17:46.0603 6224 QWAVEdrv - ok
11:17:46.0618 6224 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:17:46.0649 6224 RasAcd - ok
11:17:46.0665 6224 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:17:46.0712 6224 RasAgileVpn - ok
11:17:46.0727 6224 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:17:46.0759 6224 RasAuto - ok
11:17:46.0774 6224 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:17:46.0821 6224 Rasl2tp - ok
11:17:46.0837 6224 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:17:46.0883 6224 RasMan - ok
11:17:46.0883 6224 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:17:46.0915 6224 RasPppoe - ok
11:17:46.0930 6224 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:17:46.0961 6224 RasSstp - ok
11:17:46.0977 6224 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:17:47.0008 6224 rdbss - ok
11:17:47.0024 6224 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:17:47.0039 6224 rdpbus - ok
11:17:47.0071 6224 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:17:47.0102 6224 RDPCDD - ok
11:17:47.0117 6224 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:17:47.0164 6224 RDPENCDD - ok
11:17:47.0180 6224 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:17:47.0211 6224 RDPREFMP - ok
11:17:47.0242 6224 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:17:47.0273 6224 RDPWD - ok
11:17:47.0289 6224 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:17:47.0305 6224 rdyboost - ok
11:17:47.0320 6224 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:17:47.0367 6224 RemoteAccess - ok
11:17:47.0383 6224 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:17:47.0429 6224 RemoteRegistry - ok
11:17:47.0461 6224 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:17:47.0492 6224 RFCOMM - ok
11:17:47.0539 6224 [ A2FF4C5EC45A9F6051B9D591F364C3A8 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:17:47.0554 6224 RichVideo ( UnsignedFile.Multi.Generic ) - warning
11:17:47.0554 6224 RichVideo - detected UnsignedFile.Multi.Generic (1)
11:17:47.0570 6224 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:17:47.0648 6224 RpcEptMapper - ok
11:17:47.0679 6224 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:17:47.0695 6224 RpcLocator - ok
11:17:47.0710 6224 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:17:47.0741 6224 RpcSs - ok
11:17:47.0773 6224 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:17:47.0804 6224 rspndr - ok
11:17:47.0835 6224 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:17:47.0851 6224 RTL8167 - ok
11:17:47.0866 6224 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:17:47.0882 6224 SamSs - ok
11:17:47.0897 6224 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:17:47.0897 6224 sbp2port - ok
11:17:47.0929 6224 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:17:47.0960 6224 SCardSvr - ok
11:17:47.0975 6224 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:17:48.0007 6224 scfilter - ok
11:17:48.0038 6224 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:17:48.0069 6224 Schedule - ok
11:17:48.0100 6224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:17:48.0131 6224 SCPolicySvc - ok
11:17:48.0147 6224 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:17:48.0178 6224 SDRSVC - ok
11:17:48.0256 6224 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
11:17:48.0287 6224 SDScannerService - ok
11:17:48.0319 6224 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:17:48.0350 6224 SDUpdateService - ok
11:17:48.0365 6224 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:17:48.0365 6224 SDWSCService - ok
11:17:48.0397 6224 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:17:48.0443 6224 secdrv - ok
11:17:48.0459 6224 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:17:48.0490 6224 seclogon - ok
11:17:48.0506 6224 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:17:48.0537 6224 SENS - ok
11:17:48.0553 6224 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:17:48.0584 6224 SensrSvc - ok
11:17:48.0599 6224 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:17:48.0631 6224 Serenum - ok
11:17:48.0631 6224 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:17:48.0662 6224 Serial - ok
11:17:48.0677 6224 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:17:48.0693 6224 sermouse - ok
11:17:48.0724 6224 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:17:48.0771 6224 SessionEnv - ok
11:17:48.0771 6224 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:17:48.0787 6224 sffdisk - ok
11:17:48.0802 6224 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:17:48.0818 6224 sffp_mmc - ok
11:17:48.0818 6224 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:17:48.0849 6224 sffp_sd - ok
11:17:48.0849 6224 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:17:48.0865 6224 sfloppy - ok
11:17:48.0896 6224 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:17:48.0943 6224 SharedAccess - ok
11:17:48.0974 6224 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:17:49.0005 6224 ShellHWDetection - ok
11:17:49.0005 6224 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
11:17:49.0021 6224 SiSGbeLH - ok
11:17:49.0036 6224 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:17:49.0052 6224 SiSRaid2 - ok
11:17:49.0052 6224 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:17:49.0067 6224 SiSRaid4 - ok
11:17:49.0083 6224 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:17:49.0114 6224 Smb - ok
11:17:49.0145 6224 [ 10450F432811D7FDA60A97FCC674D7B2 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
11:17:49.0161 6224 snapman - ok
11:17:49.0192 6224 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:17:49.0208 6224 SNMPTRAP - ok
11:17:49.0223 6224 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:17:49.0239 6224 spldr - ok
11:17:49.0255 6224 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:17:49.0301 6224 Spooler - ok
11:17:49.0379 6224 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:17:49.0457 6224 sppsvc - ok
11:17:49.0473 6224 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:17:49.0520 6224 sppuinotify - ok
11:17:49.0535 6224 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:17:49.0567 6224 srv - ok
11:17:49.0582 6224 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:17:49.0598 6224 srv2 - ok
11:17:49.0598 6224 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:17:49.0629 6224 srvnet - ok
11:17:49.0660 6224 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:17:49.0707 6224 SSDPSRV - ok
11:17:49.0723 6224 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:17:49.0754 6224 SstpSvc - ok
11:17:49.0769 6224 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:17:49.0785 6224 stexstor - ok
11:17:49.0801 6224 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:17:49.0832 6224 stisvc - ok
11:17:49.0847 6224 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:17:49.0863 6224 swenum - ok
11:17:49.0879 6224 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:17:49.0925 6224 swprv - ok
11:17:49.0957 6224 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:17:49.0988 6224 SysMain - ok
11:17:50.0003 6224 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:17:50.0019 6224 TabletInputService - ok
11:17:50.0035 6224 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:17:50.0081 6224 TapiSrv - ok
11:17:50.0097 6224 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:17:50.0128 6224 TBS - ok
11:17:50.0175 6224 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:17:50.0222 6224 Tcpip - ok
11:17:50.0269 6224 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:17:50.0300 6224 TCPIP6 - ok
11:17:50.0331 6224 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:17:50.0347 6224 tcpipreg - ok
11:17:50.0378 6224 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:17:50.0393 6224 TDPIPE - ok
11:17:50.0425 6224 [ 99527D49EE0A96FC25537C61B270A372 ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
11:17:50.0456 6224 tdrpman273 - ok
11:17:50.0471 6224 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:17:50.0503 6224 TDTCP - ok
11:17:50.0518 6224 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:17:50.0534 6224 tdx - ok
11:17:50.0565 6224 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:17:50.0581 6224 TermDD - ok
11:17:50.0612 6224 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:17:50.0659 6224 TermService - ok
11:17:50.0674 6224 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:17:50.0705 6224 Themes - ok
11:17:50.0705 6224 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:17:50.0737 6224 THREADORDER - ok
11:17:50.0783 6224 [ EBBAEA02F0095A798000C7E06B16D41B ] timounter C:\Windows\system32\DRIVERS\timntr.sys
11:17:50.0799 6224 timounter - ok
11:17:50.0799 6224 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
11:17:50.0830 6224 TPM - ok
11:17:50.0846 6224 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:17:50.0877 6224 TrkWks - ok
11:17:50.0924 6224 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:17:50.0971 6224 TrustedInstaller - ok
11:17:50.0986 6224 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:17:51.0017 6224 tssecsrv - ok
11:17:51.0033 6224 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:17:51.0064 6224 TsUsbFlt - ok
11:17:51.0064 6224 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:17:51.0080 6224 TsUsbGD - ok
11:17:51.0111 6224 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:17:51.0158 6224 tunnel - ok
11:17:51.0173 6224 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
11:17:51.0189 6224 TurboB - ok
11:17:51.0236 6224 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
11:17:51.0267 6224 TurboBoost - ok
11:17:51.0267 6224 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:17:51.0298 6224 uagp35 - ok
11:17:51.0314 6224 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:17:51.0345 6224 udfs - ok
11:17:51.0376 6224 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:17:51.0407 6224 UI0Detect - ok
11:17:51.0407 6224 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:17:51.0423 6224 uliagpkx - ok
11:17:51.0439 6224 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:17:51.0470 6224 umbus - ok
11:17:51.0485 6224 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:17:51.0501 6224 UmPass - ok
11:17:51.0563 6224 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:17:51.0610 6224 UNS - ok
11:17:51.0657 6224 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:17:51.0735 6224 upnphost - ok
11:17:51.0751 6224 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:17:51.0782 6224 usbccgp - ok
11:17:51.0782 6224 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:17:51.0797 6224 usbcir - ok
11:17:51.0813 6224 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:17:51.0844 6224 usbehci - ok
11:17:51.0844 6224 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:17:51.0875 6224 usbhub - ok
11:17:51.0891 6224 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:17:51.0907 6224 usbohci - ok
11:17:51.0907 6224 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:17:51.0922 6224 usbprint - ok
11:17:51.0938 6224 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:17:51.0953 6224 USBSTOR - ok
11:17:51.0969 6224 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:17:52.0000 6224 usbuhci - ok
11:17:52.0016 6224 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:17:52.0047 6224 usbvideo - ok
11:17:52.0078 6224 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:17:52.0109 6224 UxSms - ok
11:17:52.0125 6224 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:17:52.0141 6224 VaultSvc - ok
11:17:52.0156 6224 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:17:52.0172 6224 vdrvroot - ok
11:17:52.0172 6224 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:17:52.0219 6224 vds - ok
11:17:52.0219 6224 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:17:52.0250 6224 vga - ok
11:17:52.0250 6224 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:17:52.0281 6224 VgaSave - ok
11:17:52.0281 6224 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:17:52.0297 6224 vhdmp - ok
11:17:52.0312 6224 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:17:52.0312 6224 viaide - ok
11:17:52.0375 6224 [ 9DCB8D7BC3F13189E75A9AC4F9F700DE ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
11:17:52.0406 6224 VideAceWindowsService - ok
11:17:52.0421 6224 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:17:52.0437 6224 volmgr - ok
11:17:52.0437 6224 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:17:52.0453 6224 volmgrx - ok
11:17:52.0453 6224 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:17:52.0468 6224 volsnap - ok
11:17:52.0499 6224 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:17:52.0515 6224 vsmraid - ok
11:17:52.0546 6224 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:17:52.0593 6224 VSS - ok
11:17:52.0609 6224 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:17:52.0640 6224 vwifibus - ok
11:17:52.0655 6224 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:17:52.0671 6224 vwififlt - ok
11:17:52.0687 6224 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:17:52.0733 6224 W32Time - ok
11:17:52.0749 6224 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:17:52.0765 6224 WacomPen - ok
11:17:52.0796 6224 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:17:52.0827 6224 WANARP - ok
11:17:52.0843 6224 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:17:52.0858 6224 Wanarpv6 - ok
11:17:52.0952 6224 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:17:53.0014 6224 WatAdminSvc - ok
11:17:53.0061 6224 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:17:53.0092 6224 wbengine - ok
11:17:53.0108 6224 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:17:53.0139 6224 WbioSrvc - ok
11:17:53.0170 6224 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:17:53.0201 6224 wcncsvc - ok
11:17:53.0217 6224 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:17:53.0248 6224 WcsPlugInService - ok
11:17:53.0248 6224 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:17:53.0264 6224 Wd - ok
11:17:53.0295 6224 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:17:53.0311 6224 Wdf01000 - ok
11:17:53.0326 6224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:17:53.0357 6224 WdiServiceHost - ok
11:17:53.0357 6224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:17:53.0373 6224 WdiSystemHost - ok
11:17:53.0389 6224 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:17:53.0420 6224 WebClient - ok
11:17:53.0435 6224 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:17:53.0482 6224 Wecsvc - ok
11:17:53.0482 6224 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:17:53.0529 6224 wercplsupport - ok
11:17:53.0545 6224 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:17:53.0591 6224 WerSvc - ok
11:17:53.0623 6224 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:17:53.0654 6224 WfpLwf - ok
11:17:53.0685 6224 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
11:17:53.0701 6224 WimFltr - ok
11:17:53.0716 6224 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:17:53.0732 6224 WIMMount - ok
11:17:53.0747 6224 WinDefend - ok
11:17:53.0763 6224 WinHttpAutoProxySvc - ok
11:17:53.0810 6224 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:17:53.0841 6224 Winmgmt - ok
11:17:53.0903 6224 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:17:53.0966 6224 WinRM - ok
11:17:53.0997 6224 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:17:54.0044 6224 Wlansvc - ok
11:17:54.0075 6224 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:17:54.0091 6224 wlcrasvc - ok
11:17:54.0200 6224 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:17:54.0247 6224 wlidsvc - ok
11:17:54.0278 6224 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:17:54.0293 6224 WmiAcpi - ok
11:17:54.0325 6224 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:17:54.0387 6224 wmiApSrv - ok
11:17:54.0418 6224 WMPNetworkSvc - ok
11:17:54.0449 6224 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:17:54.0481 6224 WPCSvc - ok
11:17:54.0496 6224 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:17:54.0527 6224 WPDBusEnum - ok
11:17:54.0543 6224 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:17:54.0574 6224 ws2ifsl - ok
11:17:54.0574 6224 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:17:54.0605 6224 wscsvc - ok
11:17:54.0605 6224 WSearch - ok
11:17:54.0652 6224 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:17:54.0699 6224 wuauserv - ok
11:17:54.0715 6224 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:17:54.0746 6224 WudfPf - ok
11:17:54.0777 6224 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:17:54.0793 6224 WUDFRd - ok
11:17:54.0808 6224 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:17:54.0824 6224 wudfsvc - ok
11:17:54.0839 6224 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:17:54.0886 6224 WwanSvc - ok
11:17:54.0902 6224 ================ Scan global ===============================
11:17:54.0917 6224 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:17:54.0933 6224 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
11:17:54.0949 6224 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
11:17:54.0964 6224 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:17:54.0980 6224 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:17:54.0980 6224 [Global] - ok
11:17:54.0980 6224 ================ Scan MBR ==================================
11:17:54.0995 6224 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:17:55.0370 6224 \Device\Harddisk0\DR0 - ok
11:17:55.0370 6224 ================ Scan VBR ==================================
11:17:55.0370 6224 [ 76A092150AFD2A33B0FD0DB38784023C ] \Device\Harddisk0\DR0\Partition1
11:17:55.0370 6224 \Device\Harddisk0\DR0\Partition1 - ok
11:17:55.0370 6224 ============================================================
11:17:55.0370 6224 Scan finished
11:17:55.0370 6224 ============================================================
11:17:55.0385 4304 Detected object count: 2
11:17:55.0385 4304 Actual detected object count: 2
11:19:29.0455 4304 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
11:19:29.0455 4304 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:19:29.0455 4304 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
11:19:29.0455 4304 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:19:37.0582 7004 Deinitialize success

------------------------

Mbam log


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Versión de la Base de Datos: v2012.12.11.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Pati :: AS-PC [administrador]

11/12/2012 11:21:27 a.m.
mbam-log-2012-12-11 (11-21-27).txt

Tipos de Análisis: Análisis Rápido
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 224658
Tiempo transcurrido: 1 minuto(s), 43 segundo(s)

Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)

Archivos Detectados: 0
(No se han detectado elementos maliciosos)

fin)


-----------------------------------------

sfc /scannow message

Windows resources protection found damaged files and cannot repair some of them. To get more details check CBS.log
windir\Logs\CBS\CBS.log


-----------------------------------------

Event Viewer

As I told you before, the program doesn't run in another language.

Posted Image


OTL log

OTL logfile created on: 11/12/2012 11:43:54 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pati\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

13,91 Gb Total Physical Memory | 10,94 Gb Available Physical Memory | 78,64% Memory free
27,81 Gb Paging File | 24,85 Gb Available in Paging File | 89,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673,63 Gb Total Space | 556,44 Gb Free Space | 82,60% Space Free | Partition Type: NTFS

Computer Name: AS-PC | User Name: Pati | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Pati\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
PRC - C:\ExpressGateUtil\VAWinService.exe ()
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (KSS) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
SRV - (VideAceWindowsService) -- C:\ExpressGateUtil\VAWinService.exe ()
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)


========== Driver Services (SafeList) ==========

DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman273) -- C:\Windows\SysNative\drivers\tdrpm273.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (FLxHCIc) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic)
DRV:64bit: - (FLxHCIh) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel® Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (AiCharger) -- C:\Windows\SysWOW64\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://ar.search.yah...}&fr=chr-comodo
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
FF - prefs.js..extensions.enabledAddons: copylinkurl%40bluelightdev.com:1.5
FF - prefs.js..extensions.enabledAddons: properties%40darktrojan.net:7
FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: %7Bd09e32df-8610-4b33-b929-1e631b764130%7D:0.5.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5
FF - prefs.js..extensions.enabledAddons: status4evar%40caligonstudios.com:2012.07.08.17
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.3
FF - prefs.js..extensions.enabledAddons: %7B4BBDD651-70CF-4821-84F8-2B918CF89CA3%7D:7.0.3.5
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7B5FF97DB7-2EF7-4a7f-8E36-5214B5C5C65A%7D:6
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.01
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.2.2rc3
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledItems: [email protected]:6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20111107
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.1
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
FF - prefs.js..extensions.enabledItems: {E4091D66-127C-11DB-903A-DE80D2EFDFE8}:1.6.5.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.8.0.5
FF - prefs.js..extensions.enabledItems: {038dc421-b19e-4711-a218-1fd10de9163b}:1.0.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.67
FF - prefs.js..extensions.enabledItems: {a3a5c777-f583-4fef-9380-ab4add1bc2a8}:2.0.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.6
FF - prefs.js..extensions.enabledItems: {C8E400E3-44BC-4e78-8C17-8C48E74C67F4}:3.6
FF - prefs.js..keyword.URL: "http://ar.search.yah...ytff-comodo&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/02 12:21:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/12/02 12:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\Extensions
[2012/12/08 15:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions
[2012/12/02 12:27:18 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2012/12/02 13:02:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/12/01 18:38:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/12/05 19:55:05 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/12/06 16:05:14 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\[email protected]
[2012/04/13 23:34:47 | 000,012,755 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]
[2012/06/22 12:41:25 | 000,008,010 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]
[2012/07/31 22:18:37 | 000,146,901 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]
[2012/06/22 11:55:20 | 000,097,400 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]
[2012/12/02 16:13:25 | 000,163,080 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]
[2012/07/31 22:10:46 | 001,675,213 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}.xpi
[2012/08/02 22:08:20 | 002,227,573 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{5FF97DB7-2EF7-4a7f-8E36-5214B5C5C65A}.xpi
[2012/12/04 22:23:46 | 000,531,070 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/04/13 23:45:28 | 000,088,719 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012/08/01 11:38:45 | 002,831,746 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{C8E400E3-44BC-4e78-8C17-8C48E74C67F4}.xpi
[2012/06/22 12:52:23 | 000,029,829 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{d09e32df-8610-4b33-b929-1e631b764130}.xpi
[2012/07/31 22:11:48 | 001,669,514 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{ded0fc70-7215-4802-afeb-b2982d3e7225}.xpi
[2012/11/20 21:42:49 | 000,243,496 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/12/05 12:11:56 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\[email protected]\chrome\content\ff\view_expiry.js
[2012/12/02 12:21:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/11/29 05:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/29 07:20:17 | 000,004,293 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
[2012/11/29 07:20:17 | 000,002,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-ar.xml
[2012/11/29 07:20:17 | 000,001,391 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
[2012/11/29 07:20:17 | 000,001,037 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-ar.xml

O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [FLxHCIm64] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKCU..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.49.130.23 200.49.130.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5E61161-68EB-4A85-BE4A-7E80004C6B47}: DhcpNameServer = 200.49.130.23 200.49.130.22
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk - - File not found
MsConfig:64bit - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
MsConfig:64bit - StartUpReg: ASUSWebStorage - hkey= - key= - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
MsConfig:64bit - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig:64bit - StartUpReg: COMODO - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: CPA - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: RemoteControl10 - hkey= - key= - C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
MsConfig:64bit - StartUpReg: SDTray - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
MsConfig:64bit - StartUpReg: Servicio de Acronis Scheduler2 - hkey= - key= - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
MsConfig:64bit - StartUpReg: SessionLogon - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: TrueImageMonitor.exe - hkey= - key= - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
MsConfig:64bit - StartUpReg: UpdatePSTShortCut - hkey= - key= - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: VAWinAgent - hkey= - key= - C:\ExpressGateUtil\VAWinAgent.exe ()
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CE4BC71D-A88B-4943-BB3D-AF9C0E7D4387} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/12/11 09:52:23 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Pati\Desktop\tdsskiller.exe
[2012/12/11 09:45:16 | 005,011,065 | ---- | C] (Swearware) -- C:\Users\Pati\Desktop\ComboFix.exe
[2012/12/10 19:11:48 | 002,712,200 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Pati\Desktop\procexp.exe
[2012/12/10 14:55:24 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2012/12/10 14:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/12/10 14:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2012/12/10 14:02:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pati\Desktop\OTL.exe
[2012/12/10 13:37:26 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012/12/10 13:35:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012/12/10 13:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012/12/09 14:50:27 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\TechSmith
[2012/12/09 14:43:23 | 000,000,000 | ---D | C] -- C:\Users\Pati\Documents\SnagIt Catalog
[2012/12/08 18:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2012/12/08 18:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2012/12/08 16:19:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2012/12/08 15:21:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/12/08 11:23:02 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/12/08 10:16:15 | 000,000,000 | ---D | C] -- C:\Symbols
[2012/12/07 22:08:31 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\SSW
[2012/12/07 22:08:28 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SSW Diagnostics 5.52
[2012/12/07 22:07:26 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Deployment
[2012/12/06 01:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2012/12/06 01:16:23 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2012/12/06 01:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2012/12/05 23:21:00 | 000,000,000 | ---D | C] -- C:\Users\Pati\Desktop\RK_Quarantine
[2012/12/05 19:56:17 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\QuickScan
[2012/12/05 19:12:58 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2012/12/05 17:26:27 | 000,000,000 | ---D | C] -- C:\Make_PE3
[2012/12/05 15:12:47 | 000,000,000 | ---D | C] -- C:\Users\Pati\Documents\ProcAlyzer Dumps
[2012/12/05 14:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/12/05 14:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012/12/05 14:42:44 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2012/12/05 14:42:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012/12/05 14:40:12 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Programs
[2012/12/05 14:20:39 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Malwarebytes
[2012/12/05 14:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/12/05 14:20:18 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/05 14:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/12/04 20:55:45 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/12/04 20:55:45 | 002,428,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/12/04 20:55:45 | 000,831,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/12/04 20:36:17 | 000,000,000 | ---D | C] -- C:\prueba
[2012/12/04 18:58:54 | 000,000,000 | ---D | C] -- C:\Users\Pati\SystemRequirementsLab
[2012/12/04 18:24:45 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\WinRAR
[2012/12/04 15:55:23 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\CrashDumps
[2012/12/04 15:46:43 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\mkvtoolnix
[2012/12/04 15:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
[2012/12/04 15:37:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVToolNix
[2012/12/04 15:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/12/04 15:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/12/04 13:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rixane Interactive
[2012/12/04 01:19:21 | 000,000,000 | ---D | C] -- C:\JDownloader
[2012/12/04 01:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/12/04 01:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/12/04 01:15:22 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/12/04 01:15:22 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/12/04 01:15:22 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/12/04 01:15:16 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/12/04 01:15:16 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/12/04 01:15:16 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/12/04 01:15:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/12/03 23:40:49 | 000,000,000 | ---D | C] -- C:\descargas
[2012/12/03 23:37:39 | 000,000,000 | ---D | C] -- C:\uTorrent 2.2.1
[2012/12/03 23:33:34 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\uTorrent
[2012/12/03 19:50:00 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Macromedia
[2012/12/03 19:49:19 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/12/03 19:49:19 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/12/03 19:49:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/12/03 19:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/12/03 19:12:00 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Apps
[2012/12/03 15:39:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2012/12/02 23:00:21 | 000,000,000 | ---D | C] -- C:\iconos sistema
[2012/12/02 22:58:48 | 000,000,000 | ---D | C] -- C:\Windows\Amazing Bubbles 3D
[2012/12/02 19:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2012/12/02 19:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2012/12/02 19:32:13 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012/12/02 19:32:13 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012/12/02 19:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/12/02 18:55:10 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Ashampoo
[2012/12/02 18:54:35 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\ashampoo
[2012/12/02 18:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012/12/02 18:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2012/12/02 18:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2012/12/02 18:27:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\[bleep] NFO Viewer
[2012/12/02 18:12:46 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Diagnostics
[2012/12/02 17:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Catalog Expert
[2012/12/02 17:28:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD Catalog Expert
[2012/12/02 16:49:42 | 000,000,000 | ---D | C] -- C:\Archivos de programa
[2012/12/02 16:47:11 | 000,000,000 | R--D | C] -- C:\juegos
[2012/12/02 16:46:32 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssflwbox.scr
[2012/12/02 16:46:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssbezier.scr
[2012/12/02 16:46:32 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssstars.scr
[2012/12/02 15:34:25 | 000,000,000 | ---D | C] -- C:\recuperacion
[2012/12/02 15:07:03 | 000,000,000 | ---D | C] -- C:\eSupport
[2012/12/02 15:05:22 | 000,000,000 | ---D | C] -- C:\WIMAPPLY
[2012/12/02 14:45:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/12/02 14:42:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012/12/02 14:40:51 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\SolSuite
[2012/12/02 14:40:35 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
[2012/12/02 14:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
[2012/12/02 14:40:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SolSuite
[2012/12/02 14:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
[2012/12/02 14:32:59 | 000,285,280 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys
[2012/12/02 14:32:57 | 001,263,200 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm273.sys
[2012/12/02 14:32:55 | 000,970,336 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2012/12/02 14:32:52 | 000,277,088 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2012/12/02 14:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2012/12/02 14:32:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis
[2012/12/02 14:32:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis
[2012/12/02 14:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\USBChargerPlus
[2012/12/02 14:31:08 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Acronis
[2012/12/02 14:31:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2012/12/02 14:29:39 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2012/12/02 14:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
[2012/12/02 14:26:10 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\CyberLink
[2012/12/02 14:26:01 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Cyberlink
[2012/12/02 14:25:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012/12/02 14:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/12/02 14:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/12/02 14:24:55 | 000,000,000 | -H-D | C] -- C:\ExpressGateUtil
[2012/12/02 14:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/12/02 14:23:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Music Maker
[2012/12/02 14:23:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ASUS Music Maker
[2012/12/02 14:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS Music Maker
[2012/12/02 14:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS Music Maker
[2012/12/02 14:23:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2012/12/02 14:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2012/12/02 14:22:58 | 000,016,768 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysNative\drivers\AiCharger.sys
[2012/12/02 14:22:55 | 000,379,520 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\FBAgent.exe
[2012/12/02 14:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2012/12/02 14:22:45 | 000,520,192 | ---- | C] (ScreenTime Media) -- C:\Windows\SysWow64\ASUS_Screensaver.scr
[2012/12/02 14:22:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ASUS_Screensaver dir
[2012/12/02 14:22:42 | 003,058,304 | ---- | C] (ASUS) -- C:\Windows\AsScrPro.exe
[2012/12/02 14:22:41 | 000,155,648 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\ACEngSvr.exe
[2012/12/02 14:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\P4G
[2012/12/02 14:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\P4G
[2012/12/02 14:21:59 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2012/12/02 14:21:56 | 002,769,920 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2012/12/02 14:21:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
[2012/12/02 14:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer
[2012/12/02 14:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012/12/02 14:21:02 | 000,428,136 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012/12/02 14:21:02 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012/12/02 14:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virage Logic, Corp
[2012/12/02 14:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SonicFocus
[2012/12/02 14:20:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/12/02 14:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/12/02 14:20:34 | 003,209,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/12/02 14:20:34 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/12/02 14:20:34 | 002,519,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/12/02 14:20:34 | 001,881,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/12/02 14:20:34 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012/12/02 14:20:34 | 001,510,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012/12/02 14:20:34 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/12/02 14:20:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/12/02 14:20:34 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/12/02 14:20:34 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012/12/02 14:20:34 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/12/02 14:20:34 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/12/02 14:20:34 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012/12/02 14:20:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012/12/02 14:20:34 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/12/02 14:20:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012/12/02 14:20:34 | 000,180,048 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFProc64.dll
[2012/12/02 14:20:34 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/12/02 14:20:34 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012/12/02 14:20:34 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/12/02 14:20:34 | 000,098,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2012/12/02 14:20:34 | 000,086,352 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFComm64.dll
[2012/12/02 14:20:34 | 000,083,792 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFSAPO64.dll
[2012/12/02 14:20:34 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFHAPO64.dll
[2012/12/02 14:20:34 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFDAPO64.dll
[2012/12/02 14:20:34 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012/12/02 14:20:34 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012/12/02 14:20:34 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/12/02 14:20:34 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012/12/02 14:20:33 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012/12/02 14:20:33 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012/12/02 14:20:32 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/12/02 14:20:32 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012/12/02 14:20:32 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012/12/02 14:20:32 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012/12/02 14:20:32 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012/12/02 14:20:32 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012/12/02 14:20:32 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012/12/02 14:20:32 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012/12/02 14:20:32 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012/12/02 14:20:32 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012/12/02 14:20:32 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012/12/02 14:20:32 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012/12/02 14:20:32 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/12/02 14:20:32 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/12/02 14:20:32 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012/12/02 14:20:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/12/02 14:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/12/02 14:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012/12/02 14:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/12/02 14:19:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2012/12/02 14:19:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2012/12/02 14:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2012/12/02 14:18:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2012/12/02 14:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2012/12/02 14:18:18 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2012/12/02 14:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Fresco Logic
[2012/12/02 14:17:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/12/02 14:17:55 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/12/02 14:17:54 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/12/02 14:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/12/02 14:17:34 | 006,200,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/12/02 14:17:34 | 003,293,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/12/02 14:17:34 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012/12/02 14:17:34 | 000,866,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2012/12/02 14:17:34 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/12/02 14:17:34 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/12/02 14:17:34 | 000,055,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2012/12/02 14:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/12/02 14:17:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/12/02 14:17:08 | 001,760,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/12/02 14:17:08 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012/12/02 14:17:08 | 000,973,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/12/02 14:17:08 | 000,371,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoptimusmft.dll
[2012/12/02 14:17:08 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012/12/02 14:17:08 | 000,330,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoptimusmft.dll
[2012/12/02 14:17:08 | 000,301,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012/12/02 14:17:08 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/12/02 14:17:08 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/12/02 14:17:07 | 002,731,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/12/02 14:17:07 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/12/02 14:17:07 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/12/02 14:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/12/02 14:16:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/12/02 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/12/02 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012/12/02 14:16:13 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/12/02 14:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/12/02 14:16:09 | 000,000,000 | ---D | C] -- C:\Intel
[2012/12/02 14:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2012/12/02 14:13:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2012/12/02 14:11:25 | 000,000,000 | ---D | C] -- C:\Windows\softwaredistribution.bak
[2012/12/02 14:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2012/12/02 14:07:54 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/12/02 13:11:38 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/12/02 13:11:38 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/12/02 13:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/12/02 13:11:37 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/12/02 13:11:37 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/12/02 13:11:37 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/12/02 13:11:32 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/12/02 13:11:32 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/12/02 13:11:12 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/12/02 13:11:12 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/12/02 13:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/12/02 13:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/12/02 12:53:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/12/02 12:53:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/12/02 12:52:57 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/12/02 12:52:57 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/12/02 12:52:56 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/12/02 12:52:56 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/12/02 12:43:45 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\ElevatedDiagnostics
[2012/12/02 12:43:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/12/02 12:22:46 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/12/02 12:22:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/12/02 12:21:19 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Mozilla
[2012/12/02 12:21:19 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Mozilla
[2012/12/02 12:21:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/12/02 12:21:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/12/02 12:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/12/02 12:17:47 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Macromedia
[2012/12/02 12:17:46 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Adobe
[2012/12/02 12:13:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/12/02 12:13:07 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/12/02 12:13:06 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/12/02 12:13:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/12/02 12:13:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/12/02 12:13:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/12/02 12:13:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/12/02 12:13:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/12/02 12:13:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/12/02 12:13:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/12/02 12:13:05 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/12/02 12:13:05 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/12/02 12:13:05 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/12/02 12:13:05 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/12/02 12:13:05 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/12/02 12:08:22 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/12/02 12:08:22 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/12/02 12:08:22 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/12/02 12:08:22 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/12/02 12:03:30 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/12/02 12:03:30 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/12/02 11:48:40 | 000,000,000 | ---D | C] -- C:\Portable Snagit 8.0.2
[2012/12/02 11:48:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\GHISLER
[2012/12/02 11:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy CD-DA Extractor 9.1
[2012/12/02 11:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy CD-DA Extractor 9
[2012/12/02 11:43:33 | 000,000,000 | ---D | C] -- C:\Windows\Easy CD-DA Extractor
[2012/12/02 11:36:18 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Zeon
[2012/12/02 11:28:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Reader
[2012/12/02 11:24:48 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/12/02 11:24:48 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/12/02 11:21:32 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/12/02 11:21:32 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/12/02 11:21:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/12/02 11:21:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/12/02 11:21:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/12/02 11:21:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/12/02 11:21:31 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/12/02 11:21:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/12/02 11:21:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/12/02 11:21:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/12/02 11:21:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/12/02 11:21:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/12/02 11:21:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/12/02 11:21:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/12/02 11:21:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/12/02 11:21:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/12/02 11:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/12/02 11:21:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/12/02 11:20:54 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/12/02 11:20:54 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/12/02 11:20:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/12/02 11:19:23 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/12/02 11:19:23 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/12/02 11:19:23 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/12/02 11:19:23 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/12/02 11:18:36 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/12/02 11:18:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/12/02 11:18:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/12/02 11:17:05 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2012/12/02 11:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2012/12/02 11:16:55 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\Pcdlib32.dll
[2012/12/02 11:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ACDSee32
[2012/12/02 11:16:17 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/12/02 11:15:50 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/12/02 11:15:49 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/12/02 11:15:49 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/12/02 11:15:49 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/12/02 11:15:06 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/12/02 11:15:06 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/12/02 11:15:06 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/12/02 11:15:06 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/12/02 11:15:06 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/12/02 11:15:06 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/12/02 11:15:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/12/02 11:15:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/12/02 11:15:01 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/12/02 11:14:59 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/12/02 11:14:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/12/02 11:14:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/12/02 11:14:57 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/12/02 11:14:57 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/12/02 11:14:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/12/02 11:14:54 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/12/02 11:14:54 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/12/02 11:14:53 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/12/02 11:14:53 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/12/02 11:14:52 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/12/02 11:14:52 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/12/02 11:14:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/12/02 11:14:51 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/12/02 11:14:51 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/12/02 11:14:51 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/12/02 11:14:51 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/12/02 11:14:50 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/12/02 11:14:50 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/12/02 11:14:50 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/12/02 11:14:49 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/12/02 11:14:48 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/12/02 11:14:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/12/02 11:14:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/12/02 11:14:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/12/02 11:14:47 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/12/02 11:14:47 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/12/02 11:14:46 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/12/02 11:14:46 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/12/02 11:14:46 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/12/02 11:14:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/12/02 11:14:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012/12/02 11:13:14 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/12/02 11:13:14 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/12/02 11:13:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/12/02 11:13:13 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/12/02 11:13:12 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/12/02 11:11:10 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\ASUS WebStorage
[2012/12/02 11:09:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/12/02 11:09:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/12/02 11:07:53 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/12/02 11:07:53 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/12/02 11:02:32 | 002,770,944 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/12/02 11:00:53 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/12/02 11:00:53 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/12/02 11:00:52 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/12/02 11:00:44 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/12/02 11:00:44 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/12/02 11:00:43 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/12/02 11:00:37 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/12/02 11:00:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/12/02 10:50:58 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Power2Go
[2012/12/02 10:49:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\BMExplorer
[2012/12/02 10:49:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\Documents\Bluetooth Folder
[2012/12/02 10:49:29 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Atheros
[2012/12/02 10:48:28 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/12/02 10:48:28 | 000,000,000 | R--D | C] -- C:\Users\Pati\Searches
[2012/12/02 10:48:28 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/12/02 10:48:21 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Identities
[2012/12/02 10:48:19 | 000,000,000 | R--D | C] -- C:\Users\Pati\Contacts
[2012/12/02 10:48:04 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\ASUS
[2012/12/02 10:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/12/02 10:47:47 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\VirtualStore
[2012/12/02 10:47:38 | 000,000,000 | --SD | C] -- C:\Users\Pati\AppData\Roaming\Microsoft
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Videos
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Saved Games
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Pictures
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Music
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Links
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Favorites
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Downloads
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Documents
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Desktop
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\SendTo
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Reciente
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Plantillas
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Documents\Mis vídeos
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Documents\Mis imágenes
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Mis documentos
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Documents\Mi música
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Menú Inicio
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Impresoras
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\AppData\Local\Historial
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Entorno de red
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Datos de programa
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\AppData\Local\Datos de programa
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Cookies
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Configuración local
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\AppData\Local\Archivos temporales de Internet
[2012/12/02 10:47:38 | 000,000,000 | -H-D | C] -- C:\Users\Pati\AppData
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Temp
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Microsoft
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Media Center Programs
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic

========== Files - Modified Within 30 Days ==========

[2012/12/11 11:41:59 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/11 11:41:59 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/11 11:17:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/11 09:52:33 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Pati\Desktop\tdsskiller.exe
[2012/12/11 09:46:00 | 005,011,065 | ---- | M] (Swearware) -- C:\Users\Pati\Desktop\ComboFix.exe
[2012/12/11 09:18:43 | 000,003,656 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/12/11 09:18:16 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/12/11 09:17:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/11 09:17:39 | 2609,688,574 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/10 19:14:44 | 000,061,440 | ---- | M] ( ) -- C:\Users\Pati\Desktop\VEW.exe
[2012/12/10 19:12:33 | 002,712,200 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Pati\Desktop\procexp.exe
[2012/12/10 14:55:19 | 000,001,079 | ---- | M] () -- C:\Users\Pati\Desktop\Kaspersky Security Scan.lnk
[2012/12/10 13:37:59 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012/12/10 09:06:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pati\Desktop\OTL.exe
[2012/12/08 18:13:49 | 000,001,738 | ---- | M] () -- C:\Users\Pati\Desktop\PeerBlock.lnk
[2012/12/08 16:19:11 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2012/12/08 14:01:22 | 001,701,346 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/08 14:01:22 | 000,756,898 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012/12/08 14:01:22 | 000,663,560 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/08 14:01:22 | 000,161,706 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012/12/08 14:01:22 | 000,124,832 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/06 09:29:55 | 000,001,368 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/12/06 01:16:24 | 000,001,081 | ---- | M] () -- C:\Users\Pati\Desktop\SpywareBlaster.lnk
[2012/12/05 19:12:58 | 000,002,514 | ---- | M] () -- C:\Users\Pati\Desktop\Windows 7 USB DVD Download Tool.lnk
[2012/12/05 19:05:01 | 000,001,085 | ---- | M] () -- C:\Users\Pati\Desktop\Phenomenon. La Ciudad del Cian_.exe - Acceso directo.lnk
[2012/12/05 19:04:52 | 000,002,008 | ---- | M] () -- C:\Users\Pati\Desktop\jugar amazingadventuresthecaribbeansecrettm.exe - Acceso directo.lnk
[2012/12/05 14:42:49 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012/12/05 14:20:19 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/04 22:40:53 | 000,007,626 | ---- | M] () -- C:\Users\Pati\AppData\Local\Resmon.ResmonCfg
[2012/12/04 20:29:30 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/12/04 20:29:30 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/12/04 18:24:44 | 3252,027,392 | R--- | M] () -- C:\X17-58859.iso
[2012/12/04 15:55:53 | 000,001,860 | ---- | M] () -- C:\Users\Pati\Desktop\burningstudio8.lnk
[2012/12/04 15:37:18 | 000,001,864 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2012/12/04 15:15:50 | 000,001,124 | ---- | M] () -- C:\Users\Pati\Desktop\7zFM.exe - Acceso directo.lnk
[2012/12/04 13:58:35 | 000,000,893 | ---- | M] () -- C:\Users\Pati\Desktop\Amazing Bubbles 3D Screensaver.lnk
[2012/12/04 13:17:25 | 000,002,140 | ---- | M] () -- C:\Users\Pati\Desktop\IrfanViewPortable.lnk
[2012/12/04 13:14:30 | 000,001,819 | ---- | M] () -- C:\Users\Pati\Desktop\ACDSee 32.lnk
[2012/12/04 01:23:55 | 000,001,598 | ---- | M] () -- C:\Users\Pati\Desktop\JDownloader.lnk
[2012/12/04 01:15:12 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/12/04 01:15:11 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/12/04 01:15:11 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/12/04 01:15:11 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/12/04 01:15:11 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/12/04 01:15:11 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/12/03 23:37:39 | 000,000,616 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent 2.2.1.lnk
[2012/12/03 20:17:27 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/12/03 20:17:27 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/12/02 23:22:46 | 000,001,929 | ---- | M] () -- C:\Users\Pati\Desktop\KMPlayer.lnk
[2012/12/02 19:33:58 | 000,000,272 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012/12/02 19:32:17 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012/12/02 19:32:13 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012/12/02 19:32:13 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012/12/02 19:08:20 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/02 18:23:28 | 000,001,511 | ---- | M] () -- C:\Users\Pati\Desktop\Total Commander.lnk
[2012/12/02 17:28:45 | 000,000,959 | ---- | M] () -- C:\Users\Pati\Desktop\CD Catalog Expert.lnk
[2012/12/02 15:44:46 | 000,001,160 | ---- | M] () -- C:\Users\Pati\Desktop\IPE - Acceso directo.lnk
[2012/12/02 14:44:14 | 000,192,264 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/12/02 14:44:14 | 000,192,264 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/12/02 14:43:27 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2012/12/02 14:40:35 | 000,000,945 | ---- | M] () -- C:\Users\Pati\Desktop\SolSuite.lnk
[2012/12/02 14:32:59 | 000,285,280 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys
[2012/12/02 14:32:57 | 001,263,200 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm273.sys
[2012/12/02 14:32:55 | 000,970,336 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2012/12/02 14:32:52 | 000,277,088 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2012/12/02 14:32:47 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
[2012/12/02 14:32:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_N53SM_V20_WIN7.MRK
[2012/12/02 14:29:37 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2012/12/02 14:23:46 | 000,001,065 | ---- | M] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
[2012/12/02 14:23:33 | 000,000,716 | ---- | M] () -- C:\Users\Public\Desktop\eManual.Lnk
[2012/12/02 14:22:45 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\Windows\SysWow64\ASUS_Screensaver.scr
[2012/12/02 14:22:43 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
[2012/12/02 14:20:20 | 000,019,194 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012/12/02 14:18:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf
[2012/12/02 14:15:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2012/12/02 14:14:27 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin
[2012/12/02 14:14:27 | 000,001,242 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x01.dfu
[2012/12/02 14:14:27 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x02.dfu
[2012/12/02 14:14:27 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40.dfu
[2012/12/02 14:14:27 | 000,001,198 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26.dfu
[2012/12/02 13:11:38 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/12/02 13:11:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/12/02 12:36:22 | 000,358,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/02 12:28:01 | 004,465,036 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/12/02 12:21:14 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/02 11:49:22 | 000,001,285 | ---- | M] () -- C:\Users\Pati\Desktop\SnagIt32.lnk
[2012/12/02 11:43:34 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2012/12/02 11:01:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SM.alu
[2012/12/02 10:47:16 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini

========== Files Created - No Company Name ==========

[2012/12/10 19:14:43 | 000,061,440 | ---- | C] ( ) -- C:\Users\Pati\Desktop\VEW.exe
[2012/12/10 14:55:24 | 000,001,079 | ---- | C] () -- C:\Users\Pati\Desktop\Kaspersky Security Scan.lnk
[2012/12/10 13:37:59 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012/12/08 18:13:49 | 000,001,738 | ---- | C] () -- C:\Users\Pati\Desktop\PeerBlock.lnk
[2012/12/08 16:19:11 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2012/12/06 01:16:24 | 000,001,081 | ---- | C] () -- C:\Users\Pati\Desktop\SpywareBlaster.lnk
[2012/12/05 19:12:58 | 000,002,514 | ---- | C] () -- C:\Users\Pati\Desktop\Windows 7 USB DVD Download Tool.lnk
[2012/12/05 19:05:01 | 000,001,085 | ---- | C] () -- C:\Users\Pati\Desktop\Phenomenon. La Ciudad del Cian_.exe - Acceso directo.lnk
[2012/12/05 19:04:52 | 000,002,008 | ---- | C] () -- C:\Users\Pati\Desktop\jugar amazingadventuresthecaribbeansecrettm.exe - Acceso directo.lnk
[2012/12/05 14:42:49 | 000,002,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012/12/05 14:42:49 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012/12/05 14:20:19 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/04 22:40:53 | 000,007,626 | ---- | C] () -- C:\Users\Pati\AppData\Local\Resmon.ResmonCfg
[2012/12/04 20:28:32 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/12/04 20:28:32 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/12/04 15:55:53 | 000,001,860 | ---- | C] () -- C:\Users\Pati\Desktop\burningstudio8.lnk
[2012/12/04 15:37:18 | 000,001,864 | ---- | C] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2012/12/04 15:17:32 | 3252,027,392 | R--- | C] () -- C:\X17-58859.iso
[2012/12/04 15:15:50 | 000,001,124 | ---- | C] () -- C:\Users\Pati\Desktop\7zFM.exe - Acceso directo.lnk
[2012/12/04 13:58:35 | 001,122,304 | ---- | C] () -- C:\Windows\SysWow64\Amazing_Bubbles_3D.scr
[2012/12/04 13:58:35 | 000,000,893 | ---- | C] () -- C:\Users\Pati\Desktop\Amazing Bubbles 3D Screensaver.lnk
[2012/12/04 13:58:35 | 000,000,081 | ---- | C] () -- C:\Windows\amazing-bubbles-3D-homepage.url
[2012/12/04 12:10:04 | 000,000,046 | ---- | C] () -- C:\Windows\rixane-screensavers.url
[2012/12/04 01:23:55 | 000,001,598 | ---- | C] () -- C:\Users\Pati\Desktop\JDownloader.lnk
[2012/12/04 01:23:49 | 000,001,562 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012/12/04 01:23:49 | 000,001,506 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012/12/04 01:23:49 | 000,001,485 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012/12/03 23:37:39 | 000,000,616 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent 2.2.1.lnk
[2012/12/03 19:49:20 | 000,000,838 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/02 23:28:27 | 000,002,140 | ---- | C] () -- C:\Users\Pati\Desktop\IrfanViewPortable.lnk
[2012/12/02 19:33:58 | 000,000,272 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012/12/02 19:32:17 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012/12/02 19:08:20 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/02 17:28:45 | 000,000,959 | ---- | C] () -- C:\Users\Pati\Desktop\CD Catalog Expert.lnk
[2012/12/02 16:53:35 | 000,072,448 | ---- | C] () -- C:\Windows\SysWow64\MYICONS.DLL
[2012/12/02 15:44:46 | 000,001,160 | ---- | C] () -- C:\Users\Pati\Desktop\IPE - Acceso directo.lnk
[2012/12/02 14:43:27 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2012/12/02 14:40:35 | 000,000,957 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite.lnk
[2012/12/02 14:40:35 | 000,000,945 | ---- | C] () -- C:\Users\Pati\Desktop\SolSuite.lnk
[2012/12/02 14:32:47 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
[2012/12/02 14:32:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_N53SM_V20_WIN7.MRK
[2012/12/02 14:32:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/12/02 14:23:33 | 000,000,716 | ---- | C] () -- C:\Users\Public\Desktop\eManual.Lnk
[2012/12/02 14:22:55 | 000,003,656 | ---- | C] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/12/02 14:22:55 | 000,001,368 | ---- | C] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/12/02 14:22:55 | 000,000,105 | ---- | C] () -- C:\Windows\SysNative\FastBoot.ini
[2012/12/02 14:22:55 | 000,000,080 | ---- | C] () -- C:\Windows\SysNative\Defrag.ini
[2012/12/02 14:22:55 | 000,000,052 | ---- | C] () -- C:\Windows\SysNative\RemoveFont.ini
[2012/12/02 14:22:55 | 000,000,015 | ---- | C] () -- C:\Windows\SysNative\BootTime.ini
[2012/12/02 14:22:36 | 000,003,116 | ---- | C] () -- C:\Windows\SysNative\wimfltr.inf
[2012/12/02 14:22:00 | 000,001,929 | ---- | C] () -- C:\Users\Pati\Desktop\KMPlayer.lnk
[2012/12/02 14:21:56 | 000,443,274 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2012/12/02 14:21:56 | 000,068,275 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2012/12/02 14:21:35 | 000,001,083 | ---- | C] () -- C:\setup.iss
[2012/12/02 14:21:02 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012/12/02 14:20:20 | 000,019,194 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012/12/02 14:18:19 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2012/12/02 14:18:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf
[2012/12/02 14:18:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/12/02 14:17:34 | 003,536,817 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/12/02 14:17:08 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/12/02 14:15:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2012/12/02 14:07:55 | 2609,688,574 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/02 13:11:38 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/12/02 13:11:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/12/02 12:22:46 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/02 12:21:14 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/12/02 12:21:14 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/02 12:08:22 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/02 11:49:22 | 000,001,285 | ---- | C] () -- C:\Users\Pati\Desktop\SnagIt32.lnk
[2012/12/02 11:43:34 | 000,002,004 | ---- | C] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2012/12/02 11:17:05 | 000,001,819 | ---- | C] () -- C:\Users\Pati\Desktop\ACDSee 32.lnk
[2012/12/02 11:14:40 | 000,001,511 | ---- | C] () -- C:\Users\Pati\Desktop\Total Commander.lnk
[2012/12/02 11:01:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SM.alu
[2012/12/02 10:49:34 | 000,001,065 | ---- | C] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
[2012/12/02 10:49:21 | 000,001,395 | ---- | C] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/12/02 10:48:35 | 000,001,429 | ---- | C] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2011/11/03 09:46:43 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/11/03 09:46:40 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/11/03 09:46:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/10/18 01:17:57 | 004,465,036 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/02 14:57:27 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Acronis
[2012/12/02 18:55:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Ashampoo
[2012/12/02 11:11:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\ASUS WebStorage
[2012/12/04 15:46:43 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\mkvtoolnix
[2012/12/05 19:56:33 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\QuickScan
[2012/12/11 00:10:20 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\SolSuite
[2012/12/07 22:08:31 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\SSW
[2012/12/04 00:02:51 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\uTorrent
[2012/12/02 11:36:18 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Zeon

========== Purity Check ==========



========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST9750420AS
Partitions: 2
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 25,00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 674,00GB
Starting Offset: 26844594176
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012/12/02 14:57:27 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Acronis
[2012/12/02 12:17:46 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Adobe
[2012/12/02 18:55:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Ashampoo
[2012/12/02 11:11:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\ASUS WebStorage
[2012/12/02 14:54:03 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Atheros
[2012/12/02 14:26:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\CyberLink
[2012/12/02 10:48:21 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Identities
[2012/12/02 12:17:47 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Macromedia
[2012/12/05 14:20:39 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Malwarebytes
[2009/07/14 04:44:38 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Media Center Programs
[2012/12/05 19:12:58 | 000,000,000 | --SD | M] -- C:\Users\Pati\AppData\Roaming\Microsoft
[2012/12/04 15:46:43 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\mkvtoolnix
[2012/12/02 12:21:27 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Mozilla
[2012/12/05 19:56:33 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\QuickScan
[2012/12/11 00:10:20 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\SolSuite
[2012/12/07 22:08:31 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\SSW
[2012/12/04 00:02:51 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\uTorrent
[2012/12/04 18:24:45 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\WinRAR
[2012/12/02 11:36:18 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Zeon

< MD5 for: ATAPI.SYS >
[2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2004/08/03 18:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\compartida\Patricia\backup drivers de mi anterior XP\Canal IDE principal\atapi.sys
[2004/08/03 18:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\compartida\Patricia\backup drivers de mi anterior XP\Canal IDE secundario\atapi.sys

< MD5 for: CSRSS.EXE >
[2009/07/13 22:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/13 22:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/10/18 00:40:45 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/10/18 00:40:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 22:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/10/18 00:40:45 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/10/18 00:40:45 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/10/18 00:40:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Make_PE3\PE3_mod\WIN7_add\amd64\Windows\explorer.exe
[2011/10/18 00:40:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/10/18 00:40:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/10/18 00:40:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 09:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/11/21 14:08:56 | 003,039,744 | ---- | M] (Microsoft Corporation) MD5=61174E79C6F5D6A7DE13F0791AD531C1 -- C:\recuperacion\Ultimate Windows Customizer\Tools\explorer.exe
[2008/03/26 15:40:00 | 000,188,928 | ---- | M] (Boa Software) MD5=7AB49E271927AF205197A9B4541FB9B5 -- C:\Make_PE3\PE3_mod\PE3_add\amd64\Program Files (x86)\BSExplorer\explorer.exe
[2008/03/26 15:40:00 | 000,188,928 | ---- | M] (Boa Software) MD5=7AB49E271927AF205197A9B4541FB9B5 -- C:\Make_PE3\PE3_mod\PE3_add\ia64\Program Files (x86)\BSExplorer\explorer.exe
[2008/03/26 15:40:00 | 000,188,928 | ---- | M] (Boa Software) MD5=7AB49E271927AF205197A9B4541FB9B5 -- C:\Make_PE3\PE3_mod\PE3_add\x86\Program Files\BSExplorer\explorer.exe
[2008/03/26 15:40:00 | 000,188,928 | ---- | M] (Boa Software) MD5=7AB49E271927AF205197A9B4541FB9B5 -- C:\Make_PE3\PE3_mod\PE3_add\x86_min\Program Files\BSExplorer\explorer.exe
[2011/10/18 00:40:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/10/18 00:40:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 10:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/07/13 22:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011/10/18 00:40:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2012/11/13 14:07:52 | 003,906,584 | ---- | M] (Safer-Networking Ltd.) MD5=E4A0900CF535888DDD85B10040CA3E34 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2009/07/13 22:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
[2010/11/20 10:27:12 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\SysNative\mswsock.dll
[2010/11/20 10:27:12 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2010/11/20 09:19:58 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Make_PE3\PE3_mod\WIN7_add\amd64\Windows\SysWow64\mswsock.dll
[2010/11/20 09:19:58 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SysWOW64\mswsock.dll
[2010/11/20 09:19:58 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
[2009/07/13 22:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2009/07/13 22:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/13 22:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/13 22:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\SysNative\NapiNSP.dll
[2009/07/13 22:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2009/07/13 22:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_cdcf91c058fc0e07\nlaapi.dll
[2012/01/13 04:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\SysWOW64\nlaapi.dll
[2012/01/13 04:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_cfca9d84561311f2\nlaapi.dll
[2010/11/20 09:20:32 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
[2012/10/03 13:29:27 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=11B8C7970C10650827D060AA81BEE63F -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_d07f52216f10753a\nlaapi.dll
[2010/11/20 10:27:24 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
[2012/10/03 14:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\SysNative\nlaapi.dll
[2012/10/03 14:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_c575f33221b24ff7\nlaapi.dll
[2009/07/13 22:41:52 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=86E3822A34D454032D8E88C72AE8CF2D -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_c37ae76e249b4c0c\nlaapi.dll
[2012/10/03 14:32:48 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=C98BCE54F31113D5E736C1097FD086DC -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_c62aa7cf3aafb33f\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2009/07/13 22:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/13 22:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/13 22:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\SysNative\pnrpnsp.dll
[2009/07/13 22:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll

< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/13 22:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\SysNative\PrintIsolationHost.exe
[2009/07/13 22:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Make_PE3\PE3_mod\WIN7_add\amd64\Windows\SysWow64\svchost.exe
[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 22:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 22:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 09:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 09:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 22:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 22:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 10:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 10:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 10:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 10:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 22:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009/07/13 22:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Make_PE3\PE3_mod\WIN7_add\amd64\Windows\System32\winrnr.dll
[2009/07/13 22:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\SysNative\winrnr.dll
[2009/07/13 22:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/13 22:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Make_PE3\PE3_mod\WIN7_add\amd64\Windows\SysWow64\winrnr.dll
[2009/07/13 22:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/13 22:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2009/07/13 22:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/13 22:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/13 22:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/13 22:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/03/28 20:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/03/28 20:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/03/28 20:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/10/08 05:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/10/08 05:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/03/28 20:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/03/28 20:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/03/28 20:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/10/08 05:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/10/08 05:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >


OTL Extras


OTL Extras logfile created on: 11/12/2012 11:43:54 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pati\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

13,91 Gb Total Physical Memory | 10,94 Gb Available Physical Memory | 78,64% Memory free
27,81 Gb Paging File | 24,85 Gb Available in Paging File | 89,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673,63 Gb Total Space | 556,44 Gb Free Space | 82,60% Space Free | Partition Type: NTFS

Computer Name: AS-PC | User Name: Pati | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [!ezcddaxa] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\convert.exe" "%1" ()
Directory [!ezcddaxb] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\burn.exe" "%1" ()
Directory [!ezcddaxc] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\burn2.exe" "%1" ()
Directory [Browse with ACDSee] -- C:\Program Files (x86)\ACDSee32\ACDSee32.exe "%1" (ACD Systems, Ltd.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [!ezcddaxa] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\convert.exe" "%1" ()
Directory [!ezcddaxb] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\burn.exe" "%1" ()
Directory [!ezcddaxc] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\burn2.exe" "%1" ()
Directory [Browse with ACDSee] -- C:\Program Files (x86)\ACDSee32\ACDSee32.exe "%1" (ACD Systems, Ltd.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024EEA64-8643-4FAA-9F00-9566CAAC616C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{07A99DB6-FEB6-432B-8B6A-F700E24B99BC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{080534B7-630B-45EA-A6D2-86A6B47998B3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E173E55-32CA-46BC-91D4-1F21F2121FAF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{13C9294B-AAB7-4153-96DA-9C5E1563C95A}" = lport=445 | protocol=6 | dir=in | app=system |
"{28AC576E-4E6D-4C2D-A301-7B4A2E20CD5D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{42E4D0F8-9078-484A-95F1-DBC425DDF013}" = rport=445 | protocol=6 | dir=out | app=system |
"{52175624-7E3B-4B34-8F89-C3FB5F7B4B2D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52591004-973C-408D-AB52-E2EFC9759AC7}" = lport=139 | protocol=6 | dir=in | app=system |
"{5A6A2B11-632F-43E7-8111-433D3DA72ED6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6E93499A-7311-49D9-B1FD-6AB258ED908B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8112B3F3-D51F-401F-980B-AE858C6DE540}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8B9AE995-116D-478E-AE33-30E98C6E2CE9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9C844C59-8D9D-4680-AE47-5CFEFA89D465}" = rport=137 | protocol=17 | dir=out | app=system |
"{B4FED2C4-3196-41B6-8A90-39CD961AB2B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B808CC6D-352C-41FB-B885-6F5BEE565F0E}" = lport=138 | protocol=17 | dir=in | app=system |
"{C032DF9B-A8EB-462E-804D-F9CEA66AD631}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C1392BBD-0B1E-497C-91B7-B219FC8B60EA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C74CB7A8-7BBC-4A31-86F5-03E15B84A7CC}" = lport=137 | protocol=17 | dir=in | app=system |
"{E54E09B8-6585-40C8-9F2E-1F36FB79C5EA}" = rport=138 | protocol=17 | dir=out | app=system |
"{EFDE411F-D0AF-4331-98C8-625AEC235BB1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F1C3E909-19A2-4A13-9284-721D2B7BC942}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F8FD9760-1AA8-4E72-8C96-911DDAF90CE0}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04B43622-B695-4177-B106-078F52C7A669}" = protocol=1 | dir=out | [email protected],-28544 |
"{07FBF696-47F2-428B-BF2D-03DBCB6A8314}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0BA1DF8D-748B-4E8D-BB48-5AA575CFC1C1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0DD33D1F-52DA-44F4-AB22-C7B5293C6A00}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{195329F7-49B7-47FA-BF4D-5FC738502C34}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1B9E6A9B-ADFC-4E3C-A94D-2F89F7837B11}" = protocol=6 | dir=in | app=c:\utorrent 2.2.1\utorrent.exe |
"{2F3AE42A-6A89-4AAA-9E0F-931CEDB6D183}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37C1ED74-FE1E-4E25-9C59-42141588DCFE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{59C5723D-2024-4F38-A54D-EC80EA0E75EE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D35B4B5-6F4B-42BD-8C04-4A773CB9CCEA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{611ECEB5-5C53-4AAB-A9CA-11C0ADE8E713}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65616801-6C93-463B-AAB3-46A5DBB0F4A1}" = protocol=1 | dir=in | [email protected],-28543 |
"{6663EB01-F5B6-435F-8A10-BD3207192DB9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{77C73DD5-D272-4802-8B62-9057CF1EDA50}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{7C4AD716-F6D9-4AAA-A8A3-1E5D258AAEBE}" = protocol=17 | dir=in | app=c:\utorrent 2.2.1\utorrent.exe |
"{7CCF7B3D-FEBE-4E97-8B28-49071C4A42C6}" = protocol=58 | dir=in | [email protected],-28545 |
"{8195AD7A-C4EB-4E87-8AB6-437B00904B1C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{88FA2ED2-B7E2-43E0-A1CB-8C3BBDAE2729}" = protocol=58 | dir=out | [email protected],-28546 |
"{91B7F724-C3EF-4EE2-9E8A-3AC484A74E07}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{9311E0C9-43C4-48F1-BFA3-46CC37CA7E24}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{94EAF6BE-AB07-407D-B860-AD37C0474C10}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A6038932-DBEA-45B8-98FA-1B3B1DCB93C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8CB22FC-7290-4204-8E66-BA60DDA938E5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BF0F0FA6-8F7E-48A5-B40A-3F1AD3E9A295}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CD61D8F9-806C-4310-9BA9-5672E4A77718}" = protocol=6 | dir=out | app=system |
"{CFC1E08B-4C49-4063-8B89-B8B681942D4C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D27248F6-A72D-4A3D-8298-C483DD5C12C5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{01E66AC4-B28B-494C-993D-3CD17020BEBC}" = Fresco Logic USB3.0 Host Controller
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid
"{3CE222BA-66A6-4D18-BEE9-5D21C5798C3E}" = Windows Live Family Safety
"{3D7F836A-AE1F-4FA6-8DB9-4FE06697AB0A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DDCFF78-6F91-438C-9567-C5CAA9D7F56C}" = Windows Live Family Safety
"{749BE6FF-815E-4F36-901B-7AC301B50330}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel de control de NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Controlador de gráficos 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software del sistema PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Actualización de NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E62381A7-B1C1-4121-8262-84D38C77786C}" = COMODO Internet Security
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.16_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0E1FE502-7536-4155-BBC6-7BE8E465DE08}" = Firebird SQL Server - MAGIX Edition
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{46EA439E-2D16-49B6-AA80-00DE992FE7CE}" = Microsoft Windows Debugging Symbols
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68ADAEAA-DABD-45C1-9CC2-F995407549CD}" = Microsoft Windows Debugging Symbols
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DD47370C-E0F1-407F-9DB0-3FF98907F1BC}" = ASUS Music Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"5513-1208-7298-9440" = JDownloader 0.9
"ACDSee 32" = ACDSee 32
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazing Bubbles 3D_is1" = Amazing Bubbles 3D 1.4
"AmUStor" = Alcor Micro USB Card Reader
"Ashampoo Burning Studio 8_is1" = Ashampoo Burning Studio 8.09
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"avast" = avast! Free Antivirus
"CD Catalog Expert_is1" = CD Catalog Expert 9.23.7.1025
"Comodo Dragon" = Comodo Dragon
"Easy CD-DA Extractor 9.1.3" = Easy CD-DA Extractor 9.1.3
"Foxit Reader_is1" = Foxit Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"MAGIX_MSI_mm17_silver_asus" = ASUS Music Maker
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versión 1.65.1.1000
"MKVToolNix" = MKVToolNix 5.8.0
"Mozilla Firefox 17.0.1 (x86 es-AR)" = Mozilla Firefox 17.0.1 (x86 es-AR)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SolSuite" = SolSuite
"SpywareBlaster_is1" = SpywareBlaster 4.6
"The KMPlayer" = The KMPlayer (remove only)
"Total Commander 7.55" = Total Commander 7.55
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = Compresor WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"b42df5509af5850e" = SSW Diagnostics 5.52

========== Last 20 Event Log Errors ==========

[ Spybot - Search and Destroy Events ]
Error - 05/12/2012 14:11:33 | Computer Name = As-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions


< End of report >


Thank you for taking your time helping me.

Edited by Paty, 11 December 2012 - 09:53 AM.

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
It's common for our tools to be detected as dangerous which is why we tellyou to turn off your antivirus when downloading Combofix but my aswMBR script was in error. aswMBR has been updated since the script was written and is now 4.51 MB. I downloaded aswMBR just now and checked it and it's OK even though it got 7/44 detections on virustotal. 2 from McAfee which detects all of our tools as viruses but never seems to detect a real virus. Symantec, Panda, Trend, Panda, Ahn, Norman. Please try it and combofix now. (I've heard that the second combofix link in my script has not been updated so just use the first)

Please go back into MSCONFIG and check anything you have turned off.

I think you should uninstall:

Kaspersky Security Scan (Does not need to stay resident)
µTorrent (P2P program dangerous to have and can use a lot of CPU)
Spybot - Search & Destroy (Causing errors for some reason)
COMODO Internet Security (If you must use a firewall try the free Online Armor http://www.online-ar...-armor-free.php Less of a load on your CPU.)
Intel® Management Engine Components (This is a remote control option used by the IT departments of large corporations - if this is a home PC there is no need for it)

We can clean up a few things with OTL:

Copy the text in the code box by highlighting and Ctrl + c


:OTL
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4 - HKCU..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk = File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found

:Commands
[EMPTYTEMP]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.
It appears that Old Timer is now hiding the log in c:\_OTL\MovedFiles\12112012-some number.log.


Let's see what SFC is unhappy about:

Copy the next two line:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\cbs.log\junk.txt 
notepad \windows\logs\cbs\cbs.log\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator,

Continue. Right click and Paste or Edit then Paste and the copied lines should appear.
Hit Enter. If this works, notepad should open. Copy the text from notepad and paste it into a reply.
  • 0

Advertisements


#11
Paty

Paty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
I hope you are right about these tools being safe, I sweat blood while I ran them.


aswMBR log

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-11 22:12:28
-----------------------------
22:12:28.512 OS Version: Windows x64 6.1.7601 Service Pack 1
22:12:28.512 Number of processors: 8 586 0x2A07
22:12:28.512 ComputerName: AS-PC UserName: Pati
22:12:29.947 Initialize success
22:12:30.025 AVAST engine defs: 12121101
22:13:19.290 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:13:19.306 Disk 0 Vendor: ST975042 0002 Size: 715404MB BusType: 3
22:13:19.337 Disk 0 MBR read successfully
22:13:19.337 Disk 0 MBR scan
22:13:19.353 Disk 0 Windows 7 default MBR code
22:13:19.353 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
22:13:19.384 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 689802 MB offset 52430848
22:13:19.415 Disk 0 scanning C:\Windows\system32\drivers
22:13:26.139 Service scanning
22:13:40.288 Modules scanning
22:13:44.484 AVAST engine scan C:\Windows
22:13:47.105 AVAST engine scan C:\Windows\system32
22:15:23.716 AVAST engine scan C:\Windows\system32\drivers
22:15:33.107 AVAST engine scan C:\Users\Pati
22:16:29.158 AVAST engine scan C:\ProgramData
22:17:19.827 Scan finished successfully
22:18:36.595 Disk 0 MBR has been saved successfully to "C:\compartida\MBR.dat"
22:18:36.595 The log file has been saved successfully to "C:\compartida\aswMBR 11-12-12.txt"


------------------------------------------------------------------------------------------------------


Combofix log


ComboFix 12-12-10.01 - Pati 11/12/2012 22:55:23.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.54.3082.18.14241.11472 [GMT -3:00]
Running from: c:\users\Pati\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\juegos
c:\juegos\Amazing Adventures - The Caribbean Secret Deluxe(Listo para juga)\AmazingAdventures3.z
c:\juegos\Amazing Adventures - The Caribbean Secret Deluxe(Listo para juga)\amazingadventuresthecaribbeansecrettm.dll
c:\juegos\Amazing Adventures - The Caribbean Secret Deluxe(Listo para juga)\bass.dll
c:\juegos\Amazing Adventures - The Caribbean Secret Deluxe(Listo para juga)\gf.dll
c:\juegos\Amazing Adventures - The Caribbean Secret Deluxe(Listo para juga)\jugar amazingadventuresthecaribbeansecrettm.exe
c:\juegos\Amazing Adventures - The Caribbean Secret Deluxe(Listo para juga)\readme.html
c:\juegos\Amazing Adventures - The Caribbean Secret Deluxe(Listo para juga)\zlib1.dll
c:\juegos\desktop.ini
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\bass.dll
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\d3dx9_33.dll
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\01_offscreen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\02_offscreen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\03_offscreen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\04_offscreen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\05_offscreen_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\06_offscreen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\07_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\08_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\09_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\10_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\100_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\101_father.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\102_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\103_father.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\104_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\105_father.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\106_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\107_commander_eve.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\108_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\109_commander_eve.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\11_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\110_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\111_commander_eve.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\112_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\113_commander_eve.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\114_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\115_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\116_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\117_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\118_father.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\119_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\12_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\120_father.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\121_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\122_father.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\123_offscreen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\124_offscreen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\125_offscreen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\13_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\14_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\15_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\16_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\17_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\18_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\19_phantom1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\20_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\21_phantom1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\22_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\23_phantom1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\24_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\25_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\26_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\27_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\28_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\29_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\30_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\31_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\32_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\33_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\34_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\35_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\36_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\37_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\38_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\39_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\40_commander_eve.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\41_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\42_commander_eve.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\43_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\44_commander_eve.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\45_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\46_phantom2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\47_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\48_phantom2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\49_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\50_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\51_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\52_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\53_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\54_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\55_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\56_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\57_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\58_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\59_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\60_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\61_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\62_oldman.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\63_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\64_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\65_phantom3_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\66_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\67_phantom3_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\68_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\69_phantom3_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\70_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\71_phantom3.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\72_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\73_mummy_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\74_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\75_mummy_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\76_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\77_mummy_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\78_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\79_mummy_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\80_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\81_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\82_mummy_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\83_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\84_mummy_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\85_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\86_phantom3_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\87_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\88_phantom3_v1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\89_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\90_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\91_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\92_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\93_father.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\94_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\95_father.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\96_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\97_father.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\98_monica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\99_father.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\AllLua.luac
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\envDrone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\envJungle.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\envRiver.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\envSea.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\envSmallRiver.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\envWFall.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\envWFallSmall.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\envWind.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\EvaGoRoad_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\EvaGoRoad_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Game title.txt
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\hoClickItem.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\hoClickNone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\hoDoneClouds.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\hoHint.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\hoItemArrived.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\hoMoveClouds.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\hoMoveReality.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iBookChange.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iBookClose.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iBookOpen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iBtnClick.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iBtnOver.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iGetPodveska.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iHint.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iHintAltruist.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iHintReady.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iLogoAppearing.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iMapClose.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iMapOpen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iPodveskaArrived.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iPutPodveska.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\iTitleHeartBeat.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mBeeingPhotoAppear.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mBeeingProectorDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mBeeingProectorFlash.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mBeeingProectorUp.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mCulonActivating.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mDambExpl.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mDelta.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mEmptyColb.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mFantomAppearing.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mFantomAttack.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mFantomCollapsed.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mFantomPreAttack.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mFinal.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgAshPutVesy.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgBulk_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgBulk_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgChashaOnGorelka.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgDone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgGlassTable.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgGorelka_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgGorelka_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgHoloActivating.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgHoloButtonOn.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgHoloClick.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgHoloLightOn.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgHoloNewQuestion.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgKaplja.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgLopatkaFromVesy.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgLuchGetDisc.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgLuchPutDisc.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgLuchPutDiscs.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgMoveStone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgMusicBox.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgOpenMost.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgOpenPlazmaDoor.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgOpenVorota.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgPlazmaGetSophit.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgPlazmaPutSophit.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgPlazmaPutSophites.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgPodnozhieGetFlower.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgPodnozhieGetStone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgPodnozhiePutFlower.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgPodnozhiePutStone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgPopugaj.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgPutGlass.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgPutGorelka.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgReshetkaPut.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgSelectStone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgSkipReady.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgStruzhkaToStupka.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgStupka.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgTearsGetIt.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgTearsPutIt.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgTearsZaslonka.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgTechButton.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgTechDone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgTechSlider.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgTechTumbler.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgVesyStruzhka.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mgWaterGlass.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mManAppear.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mMenAttack.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mMenEyes.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mMenGetWater.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Movie01_1_6.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Movie01_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Movie01_3_4.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPodveska1Appearing.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreCulonOn.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreLabExpl.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreLabShum.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreLabShumBig.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreLabStart.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreLabStartClick.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreLabStartOn.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreLabWave.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreLabWaveShort.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreLabWrong.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreMapOpen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreMonicaCulonAct.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreMonicaEnv.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreMonicaStep1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreMonicaStep2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreMonicaStep3.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreMonicaStep4.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreMonicaWakeUp.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreMonicaWalk.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPrePlazmaAttack.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPrePlazmaAttackMonica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPrePlazmaDone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPrePlazmaDoneW1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPrePlazmaDoneW2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPrePlazmaStart.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPrePlazmaWorking.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreStreetExpl.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mPreStreetScream.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\mSarkofagEnv.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Music1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Music2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Music3.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\MusicDrone1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\MusicDrone2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\MusicTitle.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qAmphora.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qArbaletVystrel.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qArphaDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qBagromSet.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qBalloon.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qBrezentPanelMove.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qBrezentToFlowers.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qBridgeDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qBridgeKeyRotate.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qBridgeUp.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qBrokenpart.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qBusyClock.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qChainKrutitsja_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qChainKrutitsja_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qChainKrutitsja_3.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qCloseVentil_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qCloseVentil_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qCoinsBoardActivated.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qCoinsConditionDone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qDambaShtiriUp.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qDoorLiftOpen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qEagleCall_1_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qEagleCall_1_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qEagleCall_4.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qEagleCall_6.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qEagleWings_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qEagleWings_4.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qEayEagle.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qFillKotelok.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qFixatorAct.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qFreezWater.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qFunikuler.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qFunikuler_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGamakDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGearKrutjatsja_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGearKrutjatsja_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGetItem.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGetItemPanel.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGetManisto.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGrotLightOn.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGrotRotateGears.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGuardKopiom.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGuardPanelDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qGuardUpKnife.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qHandUp_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qHandUp_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qHitIce.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qhoCutByKnife.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qhoSandLopata.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qInsertVase.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qIstochnikRotate.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qIstochnikStart.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qItemArrived.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qKalitkaOpen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qKletkaOpen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qKletkaOpen_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qKolesoPoezda_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qKolesoPoezda_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qLenty.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qLiftWeel.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qLopataKop.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qLuchOpenPanel.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qLuchPutMirror.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qLuchPutPrizma.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qLustraDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMagnitOpen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMapPicePutRight.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMapPieceGet.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMapPiecePut.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMapQuest1Activated.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMehanizmCharge.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMeshokDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMetalFall.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMetalStvory.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMolotokStuk.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qMoveCoinsLine.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qNapilnikUse.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qOpenDoorFinish.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qOpenLightPanel.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qOpenWoodDoor.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qOpenZamok.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qParGo.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPetardaGorit.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPetarduZazhigaem_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPetarduZazhigaem_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoBreakBox.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoChestDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoCloseChest.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoFirePaper.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoKeyAppear.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoLebedkaInPlace.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoLopataSand.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoMoveChest.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoMoveChestCant.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoOpenBox.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoOpenChest.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoOpenChestRuler.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoOpenLighter.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoPutDoski.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoPutRuchka.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPhotoUmbrella.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPlatokVeter.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPlazmaOpen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPlazmaRuchkaCant.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPlazmaRuchkaDone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPlazmaRuchkaMove.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPlitaDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPlitaUp.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPushLightButton.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutArpha.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutAsh.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutBusy.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutCoinsOnBoard.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutCoinToBoard.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutFixator.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutIzumrud.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutKnifeGuard.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutKopioGuard.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutLestnica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutLestnica_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutNone.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutNoseActivateTechCode.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutPetarda.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutPic.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutTears.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutUkrashenie.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qPutWindZmei.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qQuvaldaStuk.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qRubimLianu.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qRubimVerevku.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qRuneOpenPortal.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qRunePlantAppear.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qRunePutIt.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qRuneWallDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qSculptureMove.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qShieldSand.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qShkatulkaOpen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qShtyriDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qTakeGire.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qTakeVedro.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qThrowToKotelok.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qTrainLestnica_1.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qTrainLestnica_2.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qTrainOpen.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qTumanIn.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qVerevochnajaLestnica.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qWaterDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qWaterOn.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\qWindowDown.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\stepCarpet.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\stepGrass.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\stepGravel.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\stepWood.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\1610.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\1610_.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\169.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\169_.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\43.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\43_.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\54.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\54_.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\54_2.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Book.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages02.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages03.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages04.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages05.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages06.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages07.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages08.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages09.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages10.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages11.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages12.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages13.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages14.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages15.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages16.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages17.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages18.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages19.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages20.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages21.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages22.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages23.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages24.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages25.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages26.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages27.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages28.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages29.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages30.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages31.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages32.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages33.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages34.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages35.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages36.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages37.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages38.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages39.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages40.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages41.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages42.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages43.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages44.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages45.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages46.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages47.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages48.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages49.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages50.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages51.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages52.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages53.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages54.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages55.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages56.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages57.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages58.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages59.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages60.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages61.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages62.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages63.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\bookpages64.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\credits.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\cursor.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\cursors.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\GentiumBasic22.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\GentiumBasic22Black.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\GentiumBasic29.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\GentiumBasic29Black.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\HOPictures.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\interface.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\InterfaceEffects.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\KozukaGothicProL.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\kriptih.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\LabArial14.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\LabBookAntiqua23.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\LabUnicode.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Listya.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Logo.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\map.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_2.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_2_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_3.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_3_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_4.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_4_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_5.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_5_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_6.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie01_6_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie02_OldMen1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie02_OldMen1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie02_OldMen102.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie03_OldMen2.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie03_OldMen2_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie04_Fantom.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie04_Fantom_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie05_OldMen3.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie05_OldMen3_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie06_OldMen4.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie06_OldMen4_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie06_OldMen402.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie07_Beeing.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie07_Beeing_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie08_Fantom2.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie08_Fantom2_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie09_OldMen5.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie09_OldMen5_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie10_Fantom3.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie10_Fantom3_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie11_Mummy.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie11_Mummy_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie12_Fantom31.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie12_Fantom31_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie13_Delta.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie13_Delta_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie14_Father.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie14_Father_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie15_Beeing2.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie15_Beeing2_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie16_Letter.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie16_Letter_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie17_Father2.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie17_Father2_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie18_Final.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie18_Final_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Movie18_Final02_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Particles.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel10.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel11.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel12.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel13.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel14.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel15.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel16.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel17.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel2.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel3.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel302.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel4.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel5.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel6.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel7.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel8.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\PicturesOnPanel9.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\Podveski.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_begin.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_begin_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_begin_mg.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_begin_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_begin1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_begin1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_base.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_base_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_base_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_base_mg_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_base_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_belowright.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_belowright_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_belowright_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_belowright_mg_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_damburst.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_damburst_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_damburst1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_damburst1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_eagle.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_eagle_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_headleft.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_headleft_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_headright.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_headright_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_paraplan.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_paraplan_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_path.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_path_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_pathgamak1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bell_pathgamak1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_control.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_control_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_control02_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_gate.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_gate_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_gate_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_gate_mg_grey_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_gate_mg_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_gate1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_gate1_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_ladder.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_bridge_ladder_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_cave_grotto.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_cave_grotto_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_cave_light.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_cave_light_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_cave_light_kapsuly.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_cave_light_kapsuly_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_cave_niche1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_cave_niche1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_arbor.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_arbor_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_arbor_mg.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_arbor_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_guardian.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_guardian_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_guardian_mg.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_guardian_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_left.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_left_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_right.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_right_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_right_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_right_mg_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_square.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_square_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_square_mg.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_square_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_square_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_square_png2.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_square1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_square1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_way.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_city_way_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_coast_bench.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_coast_bench_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_dam_spillway.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_dam_spillway_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_dam_spillway1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_dam_spillway1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_dam_top.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_dam_top_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_dam_top_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_dam_top_mg_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_bridge.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_bridge_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_japangarden_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_japangarden_mg_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_japanhouse.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_japanhouse_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_japanhouse_popugai_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_japanhouse_popugai_mg_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_japanhouse1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_japanhouse1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_lokomotiv.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_lokomotiv_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_lokomotiv_lab_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_lokomotiv_lab_mg_png.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_lokomotiv1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_lokomotiv1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_path.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_forest_path_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_ladder_pepel_mg.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_ladder_pepel_mg_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_tower_hall.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_tower_hall_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_ballon.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_ballon_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_ballon_mg.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_ballon1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_ballon1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_billiard.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_billiard_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_billiard1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_billiard1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_corridor.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_corridor_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_hall.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_hall_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_library.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_library_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_library1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_library1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_nursery1.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\s_villa_nursery1_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide_s_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide02_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide03_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide04_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide05_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide06_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide07_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide08_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide09_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide10_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide11_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\StrategyGuide12_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\title.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\title1024_768.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\title1024_768_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\title1280_1024.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\title1280_1024_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\title1280_800.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\title1280_800_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\title1366_768.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\title1366_768_.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\WindowGroup.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\Textures\WindowGroup2.png
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\data\ZvukKolokola_4.ogg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\LEEME_licencia.txt
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\lua5.1.dll
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\Phenomenon. La Ciudad del Cian_.exe
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\Requisitos del Sistema.txt
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\Splash\splash_800x600.jpg
c:\juegos\Phenomenon - La Ciudad del Cian(Listo para jugar)\Splash\Thumbs.db
c:\windows\AsPatch10430001.exe
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-11-12 to 2012-12-12 )))))))))))))))))))))))))))))))
.
.
2012-12-12 02:01 . 2012-12-12 02:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-12 01:34 . 2012-12-12 01:34 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EED12386-8884-4271-9826-52890E6776EF}\offreg.dll
2012-12-12 00:55 . 2012-11-14 05:59 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-12-11 22:04 . 2012-11-05 21:35 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-11 22:04 . 2012-11-05 20:41 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-11 22:04 . 2012-11-05 20:32 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-11 22:04 . 2012-11-05 20:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-11 22:04 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-11 22:04 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-11 22:04 . 2012-11-19 04:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EED12386-8884-4271-9826-52890E6776EF}\mpengine.dll
2012-12-11 22:04 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-10 17:54 . 2012-12-10 17:54 -------- d-----w- c:\programdata\Kaspersky Lab
2012-12-10 17:54 . 2012-12-10 17:54 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2012-12-10 16:37 . 2012-12-10 16:37 -------- d-----w- c:\program files\COMODO
2012-12-10 16:35 . 2012-12-10 16:39 -------- d-----w- c:\programdata\Comodo
2012-12-10 16:31 . 2012-12-10 16:31 -------- d-----w- c:\programdata\CPA_VA
2012-12-08 21:13 . 2012-12-10 19:17 -------- d-----w- c:\program files\PeerBlock
2012-12-08 19:19 . 2012-12-08 19:19 -------- d-----w- c:\program files (x86)\Foxit Software
2012-12-08 18:21 . 2012-12-08 18:21 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-12-08 14:23 . 2012-12-08 14:23 -------- d-----w- c:\windows\CheckSur
2012-12-08 13:16 . 2012-12-08 13:19 -------- d-----w- C:\Symbols
2012-12-06 04:16 . 2012-12-06 04:24 -------- d-----w- c:\program files (x86)\SpywareBlaster
2012-12-06 04:16 . 2010-01-10 22:40 118784 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2012-12-05 20:26 . 2012-12-06 16:36 -------- d-----w- C:\Make_PE3
2012-12-05 17:42 . 2012-12-05 18:40 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-05 17:42 . 2012-12-12 01:44 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2012-12-05 17:20 . 2012-12-05 17:20 -------- d-----w- c:\programdata\Malwarebytes
2012-12-05 17:20 . 2012-12-05 17:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-05 17:20 . 2012-09-29 22:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-04 23:55 . 2012-10-08 14:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-12-04 23:55 . 2012-10-08 14:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-12-04 23:55 . 2012-10-08 14:42 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-12-04 23:36 . 2012-12-05 02:36 -------- d-----w- C:\prueba
2012-12-04 18:37 . 2012-12-04 18:37 -------- d-----w- c:\program files (x86)\MKVToolNix
2012-12-04 18:13 . 2012-12-04 18:13 -------- d-----w- c:\program files\7-Zip
2012-12-04 16:58 . 2012-02-18 23:35 1122304 ----a-w- c:\windows\SysWow64\Amazing_Bubbles_3D.scr
2012-12-04 04:19 . 2012-12-04 14:53 -------- d-----w- C:\JDownloader
2012-12-04 04:15 . 2012-12-04 04:15 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-12-04 04:15 . 2012-12-04 04:15 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-04 04:15 . 2012-12-04 04:15 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-04 04:15 . 2012-12-04 04:15 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-04 04:15 . 2012-12-04 04:15 -------- d-----w- c:\program files (x86)\Java
2012-12-04 02:40 . 2012-12-10 15:47 -------- d-----w- C:\descargas
2012-12-04 02:37 . 2012-12-10 11:43 -------- d-----w- C:\uTorrent 2.2.1
2012-12-03 22:49 . 2012-12-12 00:17 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-03 22:49 . 2012-12-12 00:17 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-03 22:49 . 2012-12-03 22:49 -------- d-----w- c:\windows\system32\Macromed
2012-12-03 02:00 . 2012-12-04 16:12 -------- d-----w- C:\iconos sistema
2012-12-03 01:58 . 2012-12-04 16:58 -------- d-----w- c:\windows\Amazing Bubbles 3D
2012-12-02 22:32 . 2012-12-02 22:32 -------- d-----w- c:\program files (x86)\Comodo
2012-12-02 22:32 . 2012-12-02 22:32 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-12-02 22:32 . 2012-12-02 22:32 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-12-02 22:08 . 2012-12-02 22:08 -------- d-----w- c:\program files\CCleaner
2012-12-02 21:54 . 2012-12-02 21:54 -------- d-----w- c:\programdata\ashampoo
2012-12-02 21:54 . 2012-12-02 21:54 -------- d-----w- c:\program files (x86)\Ashampoo
2012-12-02 21:27 . 2012-12-02 21:27 -------- d-----w- c:\program files (x86)\[bleep] NFO Viewer
2012-12-02 20:28 . 2012-12-02 21:07 -------- d-----w- c:\program files (x86)\CD Catalog Expert
2012-12-02 19:53 . 2000-12-13 04:00 72448 ----a-w- c:\windows\SysWow64\MYICONS.DLL
2012-12-02 19:49 . 2012-12-02 19:49 -------- d-----w- C:\Archivos de programa
2012-12-02 19:46 . 2004-08-19 13:43 393216 ----a-w- c:\windows\SysWow64\ssflwbox.scr
2012-12-02 19:46 . 2004-08-19 13:43 14848 ----a-w- c:\windows\SysWow64\ssstars.scr
2012-12-02 19:46 . 2004-08-19 13:43 19968 ----a-w- c:\windows\SysWow64\ssbezier.scr
2012-12-02 18:34 . 2012-12-08 17:43 -------- d-----w- C:\recuperacion
2012-12-02 18:07 . 2012-12-02 17:23 -------- d-----w- C:\eSupport
2012-12-02 18:05 . 2012-12-02 17:41 -------- d-----w- C:\WIMAPPLY
2012-12-02 17:40 . 2012-12-02 17:41 -------- d-----w- c:\program files (x86)\SolSuite
2012-12-02 17:32 . 2012-12-02 17:32 285280 ----a-w- c:\windows\system32\drivers\afcdp.sys
2012-12-02 17:32 . 2012-12-02 17:32 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2012-12-02 17:32 . 2012-12-02 17:32 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2012-12-02 17:32 . 2012-12-02 17:32 277088 ----a-w- c:\windows\system32\drivers\snapman.sys
2012-12-02 17:32 . 2012-12-02 17:32 -------- d-----w- c:\program files (x86)\Acronis
2012-12-02 17:32 . 2012-12-02 17:32 -------- d-----w- c:\program files (x86)\Common Files\Acronis
2012-12-02 17:32 . 2012-12-02 17:32 -------- d-----w- c:\programdata\USBChargerPlus
2012-12-02 17:32 . 2012-12-11 12:18 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-12-02 17:29 . 2012-12-02 17:29 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-12-02 17:29 . 2012-12-02 17:29 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-12-02 17:29 . 2012-12-02 17:29 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-12-02 17:25 . 2012-12-02 17:33 -------- d-----w- c:\program files (x86)\CyberLink
2012-12-02 17:25 . 2012-12-02 17:26 -------- d-----w- c:\programdata\CyberLink
2012-12-02 17:24 . 2012-12-02 17:41 -------- d-----w- C:\ExpressGateUtil
2012-12-02 17:23 . 2012-12-02 17:23 -------- d-----w- c:\program files\Intel
2012-12-02 17:23 . 2012-12-02 17:23 -------- d-----w- c:\program files (x86)\ASUS Music Maker
2012-12-02 17:23 . 2012-12-02 17:23 -------- d-----w- c:\programdata\ASUS Music Maker
2012-12-02 17:23 . 2012-12-02 17:23 -------- d-----w- c:\programdata\MAGIX
2012-12-02 17:23 . 2012-12-02 17:23 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Services
2012-12-02 17:22 . 2011-09-20 17:56 16768 ----a-w- c:\windows\system32\drivers\AiCharger.sys
2012-12-02 17:22 . 2012-12-02 17:22 -------- d-----w- c:\program files\ASUS
2012-12-02 17:22 . 2011-01-25 22:11 379520 ----a-w- c:\windows\system32\FBAgent.exe
2012-12-02 17:22 . 2012-12-02 17:22 520192 ----a-w- c:\windows\SysWow64\ASUS_Screensaver.scr
2012-12-02 17:22 . 2012-12-02 17:22 -------- d-----w- c:\windows\SysWow64\ASUS_Screensaver dir
2012-12-02 17:22 . 2012-12-02 17:22 3058304 ----a-w- c:\windows\AsScrPro.exe
2012-12-02 17:22 . 2011-05-30 21:48 155648 ----a-w- c:\windows\SysWow64\ACEngSvr.exe
2012-12-02 17:22 . 2012-12-02 17:32 -------- d-----w- c:\program files\P4G
2012-12-02 17:22 . 2012-12-02 17:22 -------- d-----w- c:\programdata\P4G
2012-12-02 17:22 . 2010-08-03 23:30 196224 ----a-w- c:\program files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll
2012-12-02 17:21 . 2012-12-02 17:22 -------- d-----w- c:\program files (x86)\Qualcomm Atheros WiFi Driver Installation
2012-12-02 17:21 . 2011-08-31 07:42 2769920 ----a-w- c:\windows\system32\athrx.sys
2012-12-02 17:21 . 2012-12-04 19:31 -------- d-----w- c:\program files (x86)\The KMPlayer
2012-12-02 17:21 . 2012-12-02 17:21 -------- d-----w- c:\programdata\Qualcomm Atheros
2012-12-02 17:21 . 2011-02-16 09:11 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-12-02 17:21 . 2011-02-16 09:11 428136 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-12-02 17:21 . 2011-02-16 09:11 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-12-02 17:19 . 2012-12-05 02:59 -------- d-----w- c:\windows\SysWow64\NV
2012-12-02 17:19 . 2012-12-05 02:59 -------- d-----w- c:\windows\system32\NV
2012-12-02 17:18 . 2012-12-02 17:18 -------- d-----w- c:\programdata\AmUStor
2012-12-02 17:18 . 2012-12-02 17:18 -------- d-----w- c:\program files (x86)\AmIcoSingLun
2012-12-02 17:18 . 2012-12-02 17:18 -------- d-----w- c:\program files\Elantech
2012-12-02 17:18 . 2012-12-02 17:18 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2012-12-02 17:18 . 2012-12-02 17:18 -------- d-----w- c:\program files\Fresco Logic
2012-12-02 17:18 . 2010-12-21 02:08 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2012-12-02 17:16 . 2012-12-02 17:16 -------- d-----w- c:\program files\Common Files\Intel
2012-12-02 17:16 . 2012-12-02 17:16 -------- d-----w- c:\program files (x86)\Common Files\Intel
2012-12-02 17:16 . 2012-12-02 15:08 -------- d-----w- c:\program files (x86)\Intel
2012-12-02 17:16 . 2010-12-23 14:09 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-12-02 17:16 . 2012-12-02 17:16 -------- d-----w- C:\Intel
2012-12-02 17:13 . 2012-12-02 17:13 -------- d-----w- c:\program files (x86)\Common Files\Atheros
2012-12-02 17:13 . 2012-12-02 17:14 -------- d-----w- c:\program files (x86)\Bluetooth Suite
2012-12-02 17:11 . 2012-12-02 13:59 -------- d-----w- c:\windows\softwaredistribution.bak
2012-12-02 16:11 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-02 16:11 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-02 16:11 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-02 16:11 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-02 16:11 . 2012-10-15 15:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-12-02 16:11 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-12-02 16:11 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-08 02:38 . 2012-11-08 02:38 94288 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-11-08 02:38 . 2012-11-08 02:38 38144 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-08 02:38 . 2012-11-08 02:38 584056 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-08 02:37 . 2012-11-08 02:37 22736 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-08 02:37 . 2012-11-08 02:37 41240 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-08 02:37 . 2012-11-08 02:37 301264 ----a-w- c:\windows\SysWow64\guard32.dll
2012-11-08 02:37 . 2012-11-08 02:37 390392 ----a-w- c:\windows\system32\guard64.dll
2012-10-16 08:38 . 2012-12-02 14:17 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-02 14:17 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-02 14:17 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 05:22 . 2012-10-10 05:22 80384 ----a-w- c:\windows\system32\igdde64.dll
2012-10-10 05:22 . 2012-10-10 05:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-10-10 05:22 . 2012-10-10 05:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll
2012-10-10 05:22 . 2012-10-10 05:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-10-10 05:22 . 2012-10-10 05:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe
2012-10-10 05:22 . 2012-10-10 05:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2012-10-10 05:22 . 2012-10-10 05:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-10-10 05:22 . 2012-10-10 05:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-10-10 05:22 . 2012-10-10 05:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-10-10 05:22 . 2012-10-10 05:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-10-10 05:22 . 2012-10-10 05:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-10-10 05:22 . 2012-10-10 05:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-10-10 05:22 . 2012-10-10 05:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-10-10 05:22 . 2012-10-10 05:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-10-10 05:22 . 2012-10-10 05:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-10-10 05:22 . 2011-11-03 12:46 12836864 ----a-w- c:\windows\system32\igd10umd64.dll
2012-10-10 05:22 . 2011-11-03 12:46 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-10-10 05:22 . 2012-10-10 05:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-10-10 05:22 . 2011-11-03 12:46 12604416 ----a-w- c:\windows\system32\igdumd64.dll
2012-10-10 05:22 . 2012-10-10 05:22 441888 ----a-w- c:\windows\system32\igfxpers.exe
2012-10-10 05:22 . 2012-10-10 05:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-10-10 05:22 . 2012-10-10 05:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-10-10 05:22 . 2012-10-10 05:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-10-10 05:22 . 2012-10-10 05:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-10-10 05:22 . 2012-10-10 05:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-10 05:22 . 2012-10-10 05:22 441856 ----a-w- c:\windows\system32\igfxdev.dll
2012-10-10 05:22 . 2012-10-10 05:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-10-10 05:22 . 2012-10-10 05:22 399392 ----a-w- c:\windows\system32\hkcmd.exe
2012-10-10 05:22 . 2012-10-10 05:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin
2012-10-10 05:22 . 2012-10-10 05:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-10-10 05:22 . 2012-10-10 05:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll
2012-10-10 05:22 . 2011-11-03 12:46 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-10 05:22 . 2011-11-03 12:46 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-10-10 05:22 . 2012-10-10 05:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-10-10 05:22 . 2012-10-10 05:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-10-10 05:22 . 2012-10-10 05:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-10-10 05:22 . 2012-10-10 05:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-10-10 05:22 . 2012-10-10 05:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-10-10 05:22 . 2012-10-10 05:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-10-10 05:22 . 2012-10-10 05:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-10-10 05:22 . 2012-10-10 05:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-10-10 05:22 . 2012-10-10 05:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-10 05:22 . 2012-10-10 05:22 185376 ----a-w- c:\windows\system32\difx64.exe
2012-10-10 05:22 . 2012-10-10 05:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-10-10 05:22 . 2012-10-10 05:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll
2012-10-10 05:22 . 2012-10-10 05:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-10-10 05:22 . 2012-10-10 05:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-10-10 05:22 . 2012-10-10 05:22 171040 ----a-w- c:\windows\system32\igfxtray.exe
2012-10-10 05:22 . 2012-10-10 05:22 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-10-10 05:22 . 2012-10-10 05:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-10 05:22 . 2012-10-10 05:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-10-10 05:22 . 2012-10-10 05:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-10-10 05:22 . 2012-10-10 05:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-10-10 05:22 . 2012-10-10 05:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-10-10 05:22 . 2012-10-10 05:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-10-10 05:22 . 2012-10-10 05:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-10-10 05:22 . 2012-10-10 05:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-10-10 05:22 . 2012-10-10 05:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-10-10 05:22 . 2012-10-10 05:22 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-10-10 05:22 . 2012-10-10 05:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin
2012-10-10 05:22 . 2012-10-10 05:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2012-10-10 05:22 . 2011-11-03 12:46 386048 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-10 05:22 . 2012-10-10 05:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll
2012-10-10 05:22 . 2012-10-10 05:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-10-10 05:22 . 2012-10-10 05:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-10-10 05:22 . 2012-10-10 05:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-10-10 05:22 . 2012-10-10 05:22 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-10-10 05:22 . 2012-10-10 05:22 252448 ----a-w- c:\windows\system32\igfxext.exe
2012-10-10 05:22 . 2012-10-10 05:22 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-10-10 05:22 . 2012-10-10 05:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-10-10 05:22 . 2012-10-10 05:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-10-10 05:22 . 2012-10-10 05:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-10-08 14:42 . 2012-10-08 14:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-08 14:42 . 2012-10-08 14:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-08 14:42 . 2012-10-08 14:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-08 14:42 . 2012-10-08 14:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-08 14:42 . 2012-10-08 14:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-08 14:42 . 2012-10-08 14:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-08 14:42 . 2012-10-08 14:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-08 14:42 . 2012-10-08 14:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-10-08 14:42 . 2012-10-08 14:42 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-08 14:42 . 2012-10-08 14:42 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-08 14:42 . 2012-10-08 14:42 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-08 14:42 . 2012-10-08 14:42 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-08 14:42 . 2012-10-08 14:42 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-08 14:42 . 2012-10-08 14:42 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-08 14:42 . 2012-10-08 14:42 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-08 14:42 . 2012-10-08 14:42 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-08 14:42 . 2012-10-08 14:42 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-08 14:42 . 2012-10-08 14:42 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"KSS"="c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" [2012-04-25 202296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-10-18 3331312]
"FLxHCIm64"="c:\program files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [2011-10-17 47616]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-13 2317312]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel® Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-02 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2012-12-02 1263200]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-11-08 584056]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
S2 afcdpsrv;Servicio Acronis Nonstop Backup;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-12-02 3246040]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-08-02 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-08-02 103584]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-01-14 1839616]
S2 KSS;Servicio de Kaspersky Security Scan;c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-04-25 202296]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-10-31 83336]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-12-02 285280]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-09-20 16768]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-08-02 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-08-02 330912]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-08-02 110240]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-08-02 30368]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-08-02 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-08-02 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-08-02 280992]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-08-02 511136]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-10-17 202496]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-10-17 69888]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-03 00:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-08-02 961184]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-08-02 798880]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-09-19 2278504]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-08 9577680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\guard64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 200.49.130.23 200.49.130.22
FF - ProfilePath - c:\users\Pati\AppData\Roaming\Mozilla\Firefox\Profiles\myodazhg.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://ar.search.yahoo.com/search?fr=ytff-comodo&p=
FF - ExtSQL: 2012-11-20 21:42; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Pati\AppData\Roaming\Mozilla\Firefox\Profiles\myodazhg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2012-11-22 23:27; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Pati\AppData\Roaming\Mozilla\Firefox\Profiles\myodazhg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2012-12-01 18:38; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Pati\AppData\Roaming\Mozilla\Firefox\Profiles\myodazhg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2012-12-02 12:27; {4BBDD651-70CF-4821-84F8-2B918CF89CA3}; c:\users\Pati\AppData\Roaming\Mozilla\Firefox\Profiles\myodazhg.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF - ExtSQL: 2012-12-02 13:02; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Pati\AppData\Roaming\Mozilla\Firefox\Profiles\myodazhg.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2012-12-02 16:13; [email protected]; c:\users\Pati\AppData\Roaming\Mozilla\Firefox\Profiles\myodazhg.default\extensions\[email protected]
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-11 23:03:15
ComboFix-quarantined-files.txt 2012-12-12 02:03
.
Pre-Run: 596.623.343.616 bytes libres
Post-Run: 596.784.668.672 bytes libres
.
- - End Of File - - 0E700472FE7E92229FCBC598737B8FB6


-------------------------------------------------------------


- Kaspersky Security Scan is uninstalled
- Spybot - Search & Destroy is uninstalled (although this program always probe to be trustworthy)
- I uninstalled COMODO Internet Security and install just Comodo firewall for the time being, I am already familiar with the settings. Later, I'll read about Armor and try it.
- This "Intel® Management Engine Components", I don't even know what is it. I never installed it. It came with the machine, and in Control Panel the only thing that appears as installed is Intel Turbo Boost Technology Monitor.
- about uTorrent, I would like to keep it. I don't use it very often and I don't download any kind of pirate applications or anything like that. I use it to download books from my library, as they put the books in torrents.


A note: the files AsPatch10430001.exe and ETDCtrl.exe came with the laptop. They are part of the Asus system in the original DVD. It's shocking that Asus put virus in their own machines.



---------------------------------------------------

OTL Repair log


All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IntelTBRunOnce not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KSS not found.
File C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Spybot-S&D Cleaning not found.
File C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe not found.
File move failed. C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Pati
->Temp folder emptied: 5190688 bytes
->Temporary Internet Files folder emptied: 6635360 bytes
->Java cache emptied: 959085 bytes
->FireFox cache emptied: 33405657 bytes
->Flash cache emptied: 1163 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 53055 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 74799 bytes
RecycleBin emptied: 3093 bytes

Total Files Cleaned = 44,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12122012_005326

Files\Folders moved on Reboot...
File\Folder C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk not found!
C:\Users\Pati\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


-------------------------------------------------------------------

sfc


Command Prompt couldn't find the specified path, but I could read the CBS.log. I am not sure if this is what you want. But I paste it below:


CBS.log


2012-12-11 23:36:09, Info CBS Starting TrustedInstaller initialization.
2012-12-11 23:36:09, Info CBS Loaded Servicing Stack v6.1.7601.17592 with Core: C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\cbscore.dll
2012-12-11 23:36:13, Info CSI 00000001@2012/12/12:02:36:12.993 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fef27bf0ad @0x7fef2ad9849 @0x7fef2aa34e3 @0xff72e97c @0xff72d799 @0xff72db2f)
2012-12-11 23:36:15, Info CSI 00000002@2012/12/12:02:36:15.863 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fef27bf0ad @0x7fef2b26816 @0x7fef2af2aac @0x7fef2aa35b9 @0xff72e97c @0xff72d799)
2012-12-11 23:36:15, Info CSI 00000003@2012/12/12:02:36:15.863 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fef27bf0ad @0x7fef1138738 @0x7fef1138866 @0xff72e474 @0xff72d7de @0xff72db2f)
2012-12-11 23:36:15, Info CBS Ending TrustedInstaller initialization.
2012-12-11 23:36:15, Info CBS Starting the TrustedInstaller main loop.
2012-12-11 23:36:15, Info CBS TrustedInstaller service starts successfully.
2012-12-11 23:36:15, Info CBS SQM: Initializing online with Windows opt-in: False
2012-12-11 23:36:15, Info CBS SQM: Cleaning up report files older than 10 days.
2012-12-11 23:36:15, Info CBS SQM: Requesting upload of all unsent reports.
2012-12-11 23:36:17, Info CBS SQM: Failed to start upload with file pattern: C:\Windows\servicing\sqm\*_std.sqm, flags: 0x2 [HRESULT = 0x80004005 - E_FAIL]
2012-12-11 23:36:17, Info CBS SQM: Failed to start standard sample upload. [HRESULT = 0x80004005 - E_FAIL]
2012-12-11 23:36:17, Info CBS SQM: Failed to start upload with file pattern: C:\Windows\servicing\sqm\*_all.sqm, flags: 0x6 [HRESULT = 0x80004005 - E_FAIL]
2012-12-11 23:36:17, Info CBS SQM: Failed to start always sample upload. [HRESULT = 0x80004005 - E_FAIL]
2012-12-11 23:36:17, Info CBS SQM: Warning: Failed to upload all unsent reports. [HRESULT = 0x80004005 - E_FAIL]
2012-12-11 23:36:17, Info CBS No startup processing required, TrustedInstaller service was not set as autostart, or else a reboot is still pending.
2012-12-11 23:36:17, Info CBS NonStart: Checking to ensure startup processing was not required.
2012-12-11 23:36:18, Info CSI 00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0xc4fca0
2012-12-11 23:36:18, Info CSI 00000005 Creating NT transaction (seq 1), objectname [6]"(null)"
2012-12-11 23:36:18, Info CSI 00000006 Created NT transaction (seq 1) result 0x00000000, handle @0x224
2012-12-11 23:36:18, Info CSI 00000007@2012/12/12:02:36:18.390 CSI perf trace:
CSIPERF:TXCOMMIT;928
2012-12-11 23:36:18, Info CBS NonStart: Success, startup processing not required as expected.
2012-12-11 23:36:18, Info CBS Startup processing thread terminated normally
2012-12-11 23:36:18, Info CSI 00000008 CSI Store 4463856 (0x0000000000441cf0) initialized
2012-12-11 23:36:18, Info CBS Session: 30267409_1994409305 initialized by client lpksetup.
2012-12-11 23:36:18, Info CBS Session: 30267409_1994409305 finalized. Reboot required: no [HRESULT = 0x00000000 - S_OK]
2012-12-11 23:36:22, Info CBS Archived backup log: C:\Windows\Logs\CBS\CbsPersist_20121212023609.cab.
2012-12-11 23:39:09, Info CBS Session: 30267409_3701129386 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2739159~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3701441386 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2656356~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3701909387 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2482017~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 80, CurrentState:80
2012-12-11 23:39:09, Info CBS Session: 30267409_3702377388 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2779562~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3705029392 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2563227~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3705185393 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2607047~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 0, CurrentState:0
2012-12-11 23:39:09, Info CBS Session: 30267409_3705653394 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2743555~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3705653395 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2560656~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3705809394 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2658846~31bf3856ad364e35~amd64~~6.1.1.4, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3705809395 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2716513~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-11 23:39:09, Info CBS Session: 30267409_3705809396 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2489256~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 80, CurrentState:0
2012-12-11 23:39:09, Info CBS Session: 30267409_3705809397 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2552343~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3705965394 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2779030~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3705965395 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2620704~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3706121394 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2505438~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3706277395 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2533552~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3706277396 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2763523~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3706589395 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2515325~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3706589396 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2718704~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3706745395 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2479943~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3706901396 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2631813~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3706901397 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2640148~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3706901398 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2547666~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3707213396 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2709981~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3707213397 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2536276~31bf3856ad364e35~amd64~~6.1.2.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3707213398 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2574819~31bf3856ad364e35~amd64~~6.1.1.7, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3707525397 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2585542~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3707681397 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2618451~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3707681398 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2645640~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3707837397 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Microsoft-Windows-WinMan-WinIP-Package-TopLevel~31bf3856ad364e35~amd64~~7.1.7601.16398, ApplicableState: 112, CurrentState:0
2012-12-11 23:39:09, Info CBS Session: 30267409_3708305398 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2544521~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 80, CurrentState:80
2012-12-11 23:39:09, Info CBS Session: 30267409_3709085400 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2719985~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:09, Info CBS Session: 30267409_3709397400 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Session: 30267409_3709553400 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:09, Info CBS Read out cached package applicability for package: Package_for_KB2676562~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:10, Info CBS Session: 30267409_3711737404 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:10, Info CBS Read out cached package applicability for package: Package_for_KB2620712~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:10, Info CBS Session: 30267409_3715325410 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3720629420 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2761465~31bf3856ad364e35~amd64~~9.4.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3720629421 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2660075~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3720629422 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720785420 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720785421 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720785422 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3720785423 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3720785424 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720785425 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720785426 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720941420 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720941421 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720941422 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3720941423 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720941424 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720941425 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720941426 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720941427 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720941428 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3720941429 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721097421 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721097422 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721097423 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721097424 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3721097425 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721097426 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721097427 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721097428 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721097429 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3721253421 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721253422 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721253423 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721253424 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721253425 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721253426 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721253427 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721253428 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721253429 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721409421 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721409422 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721409423 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721409424 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721409425 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721409426 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721409427 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721409428 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721409429 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721565421 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721565422 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721565423 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3721565424 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2511250~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3721565425 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2691442~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3722501423 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2570947~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3722501424 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2685811~31bf3856ad364e35~amd64~~6.1.1.11, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3722969424 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2545698~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3723125424 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2688338~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 80, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3723125425 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2530548~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 80, CurrentState:0
2012-12-11 23:39:11, Info CBS Session: 30267409_3723281424 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2512715~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 0, CurrentState:0
2012-12-11 23:39:11, Info CBS Session: 30267409_3723593425 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2706045~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-11 23:39:11, Info CBS Session: 30267409_3723749425 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2510531~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3723749426 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3723905426 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2724197~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3723905427 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2729452~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3724217426 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2522422~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3724373426 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2703157~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-11 23:39:11, Info CBS Session: 30267409_3724373427 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2506212~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3724373428 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Microsoft-Windows-RDP-WinIP-Package-TopLevel~31bf3856ad364e35~amd64~~7.1.7601.16398, ApplicableState: 112, CurrentState:0
2012-12-11 23:39:11, Info CBS Session: 30267409_3724529427 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2758857~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3725933429 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2719857~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3726089429 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2603229~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3726089430 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2741355~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3726089431 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2536275~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3726089432 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2667402~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3726245430 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2762895~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3726557430 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2753842~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3726557431 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2655992~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 80, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3726557432 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2735855~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3727181431 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB947821~31bf3856ad364e35~amd64~~6.1.25.0, ApplicableState: 112, CurrentState:0
2012-12-11 23:39:11, Info CBS Session: 30267409_3727181432 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2736233~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3727337432 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2719033~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-11 23:39:11, Info CBS Session: 30267409_3727493432 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Read out cached package applicability for package: Package_for_KB2484033~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-11 23:39:11, Info CBS Session: 30267409_3727649432 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3727961433 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728117433 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728117434 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728117435 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728117436 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728273433 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728273434 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728273435 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3728273436 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3728429434 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728429435 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728429436 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728429437 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728585434 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728585435 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3728585436 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728585437 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728585438 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728585439 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728741434 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728741435 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728741436 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728741437 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728741438 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728741439 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728741440 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3728897434 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728897435 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728897436 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728897437 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3728897438 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3728897439 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729053435 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729053436 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729053437 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729053438 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729053439 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729053440 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729053441 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729053442 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729209435 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729209436 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729209437 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729209438 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729209439 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729209440 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729365435 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729365436 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Identity missing version. [HRESULT = 0x80070057 - E_INVALIDARG]
2012-12-11 23:39:11, Error CBS Failed to shred identity: Microsoft-Windows-InternetExplorer-LanguagePack [HRESULT = 0x80070057 - E_INVALIDARG]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729365437 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729365438 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729365439 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729365440 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:11, Info CBS Session: 30267409_3729365441 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:11, Info CBS Session: 30267409_3730301437 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Session: 30267409_3730925438 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2750841~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3731549439 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2686831~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3731705439 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2541014~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3731861440 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2709630~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3731861441 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2621146~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 0, CurrentState:0
2012-12-11 23:39:12, Info CBS Session: 30267409_3731861442 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2601626~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 0, CurrentState:0
2012-12-11 23:39:12, Info CBS Session: 30267409_3731861443 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2509553~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3732017440 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Microsoft-Windows-Security-WindowsActivationTechnologies-Package~31bf3856ad364e35~amd64~~7.1.7600.16395, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3732329440 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2770660~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3732329441 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2749655~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3732797441 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2732059~31bf3856ad364e35~amd64~~6.1.5.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3733109442 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2761465~31bf3856ad364e35~amd64~~10.2.1.0, ApplicableState: 0, CurrentState:0
2012-12-11 23:39:12, Info CBS Session: 30267409_3733421442 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-11 23:39:12, Info CBS Session: 30267409_3733577443 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Session: 30267409_3733889443 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB976932~31bf3856ad364e35~amd64~~6.1.1.17514, ApplicableState: 112, CurrentState:101
2012-12-11 23:39:12, Info CBS Session: 30267409_3735761446 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2604115~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3736073447 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2488113~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3736229447 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2632503~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-11 23:39:12, Info CBS Session: 30267409_3736541448 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2579686~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3736541449 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2544893~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3736541450 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2685939~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3736697448 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2685813~31bf3856ad364e35~amd64~~6.1.1.11, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3737165449 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2690533~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3737165450 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2699779~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3737321449 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2621440~31bf3856ad364e35~amd64~~6.1.1.5, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3737633450 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2732487~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3737789450 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2727528~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3737789451 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2506014~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3737945450 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:12, Info CBS Read out cached package applicability for package: Package_for_KB2564958~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:12, Info CBS Session: 30267409_3738101451 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2661254~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3741377456 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2761217~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3741533457 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2529073~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3741533458 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2659262~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3741533459 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2552343~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3741689457 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2532531~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3742313458 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2653956~31bf3856ad364e35~amd64~~6.1.1.5, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3742625458 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB982018~31bf3856ad364e35~amd64~~6.1.3.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3743561460 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2705219~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3743561461 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2506928~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3743717460 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2732500~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3743717461 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2656411~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3743717462 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2491683~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3743873461 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3743873462 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2656373~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3744029461 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2729094~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3744185461 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2712808~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3744185462 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2511455~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3744341461 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2619339~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3744341462 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2660649~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3744497462 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2698365~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3744653462 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2644615~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3744653463 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2647753~31bf3856ad364e35~amd64~~6.1.4.0, ApplicableState: 112, CurrentState:112
2012-12-11 23:39:13, Info CBS Session: 30267409_3744809462 initialized by client WindowsUpdateAgent.
2012-12-11 23:39:13, Info CBS Read out cached package applicability for package: Package_for_KB2584146~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-11 23:49:14, Info CBS Reboot mark refs incremented to: 1
2012-12-11 23:49:14, Info CBS Scavenge: Starts
2012-12-11 23:49:14, Info CSI 00000009@2012/12/12:02:49:14.364 CSI Transaction @0x1402ce0 initialized for deployment engine {d16d444c-56d8-11d5-882d-0080c847b195} with flags 00000002 and client id [10]"TI6.0_0:0/"

2012-12-11 23:49:14, Info CBS Scavenge: Begin CSI Store
2012-12-11 23:49:14, Info CSI 0000000a Performing 1 operations; 1 are not lock/unlock and follow:
Scavenge (8): flags: 00000017
2012-12-11 23:49:14, Info CSI 0000000b Store coherency cookie matches last scavenge cookie, skipping scavenge.
2012-12-11 23:49:14, Info CSI 0000000c ICSITransaction::Commit calling IStorePendingTransaction::Apply - coldpatching=FALSE applyflags=7
2012-12-11 23:49:14, Info CSI 0000000d Creating NT transaction (seq 2), objectname [6]"(null)"
2012-12-11 23:49:14, Info CSI 0000000e Created NT transaction (seq 2) result 0x00000000, handle @0x258
2012-12-11 23:49:14, Info CSI 0000000f@2012/12/12:02:49:14.832 CSI perf trace:
CSIPERF:TXCOMMIT;24518
2012-12-11 23:49:14, Info CBS Scavenge: Completed, disposition: 0X1
2012-12-11 23:49:14, Info CSI 00000010@2012/12/12:02:49:14.832 CSI Transaction @0x1402ce0 destroyed
2012-12-11 23:49:15, Info CBS Reboot mark refs: 0
2012-12-11 23:49:15, Info CBS Idle processing thread terminated normally
2012-12-11 23:49:15, Info CBS Ending the TrustedInstaller main loop.
2012-12-11 23:49:15, Info CBS Starting TrustedInstaller finalization.
2012-12-11 23:49:15, Info CBS Ending TrustedInstaller finalization.
2012-12-12 00:55:22, Info CBS Starting TrustedInstaller initialization.
2012-12-12 00:55:22, Info CBS Loaded Servicing Stack v6.1.7601.17592 with Core: C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\cbscore.dll
2012-12-12 00:55:23, Info CSI 00000001@2012/12/12:03:55:23.644 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fef4e6f0ad @0x7fef5129849 @0x7fef50f34e3 @0xff87e97c @0xff87d799 @0xff87db2f)
2012-12-12 00:55:23, Info CSI 00000002@2012/12/12:03:55:23.706 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fef4e6f0ad @0x7fef5176816 @0x7fef5142aac @0x7fef50f35b9 @0xff87e97c @0xff87d799)
2012-12-12 00:55:23, Info CSI 00000003@2012/12/12:03:55:23.706 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fef4e6f0ad @0x7fef4d48738 @0x7fef4d48866 @0xff87e474 @0xff87d7de @0xff87db2f)
2012-12-12 00:55:23, Info CBS Ending TrustedInstaller initialization.
2012-12-12 00:55:23, Info CBS Starting the TrustedInstaller main loop.
2012-12-12 00:55:23, Info CBS TrustedInstaller service starts successfully.
2012-12-12 00:55:23, Info CBS SQM: Initializing online with Windows opt-in: False
2012-12-12 00:55:23, Info CBS SQM: Cleaning up report files older than 10 days.
2012-12-12 00:55:23, Info CBS SQM: Requesting upload of all unsent reports.
2012-12-12 00:55:23, Info CBS SQM: Failed to start upload with file pattern: C:\Windows\servicing\sqm\*_std.sqm, flags: 0x2 [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 00:55:23, Info CBS SQM: Failed to start standard sample upload. [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 00:55:23, Info CBS SQM: Failed to start upload with file pattern: C:\Windows\servicing\sqm\*_all.sqm, flags: 0x6 [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 00:55:23, Info CBS SQM: Failed to start always sample upload. [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 00:55:23, Info CBS SQM: Warning: Failed to upload all unsent reports. [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 00:55:23, Info CBS No startup processing required, TrustedInstaller service was not set as autostart, or else a reboot is still pending.
2012-12-12 00:55:23, Info CBS NonStart: Checking to ensure startup processing was not required.
2012-12-12 00:55:23, Info CSI 00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0x118fa80
2012-12-12 00:55:23, Info CSI 00000005 Creating NT transaction (seq 1), objectname [6]"(null)"
2012-12-12 00:55:23, Info CSI 00000006 Created NT transaction (seq 1) result 0x00000000, handle @0x210
2012-12-12 00:55:23, Info CSI 00000007@2012/12/12:03:55:23.722 CSI perf trace:
CSIPERF:TXCOMMIT;1175
2012-12-12 00:55:23, Info CBS NonStart: Success, startup processing not required as expected.
2012-12-12 00:55:23, Info CBS Startup processing thread terminated normally
2012-12-12 00:55:23, Info CSI 00000008 CSI Store 1554592 (0x000000000017b8a0) initialized
2012-12-12 00:55:23, Info CBS Session: 30267420_2203084668 initialized by client lpksetup.
2012-12-12 00:55:23, Info CBS Session: 30267420_2203084668 finalized. Reboot required: no [HRESULT = 0x00000000 - S_OK]
2012-12-12 00:58:25, Info CBS Session: 30267420_4016320470 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2739159~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4016476470 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2656356~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4016788471 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2482017~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 80, CurrentState:80
2012-12-12 00:58:25, Info CBS Session: 30267420_4017100471 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2779562~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4019704499 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2563227~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4019784504 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2607047~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 0, CurrentState:0
2012-12-12 00:58:25, Info CBS Session: 30267420_4020244530 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2743555~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4020304533 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2560656~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4020404539 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2658846~31bf3856ad364e35~amd64~~6.1.1.4, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4020454542 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2716513~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-12 00:58:25, Info CBS Session: 30267420_4020494544 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2489256~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 80, CurrentState:0
2012-12-12 00:58:25, Info CBS Session: 30267420_4020534547 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2552343~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4020594550 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2779030~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4020644553 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2620704~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4021494601 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2505438~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4021624609 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2533552~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4021704613 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2763523~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4022100627 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2515325~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4022256628 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2718704~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4022256629 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2479943~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4022568628 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2631813~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4022568629 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2640148~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4022724629 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2547666~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4022880629 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2709981~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4022880630 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2536276~31bf3856ad364e35~amd64~~6.1.2.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4022880631 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2574819~31bf3856ad364e35~amd64~~6.1.1.7, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4023192629 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2585542~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4023192630 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2618451~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4023348630 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2645640~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4023504630 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Microsoft-Windows-WinMan-WinIP-Package-TopLevel~31bf3856ad364e35~amd64~~7.1.7601.16398, ApplicableState: 112, CurrentState:0
2012-12-12 00:58:25, Info CBS Session: 30267420_4023816630 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2544521~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 80, CurrentState:80
2012-12-12 00:58:25, Info CBS Session: 30267420_4024440632 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2719985~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:25, Info CBS Session: 30267420_4024752632 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Session: 30267420_4025064633 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:25, Info CBS Read out cached package applicability for package: Package_for_KB2676562~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:26, Info CBS Session: 30267420_4026156635 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Read out cached package applicability for package: Package_for_KB2620712~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:26, Info CBS Session: 30267420_4028652639 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Session: 30267420_4035046797 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Read out cached package applicability for package: Package_for_KB2761465~31bf3856ad364e35~amd64~~9.4.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:26, Info CBS Session: 30267420_4035046798 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Read out cached package applicability for package: Package_for_KB2660075~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:26, Info CBS Session: 30267420_4035202797 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035202798 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035202799 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035202800 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Session: 30267420_4035358798 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Session: 30267420_4035358799 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035358800 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035358801 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035514798 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035514799 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035514800 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Session: 30267420_4035514801 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035514802 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035514803 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035670798 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035670799 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035670800 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035670801 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035670802 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:26, Info CBS Session: 30267420_4035670803 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4035826798 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4035826799 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Session: 30267420_4035826800 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4035826801 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4035826802 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4035826803 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4035982799 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Session: 30267420_4035982800 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4035982801 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4035982802 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4035982803 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036138799 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036138800 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036138801 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036138802 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036138803 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036138804 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036294799 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036294800 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036294801 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036294802 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036294803 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036294804 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036450800 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036450801 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036450802 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036450803 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036450804 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4036450805 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2511250~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4036606800 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2691442~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4037074801 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2570947~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4037386801 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2685811~31bf3856ad364e35~amd64~~6.1.1.11, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4038322803 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2545698~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4038322804 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2688338~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 80, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4038322805 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2530548~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 80, CurrentState:0
2012-12-12 00:58:27, Info CBS Session: 30267420_4038478803 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2512715~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 0, CurrentState:0
2012-12-12 00:58:27, Info CBS Session: 30267420_4038790804 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2706045~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-12 00:58:27, Info CBS Session: 30267420_4038946804 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2510531~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4038946805 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Session: 30267420_4039102804 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2724197~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4039258805 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2729452~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4039610807 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2522422~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4039660810 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2703157~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-12 00:58:27, Info CBS Session: 30267420_4039710813 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2506212~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4039770817 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Microsoft-Windows-RDP-WinIP-Package-TopLevel~31bf3856ad364e35~amd64~~7.1.7601.16398, ApplicableState: 112, CurrentState:0
2012-12-12 00:58:27, Info CBS Session: 30267420_4039910825 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2758857~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4041390909 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2719857~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4041440912 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2603229~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4041480914 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2741355~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4041530917 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2536275~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4041570919 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2667402~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4041630923 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2762895~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4041910939 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2753842~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4041960942 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2655992~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 80, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4042030946 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2735855~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4043312959 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB947821~31bf3856ad364e35~amd64~~6.1.25.0, ApplicableState: 112, CurrentState:0
2012-12-12 00:58:27, Info CBS Session: 30267420_4043468959 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2736233~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4043624959 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2719033~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-12 00:58:27, Info CBS Session: 30267420_4043780959 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Read out cached package applicability for package: Package_for_KB2484033~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-12 00:58:27, Info CBS Session: 30267420_4043936960 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Session: 30267420_4044092960 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044092961 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044092962 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044092963 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044248960 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044248961 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044248962 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044248963 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Session: 30267420_4044248964 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Session: 30267420_4044404960 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044404961 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044404962 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044404963 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044404964 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044404965 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Session: 30267420_4044560961 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044560962 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044560963 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044560964 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044560965 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044560966 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044560967 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044716961 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044716962 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044716963 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044716964 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Session: 30267420_4044716965 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044716966 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044716967 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044872961 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044872962 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Session: 30267420_4044872963 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044872964 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044872965 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4044872966 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045028962 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045028963 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045028964 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045028965 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045028966 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045028967 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045028968 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045184962 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045184963 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045184964 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045184965 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045184966 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045184967 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Identity missing version. [HRESULT = 0x80070057 - E_INVALIDARG]
2012-12-12 00:58:27, Error CBS Failed to shred identity: Microsoft-Windows-InternetExplorer-LanguagePack [HRESULT = 0x80070057 - E_INVALIDARG]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045184968 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045340962 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045340963 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045340964 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:27, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:27, Info CBS Session: 30267420_4045340965 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Session: 30267420_4046120964 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Session: 30267420_4046900965 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2750841~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4047992967 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2686831~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4048304967 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2541014~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4048304968 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2709630~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4048460968 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2621146~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 0, CurrentState:0
2012-12-12 00:58:28, Info CBS Session: 30267420_4048460969 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2601626~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 0, CurrentState:0
2012-12-12 00:58:28, Info CBS Session: 30267420_4048460970 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2509553~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4048460971 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Microsoft-Windows-Security-WindowsActivationTechnologies-Package~31bf3856ad364e35~amd64~~7.1.7600.16395, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4048928968 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2770660~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4049084969 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2749655~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4049396969 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2732059~31bf3856ad364e35~amd64~~6.1.5.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4049552970 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2761465~31bf3856ad364e35~amd64~~10.2.1.0, ApplicableState: 0, CurrentState:0
2012-12-12 00:58:28, Info CBS Session: 30267420_4049868979 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 00:58:28, Info CBS Session: 30267420_4049888980 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Session: 30267420_4050038989 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB976932~31bf3856ad364e35~amd64~~6.1.1.17514, ApplicableState: 112, CurrentState:101
2012-12-12 00:58:28, Info CBS Session: 30267420_4051929097 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2604115~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4052269116 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2488113~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4052329120 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2632503~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-12 00:58:28, Info CBS Session: 30267420_4052379123 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2579686~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4052535123 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2544893~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4052535124 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2685939~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4052535125 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2685813~31bf3856ad364e35~amd64~~6.1.1.11, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4053003124 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2690533~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4053159124 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2699779~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4053159125 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2621440~31bf3856ad364e35~amd64~~6.1.1.5, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4053471124 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2732487~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4053471125 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2727528~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4053471126 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2506014~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4053627125 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:28, Info CBS Read out cached package applicability for package: Package_for_KB2564958~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:28, Info CBS Session: 30267420_4053783125 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2661254~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4056903130 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2761217~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4056903131 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2529073~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4056903132 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2659262~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4057059131 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2552343~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4057059132 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2532531~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4058151133 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2653956~31bf3856ad364e35~amd64~~6.1.1.5, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4058307133 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB982018~31bf3856ad364e35~amd64~~6.1.3.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4058931134 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2705219~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059087134 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2506928~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059087135 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2732500~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059087136 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2656411~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059087137 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2491683~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059243135 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059243136 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2656373~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059555135 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2729094~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059555136 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2712808~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059555137 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2511455~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059741137 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2619339~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059791140 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2660649~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4059851143 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2698365~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4060041154 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2644615~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4060101158 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2647753~31bf3856ad364e35~amd64~~6.1.4.0, ApplicableState: 112, CurrentState:112
2012-12-12 00:58:29, Info CBS Session: 30267420_4060171162 initialized by client WindowsUpdateAgent.
2012-12-12 00:58:29, Info CBS Read out cached package applicability for package: Package_for_KB2584146~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 01:08:29, Info CBS Reboot mark refs incremented to: 1
2012-12-12 01:08:29, Info CBS Scavenge: Starts
2012-12-12 01:08:29, Info CSI 00000009@2012/12/12:04:08:29.477 CSI Transaction @0x122f490 initialized for deployment engine {d16d444c-56d8-11d5-882d-0080c847b195} with flags 00000002 and client id [10]"TI6.0_0:0/"

2012-12-12 01:08:29, Info CBS Scavenge: Begin CSI Store
2012-12-12 01:08:30, Info CSI 0000000a Performing 1 operations; 1 are not lock/unlock and follow:
Scavenge (8): flags: 00000017
2012-12-12 01:08:30, Info CSI 0000000b Store coherency cookie matches last scavenge cookie, skipping scavenge.
2012-12-12 01:08:30, Info CSI 0000000c ICSITransaction::Commit calling IStorePendingTransaction::Apply - coldpatching=FALSE applyflags=7
2012-12-12 01:08:30, Info CSI 0000000d Creating NT transaction (seq 2), objectname [6]"(null)"
2012-12-12 01:08:30, Info CSI 0000000e Created NT transaction (seq 2) result 0x00000000, handle @0x250
2012-12-12 01:08:30, Info CSI 0000000f@2012/12/12:04:08:30.507 CSI perf trace:
CSIPERF:TXCOMMIT;22811
2012-12-12 01:08:30, Info CBS Scavenge: Completed, disposition: 0X1
2012-12-12 01:08:30, Info CSI 00000010@2012/12/12:04:08:30.507 CSI Transaction @0x122f490 destroyed
2012-12-12 01:08:30, Info CBS Reboot mark refs: 0
2012-12-12 01:08:30, Info CBS Idle processing thread terminated normally
2012-12-12 01:08:30, Info CBS Ending the TrustedInstaller main loop.
2012-12-12 01:08:30, Info CBS Starting TrustedInstaller finalization.
2012-12-12 01:08:30, Info CBS Ending TrustedInstaller finalization.


----------------------------------------------------------------------------------------------

Edited by Paty, 11 December 2012 - 10:41 PM.

  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP

A note: the files AsPatch10430001.exe and ETDCtrl.exe came with the laptop. They are part of the Asus system in the original DVD. It's shocking that Asus put virus in their own machines.


I think these are false positives. AsPatch10430001.exe is part of the USB 3.0 upgrade which can be downloaded from asus at: http://dlcdnet.asus....64_z3010511.zip

ETDCtrl.exe
Command: %programfiles%\Elantech\ETDCtrl.exe
Description:
Preinstalled on certain laptops such as Asus Eee and developed by ELANTECH Devices Corp, this program makes possible multi-touch functions like scrolling, zooming, and rotating pictures using the touchpad.
File Location: %programfiles%\Elantech\ETDCtrl.exe

Combofix did remove the AsPatch file but it claims that the ETDCtrl.exe file was already missing which is why it removed the registry entry that calls it. Oddly enough it was there when OTL ran.

The CBS log you posted does not contain any info on the sfc /scannow that you ran. (SFC logs entries in the CBS log with a "[SR]" tag.) Run SFC /scannow again and then immediately look at the log. I know windows periodically moves the cbs.log info to another file and starts with a clean log every once in a while and I'm guessing that must have happened here as yours is very small.

Is it still slow? When is it slow? At boot, when surfing, after it's been on a while?
  • 0

#13
Paty

Paty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
The system is not slow now. It is running normally. I' m sorry I forgot to add it in my last reply.

About AsPatch10430001.exe
Should I re-install it again?


I have to split the log in two parts, the reply editor says that the post is too long.

CBS.log part 1





2012-12-12 08:58:59, Info CBS Starting TrustedInstaller initialization.
2012-12-12 08:58:59, Info CBS Loaded Servicing Stack v6.1.7601.17592 with Core: C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\cbscore.dll
2012-12-12 08:59:00, Info CSI 00000001@2012/12/12:11:59:00.799 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7feecb3f0ad @0x7feecdf9849 @0x7feecdc34e3 @0xffa6e97c @0xffa6d799 @0xffa6db2f)
2012-12-12 08:59:01, Info CSI 00000002@2012/12/12:11:59:01.486 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7feecb3f0ad @0x7feece46816 @0x7feece12aac @0x7feecdc35b9 @0xffa6e97c @0xffa6d799)
2012-12-12 08:59:01, Info CSI 00000003@2012/12/12:11:59:01.486 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7feecb3f0ad @0x7feeba58738 @0x7feeba58866 @0xffa6e474 @0xffa6d7de @0xffa6db2f)
2012-12-12 08:59:01, Info CBS Ending TrustedInstaller initialization.
2012-12-12 08:59:01, Info CBS Starting the TrustedInstaller main loop.
2012-12-12 08:59:01, Info CBS TrustedInstaller service starts successfully.
2012-12-12 08:59:01, Info CBS SQM: Initializing online with Windows opt-in: False
2012-12-12 08:59:01, Info CBS SQM: Cleaning up report files older than 10 days.
2012-12-12 08:59:01, Info CBS SQM: Requesting upload of all unsent reports.
2012-12-12 08:59:01, Info CBS SQM: Failed to start upload with file pattern: C:\Windows\servicing\sqm\*_std.sqm, flags: 0x2 [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 08:59:01, Info CBS SQM: Failed to start standard sample upload. [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 08:59:01, Info CBS SQM: Failed to start upload with file pattern: C:\Windows\servicing\sqm\*_all.sqm, flags: 0x6 [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 08:59:01, Info CBS SQM: Failed to start always sample upload. [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 08:59:01, Info CBS SQM: Warning: Failed to upload all unsent reports. [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 08:59:01, Info CBS No startup processing required, TrustedInstaller service was not set as autostart, or else a reboot is still pending.
2012-12-12 08:59:01, Info CBS NonStart: Checking to ensure startup processing was not required.
2012-12-12 08:59:01, Info CSI 00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0x145f900
2012-12-12 08:59:01, Info CSI 00000005 Creating NT transaction (seq 1), objectname [6]"(null)"
2012-12-12 08:59:01, Info CSI 00000006 Created NT transaction (seq 1) result 0x00000000, handle @0x210
2012-12-12 08:59:01, Info CSI 00000007@2012/12/12:11:59:01.626 CSI perf trace:
CSIPERF:TXCOMMIT;1713
2012-12-12 08:59:01, Info CBS NonStart: Success, startup processing not required as expected.
2012-12-12 08:59:01, Info CBS Startup processing thread terminated normally
2012-12-12 08:59:01, Info CSI 00000008 CSI Store 2633744 (0x0000000000283010) initialized
2012-12-12 08:59:01, Info CBS Session: 30267488_324506001 initialized by client lpksetup.
2012-12-12 08:59:02, Info CBS Session: 30267488_324506001 finalized. Reboot required: no [HRESULT = 0x00000000 - S_OK]
2012-12-12 09:01:37, Info CBS Session: 30267488_1880480370 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2739159~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1880636371 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2656356~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1881260372 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2482017~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 80, CurrentState:80
2012-12-12 09:01:37, Info CBS Session: 30267488_1881572372 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2779562~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1884380377 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2563227~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1884536378 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2607047~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 0, CurrentState:0
2012-12-12 09:01:37, Info CBS Session: 30267488_1885004378 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2743555~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1885004379 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2560656~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1885160379 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2658846~31bf3856ad364e35~amd64~~6.1.1.4, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1885160380 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2716513~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-12 09:01:37, Info CBS Session: 30267488_1885160381 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2489256~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 80, CurrentState:0
2012-12-12 09:01:37, Info CBS Session: 30267488_1885160382 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2552343~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1885316379 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2779030~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1885316380 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2620704~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1886096380 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2505438~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1886408381 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2533552~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1886408382 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2763523~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1887032382 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2515325~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1887032383 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2718704~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1887188382 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2479943~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1887500383 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2631813~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1887500384 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2640148~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1887656383 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2547666~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1887812383 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2709981~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1887812384 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:37, Info CBS Read out cached package applicability for package: Package_for_KB2536276~31bf3856ad364e35~amd64~~6.1.2.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:37, Info CBS Session: 30267488_1887812385 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:38, Info CBS Read out cached package applicability for package: Package_for_KB2574819~31bf3856ad364e35~amd64~~6.1.1.7, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:38, Info CBS Session: 30267488_1888124384 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:38, Info CBS Read out cached package applicability for package: Package_for_KB2585542~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:38, Info CBS Session: 30267488_1888280384 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:38, Info CBS Read out cached package applicability for package: Package_for_KB2618451~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-12 09:01:38, Info CBS Session: 30267488_1888280385 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:38, Info CBS Read out cached package applicability for package: Package_for_KB2645640~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:38, Info CBS Session: 30267488_1888436384 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:38, Info CBS Read out cached package applicability for package: Microsoft-Windows-WinMan-WinIP-Package-TopLevel~31bf3856ad364e35~amd64~~7.1.7601.16398, ApplicableState: 112, CurrentState:0
2012-12-12 09:01:38, Info CBS Session: 30267488_1888904385 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:38, Info CBS Read out cached package applicability for package: Package_for_KB2544521~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 80, CurrentState:80
2012-12-12 09:01:38, Info CBS Session: 30267488_1889528386 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:38, Info CBS Read out cached package applicability for package: Package_for_KB2719985~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:38, Info CBS Session: 30267488_1889684387 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:38, Info CBS Session: 30267488_1889996387 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:38, Info CBS Read out cached package applicability for package: Package_for_KB2676562~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:38, Info CBS Session: 30267488_1891244389 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:38, Info CBS Read out cached package applicability for package: Package_for_KB2620712~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:38, Info CBS Session: 30267488_1894208395 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Session: 30267488_1900916406 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2761465~31bf3856ad364e35~amd64~~9.4.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1900916407 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2660075~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1901072407 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901228407 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901228408 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901228409 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Session: 30267488_1901228410 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Session: 30267488_1901228411 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901228412 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901228413 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901228414 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901384407 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901384408 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Session: 30267488_1901384409 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901384410 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901384411 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901384412 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901384413 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901384414 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901540407 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901540408 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901540409 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901540410 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901540411 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Session: 30267488_1901540412 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901540413 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901540414 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901696408 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901696409 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Session: 30267488_1901696410 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901696411 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901696412 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901696413 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901696414 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901696415 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901696416 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901852408 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901852409 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901852410 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901852411 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901852412 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901852413 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901852414 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901852415 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901852416 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1901852417 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1902008408 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1902008409 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1902008410 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1902008411 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:39, Info CBS Session: 30267488_1902008412 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2511250~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1902008413 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2691442~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1903568411 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2570947~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1903880412 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2685811~31bf3856ad364e35~amd64~~6.1.1.11, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1904660413 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2545698~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1904816413 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2688338~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 80, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1904816414 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2530548~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 80, CurrentState:0
2012-12-12 09:01:39, Info CBS Session: 30267488_1904972413 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2512715~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 0, CurrentState:0
2012-12-12 09:01:39, Info CBS Session: 30267488_1905284414 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2706045~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-12 09:01:39, Info CBS Session: 30267488_1905284415 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2510531~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1905440414 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Session: 30267488_1905596415 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2724197~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1905596416 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2729452~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1905908415 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2522422~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1905908416 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2703157~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-12 09:01:39, Info CBS Session: 30267488_1906064415 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2506212~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1906064416 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Microsoft-Windows-RDP-WinIP-Package-TopLevel~31bf3856ad364e35~amd64~~7.1.7601.16398, ApplicableState: 112, CurrentState:0
2012-12-12 09:01:39, Info CBS Session: 30267488_1906220416 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2758857~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1907624418 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2719857~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1907624419 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2603229~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1907780418 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2741355~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1907780419 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2536275~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:39, Info CBS Session: 30267488_1907780420 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:39, Info CBS Read out cached package applicability for package: Package_for_KB2667402~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1907936419 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2762895~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1908092419 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2753842~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1908248419 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2655992~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 80, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1908248420 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2735855~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1908560420 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB947821~31bf3856ad364e35~amd64~~6.1.25.0, ApplicableState: 112, CurrentState:0
2012-12-12 09:01:40, Info CBS Session: 30267488_1908716420 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2736233~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1908716421 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2719033~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-12 09:01:40, Info CBS Session: 30267488_1908872420 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2484033~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1909028421 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Session: 30267488_1909184421 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909184422 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909184423 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909340421 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909340422 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909340423 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909340424 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909340425 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Session: 30267488_1909496421 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Session: 30267488_1909496422 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909496423 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909496424 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909652422 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909652423 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909652424 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Session: 30267488_1909652425 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909652426 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909808422 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909808423 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909808424 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909808425 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909808426 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909964422 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909964423 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909964424 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1909964425 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Session: 30267488_1909964426 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910120423 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910120424 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910120425 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910120426 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Session: 30267488_1910120427 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910276423 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910276424 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910276425 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910276426 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910276427 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910432423 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910432424 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910432425 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910432426 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910432427 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910432428 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910588423 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910588424 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910588425 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910588426 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910588427 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Identity missing version. [HRESULT = 0x80070057 - E_INVALIDARG]
2012-12-12 09:01:40, Error CBS Failed to shred identity: Microsoft-Windows-InternetExplorer-LanguagePack [HRESULT = 0x80070057 - E_INVALIDARG]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910744424 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910744425 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910744426 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910744427 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1910744428 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Session: 30267488_1911680425 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Session: 30267488_1912304426 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2750841~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1912772427 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2686831~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1913084428 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2541014~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1913084429 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2709630~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1913084430 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2621146~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 0, CurrentState:0
2012-12-12 09:01:40, Info CBS Session: 30267488_1913084431 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2601626~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 0, CurrentState:0
2012-12-12 09:01:40, Info CBS Session: 30267488_1913240428 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2509553~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1913240429 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Microsoft-Windows-Security-WindowsActivationTechnologies-Package~31bf3856ad364e35~amd64~~7.1.7600.16395, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1914176430 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2770660~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1914332430 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2749655~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1914800431 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2732059~31bf3856ad364e35~amd64~~6.1.5.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:40, Info CBS Session: 30267488_1915112431 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Read out cached package applicability for package: Package_for_KB2761465~31bf3856ad364e35~amd64~~10.2.1.0, ApplicableState: 0, CurrentState:0
2012-12-12 09:01:40, Info CBS Session: 30267488_1915580432 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2012-12-12 09:01:40, Info CBS Session: 30267488_1915580433 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:40, Info CBS Session: 30267488_1915892433 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB976932~31bf3856ad364e35~amd64~~6.1.1.17514, ApplicableState: 112, CurrentState:101
2012-12-12 09:01:41, Info CBS Session: 30267488_1918076437 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2604115~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1918388437 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2488113~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1918544437 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2632503~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:0
2012-12-12 09:01:41, Info CBS Session: 30267488_1918700438 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2579686~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1918856438 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2544893~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1918856439 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2685939~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1918856440 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2685813~31bf3856ad364e35~amd64~~6.1.1.11, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1919324439 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2690533~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1919480439 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2699779~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1919480440 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2621440~31bf3856ad364e35~amd64~~6.1.1.5, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1919792440 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2732487~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1919792441 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2727528~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1919792442 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2506014~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1919948440 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2564958~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1920104440 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2661254~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1923068445 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2761217~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1923224446 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2529073~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1923224447 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2659262~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1923380446 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2552343~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1923380447 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2532531~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1924472448 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2653956~31bf3856ad364e35~amd64~~6.1.1.5, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1924784448 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB982018~31bf3856ad364e35~amd64~~6.1.3.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926032450 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2705219~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926188451 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2506928~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926188452 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2732500~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926188453 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2656411~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926344451 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2491683~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926344452 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926344453 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2656373~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926656452 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2729094~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926656453 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2712808~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926656454 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2511455~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926812452 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2619339~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926812453 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2660649~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1926968452 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2698365~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1927124452 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2644615~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1927124453 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2647753~31bf3856ad364e35~amd64~~6.1.4.0, ApplicableState: 112, CurrentState:112
2012-12-12 09:01:41, Info CBS Session: 30267488_1927124454 initialized by client WindowsUpdateAgent.
2012-12-12 09:01:41, Info CBS Read out cached package applicability for package: Package_for_KB2584146~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2012-12-12 09:11:42, Info CBS Reboot mark refs incremented to: 1
2012-12-12 09:11:42, Info CBS Scavenge: Starts
2012-12-12 09:11:42, Info CSI 00000009@2012/12/12:12:11:42.255 CSI Transaction @0x1346950 initialized for deployment engine {d16d444c-56d8-11d5-882d-0080c847b195} with flags 00000002 and client id [10]"TI6.0_0:0/"

2012-12-12 09:11:42, Info CBS Scavenge: Begin CSI Store
2012-12-12 09:11:42, Info CSI 0000000a Performing 1 operations; 1 are not lock/unlock and follow:
Scavenge (8): flags: 00000017
2012-12-12 09:11:42, Info CSI 0000000b Store coherency cookie matches last scavenge cookie, skipping scavenge.
2012-12-12 09:11:42, Info CSI 0000000c ICSITransaction::Commit calling IStorePendingTransaction::Apply - coldpatching=FALSE applyflags=7
2012-12-12 09:11:42, Info CSI 0000000d Creating NT transaction (seq 2), objectname [6]"(null)"
2012-12-12 09:11:42, Info CSI 0000000e Created NT transaction (seq 2) result 0x00000000, handle @0x240
2012-12-12 09:11:42, Info CSI 0000000f@2012/12/12:12:11:42.801 CSI perf trace:
CSIPERF:TXCOMMIT;30513
2012-12-12 09:11:42, Info CBS Scavenge: Completed, disposition: 0X1
2012-12-12 09:11:42, Info CSI 00000010@2012/12/12:12:11:42.801 CSI Transaction @0x1346950 destroyed
2012-12-12 09:11:42, Info CBS Reboot mark refs: 0
2012-12-12 09:11:42, Info CBS Idle processing thread terminated normally
2012-12-12 09:11:42, Info CBS Ending the TrustedInstaller main loop.
2012-12-12 09:11:42, Info CBS Starting TrustedInstaller finalization.
2012-12-12 09:11:43, Info CBS Ending TrustedInstaller finalization.
2012-12-12 09:49:46, Info CBS Starting TrustedInstaller initialization.
2012-12-12 09:49:46, Info CBS Loaded Servicing Stack v6.1.7601.17592 with Core: C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\cbscore.dll
2012-12-12 09:49:47, Info CSI 00000001@2012/12/12:12:49:47.920 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7feeaf5f0ad @0x7feee2a9849 @0x7feee2734e3 @0xffe2e97c @0xffe2d799 @0xffe2db2f)
2012-12-12 09:49:47, Info CSI 00000002@2012/12/12:12:49:47.951 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7feeaf5f0ad @0x7feee2f6816 @0x7feee2c2aac @0x7feee2735b9 @0xffe2e97c @0xffe2d799)
2012-12-12 09:49:47, Info CSI 00000003@2012/12/12:12:49:47.967 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7feeaf5f0ad @0x7fef65a8738 @0x7fef65a8866 @0xffe2e474 @0xffe2d7de @0xffe2db2f)
2012-12-12 09:49:47, Info CBS Ending TrustedInstaller initialization.
2012-12-12 09:49:47, Info CBS Starting the TrustedInstaller main loop.
2012-12-12 09:49:47, Info CBS TrustedInstaller service starts successfully.
2012-12-12 09:49:47, Info CBS SQM: Initializing online with Windows opt-in: False
2012-12-12 09:49:47, Info CBS SQM: Cleaning up report files older than 10 days.
2012-12-12 09:49:47, Info CBS SQM: Requesting upload of all unsent reports.
2012-12-12 09:49:47, Info CBS SQM: Failed to start upload with file pattern: C:\Windows\servicing\sqm\*_std.sqm, flags: 0x2 [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 09:49:47, Info CBS SQM: Failed to start standard sample upload. [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 09:49:47, Info CBS SQM: Queued 0 file(s) for upload with pattern: C:\Windows\servicing\sqm\*_all.sqm, flags: 0x6
2012-12-12 09:49:47, Info CBS SQM: Warning: Failed to upload all unsent reports. [HRESULT = 0x80004005 - E_FAIL]
2012-12-12 09:49:47, Info CBS No startup processing required, TrustedInstaller service was not set as autostart, or else a reboot is still pending.
2012-12-12 09:49:47, Info CBS NonStart: Checking to ensure startup processing was not required.
2012-12-12 09:49:47, Info CSI 00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0x139fe60
2012-12-12 09:49:47, Info CSI 00000005 Creating NT transaction (seq 1), objectname [6]"(null)"
2012-12-12 09:49:47, Info CSI 00000006 Created NT transaction (seq 1) result 0x00000000, handle @0x210
2012-12-12 09:49:47, Info CSI 00000007@2012/12/12:12:49:47.982 CSI perf trace:
CSIPERF:TXCOMMIT;1063
2012-12-12 09:49:47, Info CBS NonStart: Success, startup processing not required as expected.
2012-12-12 09:49:47, Info CBS Startup processing thread terminated normally
2012-12-12 09:49:48, Info CSI 00000008 CSI Store 4307760 (0x000000000041bb30) initialized
2012-12-12 09:49:50, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:49:50, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-12-12 09:49:51, Info CSI 0000000b Repair results created:
POQ 0 starts:

POQ 0 ends.
2012-12-12 09:49:51, Info CSI 0000000c [SR] Verify complete
2012-12-12 09:49:51, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:49:51, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2012-12-12 09:49:52, Info CSI 0000000f Repair results created:
POQ 1 starts:

POQ 1 ends.
2012-12-12 09:49:52, Info CSI 00000010 [SR] Verify complete
2012-12-12 09:49:52, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:49:52, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2012-12-12 09:49:53, Info CSI 00000013 Repair results created:
POQ 2 starts:

POQ 2 ends.
2012-12-12 09:49:53, Info CSI 00000014 [SR] Verify complete
2012-12-12 09:49:53, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:49:53, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2012-12-12 09:49:55, Info CSI 00000017 Repair results created:
POQ 3 starts:

POQ 3 ends.
2012-12-12 09:49:55, Info CSI 00000018 [SR] Verify complete
2012-12-12 09:49:55, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:49:55, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2012-12-12 09:49:57, Info CSI 0000001b Repair results created:
POQ 4 starts:

POQ 4 ends.
2012-12-12 09:49:57, Info CSI 0000001c [SR] Verify complete
2012-12-12 09:49:57, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:49:57, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2012-12-12 09:49:59, Info CSI 0000001f Repair results created:
POQ 5 starts:

POQ 5 ends.
2012-12-12 09:49:59, Info CSI 00000020 [SR] Verify complete
2012-12-12 09:49:59, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:49:59, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:00, Info CSI 00000023 Repair results created:
POQ 6 starts:

POQ 6 ends.
2012-12-12 09:50:00, Info CSI 00000024 [SR] Verify complete
2012-12-12 09:50:01, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:01, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:02, Info CSI 00000027 Repair results created:
POQ 7 starts:

POQ 7 ends.
2012-12-12 09:50:02, Info CSI 00000028 [SR] Verify complete
2012-12-12 09:50:02, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:02, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:03, Info CSI 0000002b Repair results created:
POQ 8 starts:

POQ 8 ends.
2012-12-12 09:50:03, Info CSI 0000002c [SR] Verify complete
2012-12-12 09:50:03, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:03, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:05, Info CSI 0000002f Repair results created:
POQ 9 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\436a143567d8cd01ea03000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\a3cb163567d8cd01eb03000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:246{123}]"\SystemRoot\WinSxS\Temp\PendingRenames\032d193567d8cd01ec03000030105c12.$$_diagnostics_system_audio_9d2751b7c84ca0f1.cdf-ms", Destination = [l:158{79}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_audio_9d2751b7c84ca0f1.cdf-ms"
3: Move File: Source = [l:258{129}]"\SystemRoot\WinSxS\Temp\PendingRenames\c4ef1d3567d8cd01ed03000030105c12.$$_diagnostics_system_audio_es-es_9fb2582360567792.cdf-ms", Destination = [l:170{85}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_audio_es-es_9fb2582360567792.cdf-ms"
4: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\2451203567d8cd01ee03000030105c12.$$_diagnostics_system_aero_8b2c42561936b3f0.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_aero_8b2c42561936b3f0.cdf-ms"
5: Move File: Source = [l:256{128}]"\SystemRoot\WinSxS\Temp\PendingRenames\2451203567d8cd01ef03000030105c12.$$_diagnostics_system_aero_es-es_1a66942320a42f77.cdf-ms", Destination = [l:168{84}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_aero_es-es_1a66942320a42f77.cdf-ms"
6: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\265c333567d8cd01f003000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
7: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\87bd353567d8cd01f103000030105c12.$$_system32_manifeststore_7d35b12f9be4c20e.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_system32_man
2012-12-12 09:50:05, Info CSI ifeststore_7d35b12f9be4c20e.cdf-ms"
8: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\47803a3567d8cd01f203000030105c12.$$_apppatch_1143992cbbbebcab.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_apppatch_1143992cbbbebcab.cdf-ms"
9: Move File: Source = [l:236{118}]"\SystemRoot\WinSxS\Temp\PendingRenames\a8e13c3567d8cd01f303000030105c12.$$_apppatch_apppatch64_e39bab3b20714e20.cdf-ms", Destination = [l:148{74}]"\SystemRoot\WinSxS\FileMaps\$$_apppatch_apppatch64_e39bab3b20714e20.cdf-ms"

POQ 9 ends.
2012-12-12 09:50:05, Info CSI 00000030 [SR] Verify complete
2012-12-12 09:50:05, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:05, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:07, Info CSI 00000033 Ignoring duplicate ownership for directory [l:46{23}]"\??\C:\Windows\SchCache" in component Microsoft-Windows-Active-Directory-Services-Interface-LDAP-Provider, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:08, Info CSI 00000034 Repair results created:
POQ 10 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\b7afd83667d8cd015804000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\1711db3667d8cd015904000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\1711db3667d8cd015a04000030105c12.$$_schcache_f995a5d4decb8cc0.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_schcache_f995a5d4decb8cc0.cdf-ms"
3: Move File: Source = [l:246{123}]"\SystemRoot\WinSxS\Temp\PendingRenames\d8d3df3667d8cd015b04000030105c12.$$_diagnostics_system_audio_9d2751b7c84ca0f1.cdf-ms", Destination = [l:158{79}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_audio_9d2751b7c84ca0f1.cdf-ms"
4: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\dadef23667d8cd015c04000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
5: Move File: Source = [l:240{120}]"\SystemRoot\WinSxS\Temp\PendingRenames\dadef23667d8cd015d04000030105c12.$$_system32_logfiles_ait_5b4995189d2e6c55.cdf-ms", Destination = [l:152{76}]"\SystemRoot\WinSxS\FileMaps\$$_system32_logfiles_ait_5b4995189d2e6c55.cdf-ms"
6: Move File: Source = [l:258{129}]"\SystemRoot\WinSxS\Temp\PendingRenames\3a40f53667d8cd015e04000030105c12.programdata_microsoft_windows_ait_140a03828e6ffe97.cdf-ms", Destination = [l:170{85}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_windows_ait_140a03828e6ffe97.cdf-ms"
7: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\fb02fa3667d8cd015f04000030105c12.$$_diagnostics_system_aero_8b2c42561936b3f0.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_aero_8b2c42561936b3f0.cdf-ms"
8:
2012-12-12 09:50:08, Info CSI Move File: Source = [l:234{117}]"\SystemRoot\WinSxS\Temp\PendingRenames\1c27013767d8cd016004000030105c12.$$_help_windows_es-es_b59491ea73669de3.cdf-ms", Destination = [l:146{73}]"\SystemRoot\WinSxS\FileMaps\$$_help_windows_es-es_b59491ea73669de3.cdf-ms"
9: Move File: Source = [l:228{114}]"\SystemRoot\WinSxS\Temp\PendingRenames\1c27013767d8cd016104000030105c12.$$_help_help_es-es_91e6c9419a9c2729.cdf-ms", Destination = [l:140{70}]"\SystemRoot\WinSxS\FileMaps\$$_help_help_es-es_91e6c9419a9c2729.cdf-ms"
10: Move File: Source = [l:216{108}]"\SystemRoot\WinSxS\Temp\PendingRenames\7e93163767d8cd016204000030105c12.$$_resources_fbee56ab048ab239.cdf-ms", Destination = [l:128{64}]"\SystemRoot\WinSxS\FileMaps\$$_resources_fbee56ab048ab239.cdf-ms"
11: Move File: Source = [l:230{115}]"\SystemRoot\WinSxS\Temp\PendingRenames\7e93163767d8cd016304000030105c12.$$_resources_themes_4d0d4910e83c2273.cdf-ms", Destination = [l:142{71}]"\SystemRoot\WinSxS\FileMaps\$$_resources_themes_4d0d4910e83c2273.cdf-ms"
12: Move File: Source = [l:240{120}]"\SystemRoot\WinSxS\Temp\PendingRenames\def4183767d8cd016404000030105c12.$$_resources_themes_aero_3fd78bf4cb5fa2c4.cdf-ms", Destination = [l:152{76}]"\SystemRoot\WinSxS\FileMaps\$$_resources_themes_aero_3fd78bf4cb5fa2c4.cdf-ms"
13: Move File: Source = [l:252{126}]"\SystemRoot\WinSxS\Temp\PendingRenames\def4183767d8cd016504000030105c12.$$_resources_themes_aero_shell_a91dfa5124b343c4.cdf-ms", Destination = [l:164{82}]"\SystemRoot\WinSxS\FileMaps\$$_resources_themes_aero_shell_a91dfa5124b343c4.cdf-ms"
14: Move File: Source = [l:276{138}]"\SystemRoot\WinSxS\Temp\PendingRenames\def4183767d8cd016604000030105c12.$$_resources_themes_aero_shell_normalcolor_10be8ec981b35fb6.cdf-ms", Destination = [l:188{94}]"\SystemRoot\WinSxS\FileMaps\$$_resources_themes_aero_shell_normalcolor_10be8ec981b35fb6.cdf-ms"
15: Move File: Source = [l:234{117}]"\SystemRoot\WinSxS\Temp\PendingRenames\22483a3767d8cd016704000030105c12.$$_appcompat_programs_99c7f419bd54f4ca.cdf-ms", Destination = [l
2012-12-12 09:50:08, Info CSI :146{73}]"\SystemRoot\WinSxS\FileMaps\$$_appcompat_programs_99c7f419bd54f4ca.cdf-ms"

POQ 10 ends.
2012-12-12 09:50:08, Info CSI 00000035 [SR] Verify complete
2012-12-12 09:50:08, Info CSI 00000036 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:08, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:21, Info CSI 00000038 Ignoring duplicate ownership for directory [l:64{32}]"\??\C:\Windows\Branding\Shellbrd" in component Microsoft-Windows-Branding-Shell-HomePremium, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:21, Info CSI 00000039 Ignoring duplicate ownership for directory [l:62{31}]"\??\C:\Windows\Branding\Basebrd" in component Microsoft-Windows-Branding-Base-HomePremium, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:21, Info CSI 0000003a Repair results created:
POQ 11 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\853bed3e67d8cd01cc04000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\e59cef3e67d8cd01cd04000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\46fef13e67d8cd01ce04000030105c12.$$_branding_1728f5d8b15e5263.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_branding_1728f5d8b15e5263.cdf-ms"
3: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\a65ff43e67d8cd01cf04000030105c12.$$_branding_shellbrd_be1f632087fb0947.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_branding_shellbrd_be1f632087fb0947.cdf-ms"
4: Move File: Source = [l:230{115}]"\SystemRoot\WinSxS\Temp\PendingRenames\c783fb3e67d8cd01d004000030105c12.$$_branding_basebrd_9ee9a176c9fadab4.cdf-ms", Destination = [l:142{71}]"\SystemRoot\WinSxS\FileMaps\$$_branding_basebrd_9ee9a176c9fadab4.cdf-ms"
5: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\8746003f67d8cd01d104000030105c12.$$_branding_basebrd_es-es_51c062694347f4d5.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_branding_basebrd_es-es_51c062694347f4d5.cdf-ms"
6: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\b196533f67d8cd01d204000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
7: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\7159583f67d8cd01d304000030105c12.$$_system32_boot_06654401df2fc50e.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_system32_boot_06654401df2fc50e.cdf-ms"

POQ 11 ends.
2012-12-12 09:50:21, Info CSI 0000003b [SR] Verify complete
2012-12-12 09:50:22, Info CSI 0000003c [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:22, Info CSI 0000003d [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:23, Info CSI 0000003e Ignoring duplicate ownership for directory [ml:14{7},l:12{6}]"\??\C:" in component Microsoft-Windows-Client-Features-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:24, Info CSI 0000003f Ignoring duplicate ownership for directory [l:72{36}]"\??\C:\Program Files\DVD Maker\es-ES" in component Microsoft-Windows-ClipsInTheLibrary.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"es-ES", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:24, Info CSI 00000040 Repair results created:
POQ 12 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\b1176a4067d8cd013805000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\b1176a4067d8cd013905000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:212{106}]"\SystemRoot\WinSxS\Temp\PendingRenames\11796c4067d8cd013a05000030105c12.$$_schemas_9f2c881475a483d6.cdf-ms", Destination = [l:124{62}]"\SystemRoot\WinSxS\FileMaps\$$_schemas_9f2c881475a483d6.cdf-ms"
3: Move File: Source = [l:204{102}]"\SystemRoot\WinSxS\Temp\PendingRenames\d446844067d8cd013b05000030105c12.$$_inf_3f581daba4c8c835.cdf-ms", Destination = [l:116{58}]"\SystemRoot\WinSxS\FileMaps\$$_inf_3f581daba4c8c835.cdf-ms"
4: Move File: Source = [l:216{108}]"\SystemRoot\WinSxS\Temp\PendingRenames\d446844067d8cd013c05000030105c12.$$_inf_msdtc_0ef70686e1d9b30c.cdf-ms", Destination = [l:128{64}]"\SystemRoot\WinSxS\FileMaps\$$_inf_msdtc_0ef70686e1d9b30c.cdf-ms"
5: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\9409894067d8cd013d05000030105c12.$$_inf_msdtc_0c0a_5b1ba2214f36971a.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_inf_msdtc_0c0a_5b1ba2214f36971a.cdf-ms"
6: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\b52d904067d8cd013e05000030105c12.$$_inf_msdtc_0000_5b1b81b54f36c82e.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_inf_msdtc_0000_5b1b81b54f36c82e.cdf-ms"
7: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\57d7a04067d8cd013f05000030105c12.$$_inf_bits_0ef6f148bde367d9.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_inf_bits_0ef6f148bde367d9.cdf-ms"
8: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\57d7a04067d8cd014005000030105c12.$$_inf_bits_
2012-12-12 09:50:24, Info CSI 0c0a_a03dbcd163e839d1.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_inf_bits_0c0a_a03dbcd163e839d1.cdf-ms"
9: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\d85caa4067d8cd014105000030105c12.$$_inf_bits_0000_a03dbf7d63e833bd.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_inf_bits_0000_a03dbf7d63e833bd.cdf-ms"
10: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\39beac4067d8cd014205000030105c12.$$_branding_1728f5d8b15e5263.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_branding_1728f5d8b15e5263.cdf-ms"
11: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\39beac4067d8cd014305000030105c12.$$_branding_shellbrd_be1f632087fb0947.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_branding_shellbrd_be1f632087fb0947.cdf-ms"
12: Move File: Source = [l:218{109}]"\SystemRoot\WinSxS\Temp\PendingRenames\bc4ec94067d8cd014405000030105c12.program_files_ffd0cbfc813cc4f1.cdf-ms", Destination = [l:130{65}]"\SystemRoot\WinSxS\FileMaps\program_files_ffd0cbfc813cc4f1.cdf-ms"
13: Move File: Source = [l:238{119}]"\SystemRoot\WinSxS\Temp\PendingRenames\1cb0cb4067d8cd014505000030105c12.program_files_dvd_maker_405775de8763ce75.cdf-ms", Destination = [l:150{75}]"\SystemRoot\WinSxS\FileMaps\program_files_dvd_maker_405775de8763ce75.cdf-ms"
14: Move File: Source = [l:250{125}]"\SystemRoot\WinSxS\Temp\PendingRenames\7c11ce4067d8cd014605000030105c12.program_files_dvd_maker_es-es_5c61cf3aeb9f51e6.cdf-ms", Destination = [l:162{81}]"\SystemRoot\WinSxS\FileMaps\program_files_dvd_maker_es-es_5c61cf3aeb9f51e6.cdf-ms"

POQ 12 ends.
2012-12-12 09:50:24, Info CSI 00000041 [SR] Verify complete
2012-12-12 09:50:24, Info CSI 00000042 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:24, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:27, Info CSI 00000044 Repair results created:
POQ 13 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\416b0f4267d8cd01ab05000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\416b0f4267d8cd01ac05000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\628f164267d8cd01ad05000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
3: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\c3f0184267d8cd01ae05000030105c12.$$_system32_codeintegrity_e9af9308cfc26dc2.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_system32_codeintegrity_e9af9308cfc26dc2.cdf-ms"
4: Move File: Source = [l:216{108}]"\SystemRoot\WinSxS\Temp\PendingRenames\a4d7244267d8cd01af05000030105c12.$$_resources_fbee56ab048ab239.cdf-ms", Destination = [l:128{64}]"\SystemRoot\WinSxS\FileMaps\$$_resources_fbee56ab048ab239.cdf-ms"
5: Move File: Source = [l:260{130}]"\SystemRoot\WinSxS\Temp\PendingRenames\0439274267d8cd01b005000030105c12.$$_resources_ease_of_access_themes_e29108c7f81ea04c.cdf-ms", Destination = [l:172{86}]"\SystemRoot\WinSxS\FileMaps\$$_resources_ease_of_access_themes_e29108c7f81ea04c.cdf-ms"
6: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\a6e2374267d8cd01b105000030105c12.$$_system32_wdi_perftrack_e5904ddd3f58b556.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_system32_wdi_perftrack_e5904ddd3f58b556.cdf-ms"
7: Move File: Source = [l:256{128}]"\SystemRoot\WinSxS\Temp\PendingRenames\a6e2374267d8cd01b205000030105c12.$$_system32_wdi_perftrack_traces_0af2b48360b94cec.cdf-ms", Destination = [l:168{84}]"\SystemRoot\WinSxS\FileMaps\$$_system32_wdi_perftrack_traces_0af2b48360b94cec.c
2012-12-12 09:50:27, Info CSI df-ms"
8: Move File: Source = [l:218{109}]"\SystemRoot\WinSxS\Temp\PendingRenames\a8ed4a4267d8cd01b305000030105c12.program_files_ffd0cbfc813cc4f1.cdf-ms", Destination = [l:130{65}]"\SystemRoot\WinSxS\FileMaps\program_files_ffd0cbfc813cc4f1.cdf-ms"
9: Move File: Source = [l:238{119}]"\SystemRoot\WinSxS\Temp\PendingRenames\a8ed4a4267d8cd01b405000030105c12.program_files_dvd_maker_405775de8763ce75.cdf-ms", Destination = [l:150{75}]"\SystemRoot\WinSxS\FileMaps\program_files_dvd_maker_405775de8763ce75.cdf-ms"
10: Move File: Source = [l:252{126}]"\SystemRoot\WinSxS\Temp\PendingRenames\69b04f4267d8cd01b505000030105c12.program_files_dvd_maker_shared_a54613779b918be2.cdf-ms", Destination = [l:164{82}]"\SystemRoot\WinSxS\FileMaps\program_files_dvd_maker_shared_a54613779b918be2.cdf-ms"
11: Move File: Source = [l:216{108}]"\SystemRoot\WinSxS\Temp\PendingRenames\8ad4564267d8cd01b605000030105c12.$$_servicing_fc2045b9046cc796.cdf-ms", Destination = [l:128{64}]"\SystemRoot\WinSxS\FileMaps\$$_servicing_fc2045b9046cc796.cdf-ms"
12: Move File: Source = [l:234{117}]"\SystemRoot\WinSxS\Temp\PendingRenames\ea35594267d8cd01b705000030105c12.$$_servicing_editions_596ea20ddafb9f7d.cdf-ms", Destination = [l:146{73}]"\SystemRoot\WinSxS\FileMaps\$$_servicing_editions_596ea20ddafb9f7d.cdf-ms"

POQ 13 ends.
2012-12-12 09:50:27, Info CSI 00000045 [SR] Verify complete
2012-12-12 09:50:27, Info CSI 00000046 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:27, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:28, Info CSI 00000048 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\pt-BR" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"pt-BR", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:28, Info CSI 00000049 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\ar-SA" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"ar-SA", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:28, Info CSI 0000004a Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\el-GR" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"el-GR", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 0000004b Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\ko-KR" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"ko-KR", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 0000004c Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\da-DK" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"da-DK", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 0000004d Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\et-EE" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"et-EE", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 0000004e Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\nl-NL" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"nl-NL", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 0000004f Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\sk-SK" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"sk-SK", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 00000050 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\hr-HR" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"hr-HR", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 00000051 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\hu-HU" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"hu-HU", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 00000052 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\pl-PL" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"pl-PL", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 00000053 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\es-ES" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"es-ES", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 00000054 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\bg-BG" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"bg-BG", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:29, Info CSI 00000055 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\ro-RO" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"ro-RO", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 00000056 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\cs-CZ" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"cs-CZ", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 00000057 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\sv-SE" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"sv-SE", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 00000058 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\de-DE" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"de-DE", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 00000059 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\lt-LT" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"lt-LT", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 0000005a Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\lv-LV" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"lv-LV", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 0000005b Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\th-TH" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"th-TH", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 0000005c Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\tr-TR" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"tr-TR", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 0000005d Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\it-IT" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"it-IT", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 0000005e Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\fi-FI" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"fi-FI", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 0000005f Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\fr-FR" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"fr-FR", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 00000060 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\ja-JP" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"ja-JP", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 00000061 Ignoring duplicate ownership for directory [l:68{34}]"\??\C:\Windows\System32\sr-Latn-CS" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:20{10}]"sr-Latn-CS", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 00000062 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\he-IL" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"he-IL", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:30, Info CSI 00000063 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\uk-UA" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"uk-UA", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:31, Info CSI 00000064 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\sl-SI" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"sl-SI", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:31, Info CSI 00000065 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\en-US" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"en-us", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:31, Info CSI 00000066 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\zh-CN" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"zh-CN", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:31, Info CSI 00000067 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\zh-TW" in component Microsoft-Windows-comdlg32.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"zh-TW", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:31, Info CSI 00000068 Repair results created:
POQ 14 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\09d0634367d8cd011c06000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\09d0634367d8cd011d06000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\29f46a4367d8cd011e06000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
3: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\eab66f4367d8cd011f06000030105c12.$$_system32_pt-br_5783f3346581bed3.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_pt-br_5783f3346581bed3.cdf-ms"
4: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\cb9d7b4367d8cd012006000030105c12.$$_system32_ar-sa_3b02d130904371b4.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ar-sa_3b02d130904371b4.cdf-ms"
5: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\4c23854367d8cd012106000030105c12.$$_system32_el-gr_429cd0b684dc71bd.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_el-gr_429cd0b684dc71bd.cdf-ms"
6: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\8e6b934367d8cd012206000030105c12.$$_system32_ko-kr_4e039de673c23e4a.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ko-kr_4e039de673c23e4a.cdf-ms"
7: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\d2beb44367d8cd012306000030105c12.$$_system32_da-dk_40b64d5e87b63595.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_da-dk_40b64d5e87b63595.cdf-ms"
8: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames
2012-12-12 09:50:31, Info CSI \5344be4367d8cd012406000030105c12.$$_system32_et-ee_429cb6e884dc9948.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_et-ee_429cb6e884dc9948.cdf-ms"
9: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\7468c54367d8cd012506000030105c12.$$_system32_nl-nl_53b6f9bc6b35343b.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_nl-nl_53b6f9bc6b35343b.cdf-ms"
10: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\f5edce4367d8cd012606000030105c12.$$_system32_sk-sk_5d374dfc5cf4b5c5.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_sk-sk_5d374dfc5cf4b5c5.cdf-ms"
11: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\3736dd4367d8cd012706000030105c12.$$_system32_hr-hr_485036ac7c4f596f.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_hr-hr_485036ac7c4f596f.cdf-ms"
12: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\575ae44367d8cd012806000030105c12.$$_system32_hu-hu_48503bf27c4f51d7.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_hu-hu_48503bf27c4f51d7.cdf-ms"
13: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\d8dfed4367d8cd012906000030105c12.$$_system32_pl-pl_5783e8f06581cd6f.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_pl-pl_5783e8f06581cd6f.cdf-ms"
14: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\5a65f74367d8cd012a06000030105c12.$$_system32_pt-pt_5783f7006581b92f.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_pt-pt_5783f7006581b92f.cdf-ms"
15: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\9bad054467d8cd012b06000030105c12.$$_system32_es-es_429cd1a084dc7119.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_es-es_429cd1a084dc7119.cdf-ms"
16: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\1c330f44
2012-12-12 09:50:31, Info CSI 67d8cd012c06000030105c12.$$_system32_bg-bg_3ce955ba8d69a9ab.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_bg-bg_3ce955ba8d69a9ab.cdf-ms"
17: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\3d57164467d8cd012d06000030105c12.$$_system32_ro-ro_5b50dd6a5fce5f0b.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ro-ro_5b50dd6a5fce5f0b.cdf-ms"
18: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\bedc1f4467d8cd012e06000030105c12.$$_system32_ru-ru_5b50e7f65fce4fdb.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ru-ru_5b50e7f65fce4fdb.cdf-ms"
19: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\3f62294467d8cd012f06000030105c12.$$_system32_cs-cz_3ecfefb68a8fc3f6.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_cs-cz_3ecfefb68a8fc3f6.cdf-ms"
20: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\6086304467d8cd013006000030105c12.$$_system32_sv-se_5d37410c5cf4ca56.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_sv-se_5d37410c5cf4ca56.cdf-ms"
21: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\e10b3a4467d8cd013106000030105c12.$$_system32_de-de_40b6416a87b647ef.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_de-de_40b6416a87b647ef.cdf-ms"
22: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\6291434467d8cd013206000030105c12.$$_system32_lt-lt_4fea189870e886c7.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_lt-lt_4fea189870e886c7.cdf-ms"
23: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\83b54a4467d8cd013306000030105c12.$$_system32_lv-lv_4fea1c1c70e881b7.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_lv-lv_4fea1c1c70e881b7.cdf-ms"
24: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\043b544467d8cd01
2012-12-12 09:50:31, Info CSI 3406000030105c12.$$_system32_th-th_5f1dc0505a1b09f7.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_th-th_5f1dc0505a1b09f7.cdf-ms"
25: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\255f5b4467d8cd013506000030105c12.$$_system32_tr-tr_5f1dd1e45a1af0a7.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_tr-tr_5f1dd1e45a1af0a7.cdf-ms"
26: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\0646674467d8cd013606000030105c12.$$_system32_it-it_4a36b1ca7975a0f9.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_it-it_4a36b1ca7975a0f9.cdf-ms"
27: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\e82c734467d8cd013706000030105c12.$$_system32_fi-fi_448337a68202d703.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_fi-fi_448337a68202d703.cdf-ms"
28: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\69b27c4467d8cd013806000030105c12.$$_system32_fr-fr_448347788202c03b.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_fr-fr_448347788202c03b.cdf-ms"
29: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\ea37864467d8cd013906000030105c12.$$_system32_ja-jp_4c1d2478769bf2f4.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ja-jp_4c1d2478769bf2f4.cdf-ms"
30: Move File: Source = [l:236{118}]"\SystemRoot\WinSxS\Temp\PendingRenames\6bbd8f4467d8cd013a06000030105c12.$$_system32_sr-latn-cs_36d1c3d11e65ce00.cdf-ms", Destination = [l:148{74}]"\SystemRoot\WinSxS\FileMaps\$$_system32_sr-latn-cs_36d1c3d11e65ce00.cdf-ms"
31: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\ec42994467d8cd013b06000030105c12.$$_system32_he-il_48502d1c7c4f6669.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_he-il_48502d1c7c4f6669.cdf-ms"
32: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\6dc8a24467d8cd
2012-12-12 09:50:31, Info CSI 013c06000030105c12.$$_system32_uk-ua_61042a3457416b73.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_uk-ua_61042a3457416b73.cdf-ms"
33: Move File: Source = [l:238{119}]"\SystemRoot\WinSxS\Temp\PendingRenames\ee4dac4467d8cd013d06000030105c12.$$_system32_msdtc_trace_f33466dc5bf36670.cdf-ms", Destination = [l:150{75}]"\SystemRoot\WinSxS\FileMaps\$$_system32_msdtc_trace_f33466dc5bf36670.cdf-ms"
34: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\70d3b54467d8cd013e06000030105c12.$$_system32_nb-no_53b700d66b352886.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_nb-no_53b700d66b352886.cdf-ms"
35: Move File: Source = [l:222{111}]"\SystemRoot\WinSxS\Temp\PendingRenames\b11bc44467d8cd013f06000030105c12.$$_system32_com_066545e3d047e7c7.cdf-ms", Destination = [l:134{67}]"\SystemRoot\WinSxS\FileMaps\$$_system32_com_066545e3d047e7c7.cdf-ms"
36: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\32a1cd4467d8cd014006000030105c12.$$_system32_sl-si_5d374a0c5cf4bbc8.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_sl-si_5d374a0c5cf4bbc8.cdf-ms"
37: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\1488d94467d8cd014106000030105c12.$$_system32_en-us_429cd25484dc6f94.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_en-us_429cd25484dc6f94.cdf-ms"
38: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\55d0e74467d8cd014206000030105c12.$$_system32_zh-cn_6a8499504900c466.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_zh-cn_6a8499504900c466.cdf-ms"
39: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\37b7f34467d8cd014306000030105c12.$$_system32_zh-hk_6a84939e4900ccf6.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_zh-hk_6a84939e4900ccf6.cdf-ms"
40: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\189eff4467d8cd
2012-12-12 09:50:31, Info CSI 014406000030105c12.$$_system32_zh-tw_6a84aa664900aad6.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_zh-tw_6a84aa664900aad6.cdf-ms"

POQ 14 ends.
2012-12-12 09:50:31, Info CSI 00000069 [SR] Verify complete
2012-12-12 09:50:31, Info CSI 0000006a [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:31, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:34, Info CSI 0000006c Ignoring duplicate ownership for directory [l:102{51}]"\??\C:\ProgramData\Microsoft\Crypto\DSS\MachineKeys" in component Microsoft-Windows-Crypto-keys, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:34, Info CSI 0000006d Ignoring duplicate ownership for directory [l:80{40}]"\??\C:\ProgramData\Microsoft\Crypto\Keys" in component Microsoft-Windows-Crypto-keys, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:34, Info CSI 0000006e Ignoring duplicate ownership for directory [l:102{51}]"\??\C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" in component Microsoft-Windows-Crypto-keys, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:34, Info CSI 0000006f Repair results created:
POQ 15 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\0953a74667d8cd01a906000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\69b4a94667d8cd01aa06000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\8ad8b04667d8cd01ab06000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
3: Move File: Source = [l:230{115}]"\SystemRoot\WinSxS\Temp\PendingRenames\4a9bb54667d8cd01ac06000030105c12.$$_system32_drivers_dc1b782427b5ee1b.cdf-ms", Destination = [l:142{71}]"\SystemRoot\WinSxS\FileMaps\$$_system32_drivers_dc1b782427b5ee1b.cdf-ms"
4: Move File: Source = [l:240{120}]"\SystemRoot\WinSxS\Temp\PendingRenames\abfcb74667d8cd01ad06000030105c12.$$_system32_drivers_umdf_a531b5dc588477d3.cdf-ms", Destination = [l:152{76}]"\SystemRoot\WinSxS\FileMaps\$$_system32_drivers_umdf_a531b5dc588477d3.cdf-ms"
5: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\0b5eba4667d8cd01ae06000030105c12.$$_system32_logfiles_wudf_082845cc19e06817.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_system32_logfiles_wudf_082845cc19e06817.cdf-ms"
6: Move File: Source = [l:206{103}]"\SystemRoot\WinSxS\Temp\PendingRenames\cc20bf4667d8cd01af06000030105c12.$$_temp_401038c9a18c18c0.cdf-ms", Destination = [l:118{59}]"\SystemRoot\WinSxS\FileMaps\$$_temp_401038c9a18c18c0.cdf-ms"
7: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\ec44c64667d8cd01b006000030105c12.$$_syswow64_21ffbdd2a2dd92e0.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_syswow64_21ffbdd2a2dd92e0.cdf-ms"
8: Move File: Source = [l:280{140}]"\SystemRoot\WinSxS\Temp\PendingRenam
2012-12-12 09:50:34, Info CSI es\51bcee4667d8cd01b106000030105c12.programdata_microsoft_crypto_dss_machinekeys_43de8c451bf80cb4.cdf-ms", Destination = [l:192{96}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_crypto_dss_machinekeys_43de8c451bf80cb4.cdf-ms"
9: Move File: Source = [l:258{129}]"\SystemRoot\WinSxS\Temp\PendingRenames\51bcee4667d8cd01b206000030105c12.programdata_microsoft_crypto_keys_584b284368b25bef.cdf-ms", Destination = [l:170{85}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_crypto_keys_584b284368b25bef.cdf-ms"
10: Move File: Source = [l:280{140}]"\SystemRoot\WinSxS\Temp\PendingRenames\b11df14667d8cd01b306000030105c12.programdata_microsoft_crypto_rsa_machinekeys_aa739417efae0d58.cdf-ms", Destination = [l:192{96}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_crypto_rsa_machinekeys_aa739417efae0d58.cdf-ms"

POQ 15 ends.
2012-12-12 09:50:34, Info CSI 00000070 [SR] Verify complete
2012-12-12 09:50:35, Info CSI 00000071 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:35, Info CSI 00000072 [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:38, Info CSI 00000073 Repair results created:
POQ 16 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\81ae914867d8cd011807000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\81ae914867d8cd011907000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\a2d2984867d8cd011a07000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
3: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\63959d4867d8cd011b07000030105c12.$$_system32_dism_066548addf2fbd4b.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_system32_dism_066548addf2fbd4b.cdf-ms"
4: Move File: Source = [l:236{118}]"\SystemRoot\WinSxS\Temp\PendingRenames\4687bc4867d8cd011c07000030105c12.$$_system32_dism_es-es_064f1c5a6d087636.cdf-ms", Destination = [l:148{74}]"\SystemRoot\WinSxS\FileMaps\$$_system32_dism_es-es_064f1c5a6d087636.cdf-ms"
5: Move File: Source = [l:236{118}]"\SystemRoot\WinSxS\Temp\PendingRenames\e830cd4867d8cd011d07000030105c12.$$_system32_ime_shared_5a5b3a5824d8fee4.cdf-ms", Destination = [l:148{74}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ime_shared_5a5b3a5824d8fee4.cdf-ms"
6: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\e830cd4867d8cd011e07000030105c12.$$_system32_ime_shared_res_791e6438104a0cf8.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ime_shared_res_791e6438104a0cf8.cdf-ms"
7: Move File: Source = [l:204{102}]"\SystemRoot\WinSxS\Temp\PendingRenames\69b6d64867d8cd011f07000030105c12.$$_ime_3f581be9a4c8cabd.cdf-ms", Destination = [l:116{58}]"\SystemRoot\WinSxS\FileMaps\$$_ime_3f581be9a4c8cabd.cdf-ms"
8: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\
2012-12-12 09:50:38, Info CSI PendingRenames\c917d94867d8cd012007000030105c12.$$_ime_imejp10_dicts_281006c600450618.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_ime_imejp10_dicts_281006c600450618.cdf-ms"
9: Move File: Source = [l:230{115}]"\SystemRoot\WinSxS\Temp\PendingRenames\c917d94867d8cd012107000030105c12.$$_ime_imejp10_help_280ffde19e779392.cdf-ms", Destination = [l:142{71}]"\SystemRoot\WinSxS\FileMaps\$$_ime_imejp10_help_280ffde19e779392.cdf-ms"
10: Move File: Source = [l:238{119}]"\SystemRoot\WinSxS\Temp\PendingRenames\4b9de24867d8cd012207000030105c12.$$_system32_ime_imejp10_aead4918eed09977.cdf-ms", Destination = [l:150{75}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ime_imejp10_aead4918eed09977.cdf-ms"
11: Move File: Source = [l:254{127}]"\SystemRoot\WinSxS\Temp\PendingRenames\4b9de24867d8cd012307000030105c12.$$_system32_ime_imejp10_applets_bad04da37647b46c.cdf-ms", Destination = [l:166{83}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ime_imejp10_applets_bad04da37647b46c.cdf-ms"
12: Move File: Source = [l:248{124}]"\SystemRoot\WinSxS\Temp\PendingRenames\8ce5f04867d8cd012407000030105c12.$$_diagnostics_system_device_9d2d754600160183.cdf-ms", Destination = [l:160{80}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_device_9d2d754600160183.cdf-ms"
13: Move File: Source = [l:260{130}]"\SystemRoot\WinSxS\Temp\PendingRenames\ec46f34867d8cd012507000030105c12.$$_diagnostics_system_device_es-es_3d9803aeee3cc710.cdf-ms", Destination = [l:172{86}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_device_es-es_3d9803aeee3cc710.cdf-ms"
14: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\d038124967d8cd012607000030105c12.$$_system32_wdi_perftrack_e5904ddd3f58b556.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_system32_wdi_perftrack_e5904ddd3f58b556.cdf-ms"
15: Move File: Source = [l:260{130}]"\SystemRoot\WinSxS\Temp\PendingRenames\91fb164967d8cd012707000030105c12.$$_diagnostics_system_devicecenter_0e1655bf357f4c22.cdf-ms", Destination = [l:172{86}]"\System
2012-12-12 09:50:38, Info CSI Root\WinSxS\FileMaps\$$_diagnostics_system_devicecenter_0e1655bf357f4c22.cdf-ms"
16: Move File: Source = [l:272{136}]"\SystemRoot\WinSxS\Temp\PendingRenames\f15c194967d8cd012807000030105c12.$$_diagnostics_system_devicecenter_es-es_63ad6b6234e90227.cdf-ms", Destination = [l:184{92}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_devicecenter_es-es_63ad6b6234e90227.cdf-ms"

POQ 16 ends.
2012-12-12 09:50:38, Info CSI 00000074 [SR] Verify complete
2012-12-12 09:50:38, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:38, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:41, Info CSI 00000077 Repair results created:
POQ 17 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\70d93c4b67d8cd018d07000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\70d93c4b67d8cd018e07000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:248{124}]"\SystemRoot\WinSxS\Temp\PendingRenames\70d93c4b67d8cd018f07000030105c12.$$_diagnostics_system_device_9d2d754600160183.cdf-ms", Destination = [l:160{80}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_device_9d2d754600160183.cdf-ms"
3: Move File: Source = [l:260{130}]"\SystemRoot\WinSxS\Temp\PendingRenames\f15e464b67d8cd019007000030105c12.$$_diagnostics_system_devicecenter_0e1655bf357f4c22.cdf-ms", Destination = [l:172{86}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_devicecenter_0e1655bf357f4c22.cdf-ms"
4: Set Key Value: Key = [l:168{84}]"\Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Generalize", Value = [l:76{38}]"{456390a1-55f7-353b-b1a6-321233838362}", Type = REG_SZ (1), Data = {l:110 b:43003a005c00570069006e0064006f00770073005c00530079007300740065006d00330032005c00640068006300700063007300760063002e0064006c006c002c00440068006300700043006c00690065006e0074005f00470065006e006500720061006c0069007a0065000000}

POQ 17 ends.
2012-12-12 09:50:41, Info CSI 00000078 [SR] Verify complete
2012-12-12 09:50:42, Info CSI 00000079 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:42, Info CSI 0000007a [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:45, Info CSI 0000007b Repair results created:
POQ 18 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\fe21cf4c67d8cd01f507000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:218{109}]"\SystemRoot\WinSxS\Temp\PendingRenames\fe21cf4c67d8cd01f607000030105c12.program_files_ffd0cbfc813cc4f1.cdf-ms", Destination = [l:130{65}]"\SystemRoot\WinSxS\FileMaps\program_files_ffd0cbfc813cc4f1.cdf-ms"
2: Move File: Source = [l:250{125}]"\SystemRoot\WinSxS\Temp\PendingRenames\5e83d14c67d8cd01f707000030105c12.program_files_windows_sidebar_8d6dbc4becba56da.cdf-ms", Destination = [l:162{81}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_8d6dbc4becba56da.cdf-ms"
3: Move File: Source = [l:266{133}]"\SystemRoot\WinSxS\Temp\PendingRenames\5e83d14c67d8cd01f807000030105c12.program_files_windows_sidebar_gadgets_265d2ddf4d58a723.cdf-ms", Destination = [l:178{89}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_265d2ddf4d58a723.cdf-ms"
4: Move File: Source = [l:304{152}]"\SystemRoot\WinSxS\Temp\PendingRenames\bfe4d34c67d8cd01f907000030105c12.program_files_windows_sidebar_gadgets_mediacenter.gadget_f08b590d17819d36.cdf-ms", Destination = [l:216{108}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_mediacenter.gadget_f08b590d17819d36.cdf-ms"
5: Move File: Source = [l:316{158}]"\SystemRoot\WinSxS\Temp\PendingRenames\1f46d64c67d8cd01fa07000030105c12.program_files_windows_sidebar_gadgets_mediacenter.gadget_es-es_0eda238b7d8cb001.cdf-ms", Destination = [l:228{114}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_mediacenter.gadget_es-es_0eda238b7d8cb001.cdf-ms"
6: Move File: Source = [l:302{151}]"\SystemRoot\WinSxS\Temp\PendingRenames\4480034d67d8cd01fb07000030105c12.programdata_microsoft_windows_devicemetadatastore_en-us_cc94fe8746890b55.cdf-ms", Destination = [l:214{107}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_windows_dev
2012-12-12 09:50:45, Info CSI icemetadatastore_en-us_cc94fe8746890b55.cdf-ms"
7: Move File: Source = [l:346{173}]"\SystemRoot\WinSxS\Temp\PendingRenames\0543084d67d8cd01fc07000030105c12.programdata_microsoft_device_stage_task_07deb856-fc6e-4fb9-8add-d8f2cf8722c9__0ce7c057892d5774.cdf-ms", Destination = [l:258{129}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_device_stage_task_07deb856-fc6e-4fb9-8add-d8f2cf8722c9__0ce7c057892d5774.cdf-ms"
8: Move File: Source = [l:350{175}]"\SystemRoot\WinSxS\Temp\PendingRenames\65a40a4d67d8cd01fd07000030105c12.programdata_microsoft_device_stage_device_8702d817-5aad-4674-9ef3-4d3decd87120__8740ea4a07ab72cd.cdf-ms", Destination = [l:262{131}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_device_stage_device_8702d817-5aad-4674-9ef3-4d3decd87120__8740ea4a07ab72cd.cdf-ms"
9: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\468b164d67d8cd01fe07000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
10: Move File: Source = [l:208{104}]"\SystemRoot\WinSxS\Temp\PendingRenames\a7ec184d67d8cd01ff07000030105c12.$$_ehome_40103e2da1d121de.cdf-ms", Destination = [l:120{60}]"\SystemRoot\WinSxS\FileMaps\$$_ehome_40103e2da1d121de.cdf-ms"
11: Move File: Source = [l:216{108}]"\SystemRoot\WinSxS\Temp\PendingRenames\a7ec184d67d8cd010008000030105c12.$$_ehome_mcx_022df17cf4546600.cdf-ms", Destination = [l:128{64}]"\SystemRoot\WinSxS\FileMaps\$$_ehome_mcx_022df17cf4546600.cdf-ms"
12: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\a7ec184d67d8cd010108000030105c12.$$_ehome_mcx_x02_7afb1a3b86c42e5e.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_ehome_mcx_x02_7afb1a3b86c42e5e.cdf-ms"
13: Move File: Source = [l:310{155}]"\SystemRoot\WinSxS\Temp\PendingRenames\2872224d67d8cd010208000030105c12.program_files_windows_sidebar_gadgets_mediacenter.gadget_js_8dda2a54ef707137.cdf-ms", Destination = [l:222{111}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_mediacenter.gadget_js_8dda2a54
2012-12-12 09:50:45, Info CSI ef707137.cdf-ms"
14: Move File: Source = [l:318{159}]"\SystemRoot\WinSxS\Temp\PendingRenames\88d3244d67d8cd010308000030105c12.program_files_windows_sidebar_gadgets_mediacenter.gadget_images_15a18af15dc71ee0.cdf-ms", Destination = [l:230{115}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_mediacenter.gadget_images_15a18af15dc71ee0.cdf-ms"
15: Move File: Source = [l:312{156}]"\SystemRoot\WinSxS\Temp\PendingRenames\88d3244d67d8cd010408000030105c12.program_files_windows_sidebar_gadgets_mediacenter.gadget_css_8dda2b51661abce9.cdf-ms", Destination = [l:224{112}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_mediacenter.gadget_css_8dda2b51661abce9.cdf-ms"

POQ 18 ends.
2012-12-12 09:50:45, Info CSI 0000007c [SR] Verify complete
2012-12-12 09:50:45, Info CSI 0000007d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:45, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:48, Info CSI 0000007f Repair results created:
POQ 19 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\3740be4e67d8cd016908000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\3740be4e67d8cd016a08000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:208{104}]"\SystemRoot\WinSxS\Temp\PendingRenames\97a1c04e67d8cd016b08000030105c12.$$_ehome_40103e2da1d121de.cdf-ms", Destination = [l:120{60}]"\SystemRoot\WinSxS\FileMaps\$$_ehome_40103e2da1d121de.cdf-ms"
3: Move File: Source = [l:220{110}]"\SystemRoot\WinSxS\Temp\PendingRenames\f802c34e67d8cd016c08000030105c12.$$_ehome_es-es_1a0f033333096bff.cdf-ms", Destination = [l:132{66}]"\SystemRoot\WinSxS\FileMaps\$$_ehome_es-es_1a0f033333096bff.cdf-ms"
4: Move File: Source = [l:204{102}]"\SystemRoot\WinSxS\Temp\PendingRenames\b8c5c74e67d8cd016d08000030105c12.$$_inf_3f581daba4c8c835.cdf-ms", Destination = [l:116{58}]"\SystemRoot\WinSxS\FileMaps\$$_inf_3f581daba4c8c835.cdf-ms"
5: Move File: Source = [l:216{108}]"\SystemRoot\WinSxS\Temp\PendingRenames\1927ca4e67d8cd016e08000030105c12.$$_inf_esent_0ef70656e1d1b1ac.cdf-ms", Destination = [l:128{64}]"\SystemRoot\WinSxS\FileMaps\$$_inf_esent_0ef70656e1d1b1ac.cdf-ms"
6: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\7988cc4e67d8cd016f08000030105c12.$$_inf_esent_0c0a_5aeb96514bde407a.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_inf_esent_0c0a_5aeb96514bde407a.cdf-ms"
7: Move File: Source = [l:212{106}]"\SystemRoot\WinSxS\Temp\PendingRenames\394bd14e67d8cd017008000030105c12.$$_schemas_9f2c881475a483d6.cdf-ms", Destination = [l:124{62}]"\SystemRoot\WinSxS\FileMaps\$$_schemas_9f2c881475a483d6.cdf-ms"
8: Move File: Source = [l:234{117}]"\SystemRoot\WinSxS\Temp\PendingRenames\9aacd34e67d8cd017108000030105c12.$$_schemas_eapmethods_29
2012-12-12 09:50:48, Info CSI 35fdc1307d3ad6.cdf-ms", Destination = [l:146{73}]"\SystemRoot\WinSxS\FileMaps\$$_schemas_eapmethods_2935fdc1307d3ad6.cdf-ms"
9: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\86ca3e4f67d8cd017208000030105c12.$$_inf_esent_0000_5aeb75e54bde718e.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_inf_esent_0000_5aeb75e54bde718e.cdf-ms"
10: Move File: Source = [l:228{114}]"\SystemRoot\WinSxS\Temp\PendingRenames\88d5514f67d8cd017308000030105c12.$$_schemas_eaphost_52e2de002c0b1796.cdf-ms", Destination = [l:140{70}]"\SystemRoot\WinSxS\FileMaps\$$_schemas_eaphost_52e2de002c0b1796.cdf-ms"
11: Move File: Source = [l:236{118}]"\SystemRoot\WinSxS\Temp\PendingRenames\095b5b4f67d8cd017408000030105c12.$$_ehome_mediarenderer_923295b945ee30c7.cdf-ms", Destination = [l:148{74}]"\SystemRoot\WinSxS\FileMaps\$$_ehome_mediarenderer_923295b945ee30c7.cdf-ms"

POQ 19 ends.
2012-12-12 09:50:48, Info CSI 00000080 [SR] Verify complete
2012-12-12 09:50:49, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:49, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:52, Info CSI 00000083 Ignoring duplicate ownership for directory [l:28{14}]"\??\C:\Windows" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000084 Ignoring duplicate ownership for directory [l:56{28}]"\??\C:\Windows\Microsoft.NET" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000085 Ignoring duplicate ownership for directory [l:76{38}]"\??\C:\Windows\Microsoft.NET\Framework" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000086 Ignoring duplicate ownership for directory [l:98{49}]"\??\C:\Windows\Microsoft.NET\Framework\v2.0.50727" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000087 Ignoring duplicate ownership for directory [l:112{56}]"\??\C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000088 Ignoring duplicate ownership for directory [l:96{48}]"\??\C:\Windows\Microsoft.NET\Framework\v1.0.3705" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000089 Ignoring duplicate ownership for directory [l:38{19}]"\??\C:\Windows\temp" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000008a Ignoring duplicate ownership for directory [l:40{20}]"\??\C:\Windows\media" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000008b Ignoring duplicate ownership for directory [l:52{26}]"\??\C:\Windows\media\Delta" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000008c Ignoring duplicate ownership for directory [l:54{27}]"\??\C:\Windows\media\Sonata" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000008d Ignoring duplicate ownership for directory [l:60{30}]"\??\C:\Windows\media\Afternoon" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000008e Ignoring duplicate ownership for directory [l:60{30}]"\??\C:\Windows\media\Landscape" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000008f Ignoring duplicate ownership for directory [l:54{27}]"\??\C:\Windows\media\Quirky" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000090 Ignoring duplicate ownership for directory [l:56{28}]"\??\C:\Windows\media\Savanna" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000091 Ignoring duplicate ownership for directory [l:54{27}]"\??\C:\Windows\media\Garden" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000092 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\media\Festival" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000093 Ignoring duplicate ownership for directory [l:50{25}]"\??\C:\Windows\media\Raga" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000094 Ignoring duplicate ownership for directory [l:64{32}]"\??\C:\Windows\media\Calligraphy" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000095 Ignoring duplicate ownership for directory [l:62{31}]"\??\C:\Windows\media\Characters" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000096 Ignoring duplicate ownership for directory [l:60{30}]"\??\C:\Windows\media\Cityscape" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000097 Ignoring duplicate ownership for directory [l:36{18}]"\??\C:\Windows\inf" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000098 Ignoring duplicate ownership for directory [l:48{24}]"\??\C:\Windows\L2Schemas" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 00000099 Ignoring duplicate ownership for directory [l:64{32}]"\??\C:\Windows\PolicyDefinitions" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000009a Ignoring duplicate ownership for directory [l:42{21}]"\??\C:\Windows\system" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000009b Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\setup" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000009c Ignoring duplicate ownership for directory [l:62{31}]"\??\C:\Windows\System32\drivers" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000009d Ignoring duplicate ownership for directory [l:70{35}]"\??\C:\Windows\System32\drivers\etc" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000009e Ignoring duplicate ownership for directory [l:40{20}]"\??\C:\Windows\fonts" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 0000009f Ignoring duplicate ownership for directory [l:46{23}]"\??\C:\Windows\apppatch" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 000000a0 Ignoring duplicate ownership for directory [l:36{18}]"\??\C:\Windows\Web" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:52, Info CSI 000000a1 Ignoring duplicate ownership for directory [l:48{24}]"\??\C:\Windows\resources" in component Microsoft-Windows-Foundation-Default-Security, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:53, Info CSI 000000a2 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\es-ES" in component Microsoft-Windows-Foundation-Default-Security.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"es-ES", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:53, Info CSI 000000a3 Ignoring duplicate ownership for directory [l:120{60}]"\??\C:\Program Files\Common Files\microsoft shared\ink\es-ES" in component Microsoft-Windows-Foundation-Default-Security.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"es-ES", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:50:54, Info CSI 000000a4 Repair results created:
POQ 20 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\e217485167d8cd01d908000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:218{109}]"\SystemRoot\WinSxS\Temp\PendingRenames\42794a5167d8cd01da08000030105c12.program_files_ffd0cbfc813cc4f1.cdf-ms", Destination = [l:130{65}]"\SystemRoot\WinSxS\FileMaps\program_files_ffd0cbfc813cc4f1.cdf-ms"
2: Move File: Source = [l:254{127}]"\SystemRoot\WinSxS\Temp\PendingRenames\44845d5167d8cd01db08000030105c12.program_files_internet_explorer_a421d1bfaf856e2b.cdf-ms", Destination = [l:166{83}]"\SystemRoot\WinSxS\FileMaps\program_files_internet_explorer_a421d1bfaf856e2b.cdf-ms"
3: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\0547625167d8cd01dc08000030105c12.program_files_common_files_d7a65bb2f0e854e7.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_d7a65bb2f0e854e7.cdf-ms"
4: Move File: Source = [l:278{139}]"\SystemRoot\WinSxS\Temp\PendingRenames\65a8645167d8cd01dd08000030105c12.program_files_common_files_microsoft_shared_818c5a0e45020fba.cdf-ms", Destination = [l:190{95}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_microsoft_shared_818c5a0e45020fba.cdf-ms"
5: Move File: Source = [l:286{143}]"\SystemRoot\WinSxS\Temp\PendingRenames\c609675167d8cd01de08000030105c12.program_files_common_files_microsoft_shared_ink_3c86e3db0b3b254c.cdf-ms", Destination = [l:198{99}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_microsoft_shared_ink_3c86e3db0b3b254c.cdf-ms"
6: Move File: Source = [l:300{150}]"\SystemRoot\WinSxS\Temp\PendingRenames\266b695167d8cd01df08000030105c12.program_files_common_files_microsoft_shared_stationery_3f6c21eb4ac66a56.cdf-ms", Destination = [l:212{106}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_microsoft_shared_stationery_3f6c21eb4ac66a56.cdf-ms"
7: Move File: Source = [l
2012-12-12 09:50:54, Info CSI :258{129}]"\SystemRoot\WinSxS\Temp\PendingRenames\e62d6e5167d8cd01e008000030105c12.program_files_common_files_system_b13078daf1286f60.cdf-ms", Destination = [l:170{85}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_system_b13078daf1286f60.cdf-ms"
8: Move File: Source = [l:266{133}]"\SystemRoot\WinSxS\Temp\PendingRenames\e62d6e5167d8cd01e108000030105c12.program_files_common_files_system_ado_149a784bc852a2c0.cdf-ms", Destination = [l:178{89}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_system_ado_149a784bc852a2c0.cdf-ms"
9: Move File: Source = [l:270{135}]"\SystemRoot\WinSxS\Temp\PendingRenames\478f705167d8cd01e208000030105c12.program_files_common_files_system_msadc_48cda3763ecb3874.cdf-ms", Destination = [l:182{91}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_system_msadc_48cda3763ecb3874.cdf-ms"
10: Move File: Source = [l:272{136}]"\SystemRoot\WinSxS\Temp\PendingRenames\478f705167d8cd01e308000030105c12.program_files_common_files_system_ole_db_48d1b11cd4e5cabe.cdf-ms", Destination = [l:184{92}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_system_ole_db_48d1b11cd4e5cabe.cdf-ms"
11: Move File: Source = [l:240{120}]"\SystemRoot\WinSxS\Temp\PendingRenames\a7f0725167d8cd01e408000030105c12.program_files_windows_nt_6101456faac5015c.cdf-ms", Destination = [l:152{76}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_nt_6101456faac5015c.cdf-ms"
12: Move File: Source = [l:274{137}]"\SystemRoot\WinSxS\Temp\PendingRenames\0752755167d8cd01e508000030105c12.program_files_windows_nt_tabletextservice_9475b2de2d92bc74.cdf-ms", Destination = [l:186{93}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_nt_tabletextservice_9475b2de2d92bc74.cdf-ms"
13: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\0752755167d8cd01e608000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
14: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\0752755167d8cd01e708000030105c12.$$_microsoft.net_3296b36
2012-12-12 09:50:54, Info CSI dbe4c7fa3.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_3296b36dbe4c7fa3.cdf-ms"
15: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\c8147a5167d8cd01e808000030105c12.$$_microsoft.net_framework_83386eac0379231b.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_83386eac0379231b.cdf-ms"
16: Move File: Source = [l:266{133}]"\SystemRoot\WinSxS\Temp\PendingRenames\28767c5167d8cd01e908000030105c12.$$_microsoft.net_framework_v2.0.50727_e9368840261e60ee.cdf-ms", Destination = [l:178{89}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v2.0.50727_e9368840261e60ee.cdf-ms"
17: Move File: Source = [l:280{140}]"\SystemRoot\WinSxS\Temp\PendingRenames\88d77e5167d8cd01ea08000030105c12.$$_microsoft.net_framework_v2.0.50727_config_9a0d48f3c07d2a12.cdf-ms", Destination = [l:192{96}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v2.0.50727_config_9a0d48f3c07d2a12.cdf-ms"
18: Move File: Source = [l:264{132}]"\SystemRoot\WinSxS\Temp\PendingRenames\e938815167d8cd01eb08000030105c12.$$_microsoft.net_framework_v1.0.3705_b19cf3207984c497.cdf-ms", Destination = [l:176{88}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v1.0.3705_b19cf3207984c497.cdf-ms"
19: Move File: Source = [l:206{103}]"\SystemRoot\WinSxS\Temp\PendingRenames\e938815167d8cd01ec08000030105c12.$$_temp_401038c9a18c18c0.cdf-ms", Destination = [l:118{59}]"\SystemRoot\WinSxS\FileMaps\$$_temp_401038c9a18c18c0.cdf-ms"
20: Move File: Source = [l:208{104}]"\SystemRoot\WinSxS\Temp\PendingRenames\e938815167d8cd01ed08000030105c12.$$_media_401039ffa1d92906.cdf-ms", Destination = [l:120{60}]"\SystemRoot\WinSxS\FileMaps\$$_media_401039ffa1d92906.cdf-ms"
21: Move File: Source = [l:220{110}]"\SystemRoot\WinSxS\Temp\PendingRenames\499a835167d8cd01ee08000030105c12.$$_media_delta_0f36d7d9b4f7293c.cdf-ms", Destination = [l:132{66}]"\SystemRoot\WinSxS\FileMaps\$$_media_delta_0f36d7d9b4f7293c.cdf-ms"
22: Move File: Source = [l:222{111}]"
2012-12-12 09:50:54, Info CSI \SystemRoot\WinSxS\Temp\PendingRenames\499a835167d8cd01ef08000030105c12.$$_media_sonata_6b55eb3f91aab49e.cdf-ms", Destination = [l:134{67}]"\SystemRoot\WinSxS\FileMaps\$$_media_sonata_6b55eb3f91aab49e.cdf-ms"
23: Move File: Source = [l:228{114}]"\SystemRoot\WinSxS\Temp\PendingRenames\499a835167d8cd01f008000030105c12.$$_media_afternoon_ae5d080a6a887942.cdf-ms", Destination = [l:140{70}]"\SystemRoot\WinSxS\FileMaps\$$_media_afternoon_ae5d080a6a887942.cdf-ms"
24: Move File: Source = [l:228{114}]"\SystemRoot\WinSxS\Temp\PendingRenames\499a835167d8cd01f108000030105c12.$$_media_landscape_e9488ca8249a3acf.cdf-ms", Destination = [l:140{70}]"\SystemRoot\WinSxS\FileMaps\$$_media_landscape_e9488ca8249a3acf.cdf-ms"
25: Move File: Source = [l:222{111}]"\SystemRoot\WinSxS\Temp\PendingRenames\a9fb855167d8cd01f208000030105c12.$$_media_quirky_6baa21a590d24b57.cdf-ms", Destination = [l:134{67}]"\SystemRoot\WinSxS\FileMaps\$$_media_quirky_6baa21a590d24b57.cdf-ms"
26: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\a9fb855167d8cd01f308000030105c12.$$_media_savanna_6b39e54d8ae1e5ca.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_media_savanna_6b39e54d8ae1e5ca.cdf-ms"
27: Move File: Source = [l:222{111}]"\SystemRoot\WinSxS\Temp\PendingRenames\a9fb855167d8cd01f408000030105c12.$$_media_garden_6cea56938e5bd6b1.cdf-ms", Destination = [l:134{67}]"\SystemRoot\WinSxS\FileMaps\$$_media_garden_6cea56938e5bd6b1.cdf-ms"
28: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\a9fb855167d8cd01f508000030105c12.$$_media_festival_d2aa354bee3f11cc.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_media_festival_d2aa354bee3f11cc.cdf-ms"
29: Move File: Source = [l:218{109}]"\SystemRoot\WinSxS\Temp\PendingRenames\095d885167d8cd01f608000030105c12.$$_media_raga_d0fd3c9ac0f8ab1b.cdf-ms", Destination = [l:130{65}]"\SystemRoot\WinSxS\FileMaps\$$_media_raga_d0fd3c9ac0f8ab1b.cdf-ms"
30: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\Pe
2012-12-12 09:50:54, Info CSI ndingRenames\095d885167d8cd01f708000030105c12.$$_media_calligraphy_7b7c7a996fa5cd3c.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_media_calligraphy_7b7c7a996fa5cd3c.cdf-ms"
31: Move File: Source = [l:230{115}]"\SystemRoot\WinSxS\Temp\PendingRenames\095d885167d8cd01f808000030105c12.$$_media_characters_8ee06d90f7dead3a.cdf-ms", Destination = [l:142{71}]"\SystemRoot\WinSxS\FileMaps\$$_media_characters_8ee06d90f7dead3a.cdf-ms"
32: Move File: Source = [l:228{114}]"\SystemRoot\WinSxS\Temp\PendingRenames\095d885167d8cd01f908000030105c12.$$_media_cityscape_b0cbff7c81824cc5.cdf-ms", Destination = [l:140{70}]"\SystemRoot\WinSxS\FileMaps\$$_media_cityscape_b0cbff7c81824cc5.cdf-ms"
33: Move File: Source = [l:204{102}]"\SystemRoot\WinSxS\Temp\PendingRenames\6abe8a5167d8cd01fa08000030105c12.$$_inf_3f581daba4c8c835.cdf-ms", Destination = [l:116{58}]"\SystemRoot\WinSxS\FileMaps\$$_inf_3f581daba4c8c835.cdf-ms"
34: Move File: Source = [l:216{108}]"\SystemRoot\WinSxS\Temp\PendingRenames\6abe8a5167d8cd01fb08000030105c12.$$_l2schemas_d7bb5637381de58c.cdf-ms", Destination = [l:128{64}]"\SystemRoot\WinSxS\FileMaps\$$_l2schemas_d7bb5637381de58c.cdf-ms"
35: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\2a818f5167d8cd01fc08000030105c12.$$_policydefinitions_89130cdfc4d9c27c.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_policydefinitions_89130cdfc4d9c27c.cdf-ms"
36: Move File: Source = [l:210{105}]"\SystemRoot\WinSxS\Temp\PendingRenames\8ae2915167d8cd01fd08000030105c12.$$_system_4c3aa2308f9f8f41.cdf-ms", Destination = [l:122{61}]"\SystemRoot\WinSxS\FileMaps\$$_system_4c3aa2308f9f8f41.cdf-ms"
37: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\4ba5965167d8cd01fe08000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
38: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\ab06995167d8cd01ff08000030105c12.$$_s
2012-12-12 09:50:54, Info CSI ystem32_oobe_06655c95df2fa06f.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_system32_oobe_06655c95df2fa06f.cdf-ms"
39: Move File: Source = [l:228{114}]"\SystemRoot\WinSxS\Temp\PendingRenames\0c689b5167d8cd010009000030105c12.$$_system32_migwiz_2650d8d30fee1fe9.cdf-ms", Destination = [l:140{70}]"\SystemRoot\WinSxS\FileMaps\$$_system32_migwiz_2650d8d30fee1fe9.cdf-ms"
40: Move File: Source = [l:230{115}]"\SystemRoot\WinSxS\Temp\PendingRenames\6cc99d5167d8cd010109000030105c12.$$_system32_inetsrv_e6240a381854fe3d.cdf-ms", Destination = [l:142{71}]"\SystemRoot\WinSxS\FileMaps\$$_system32_inetsrv_e6240a381854fe3d.cdf-ms"
41: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\2c8ca25167d8cd010209000030105c12.$$_system32_setup_5d3758a05cf4a445.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_setup_5d3758a05cf4a445.cdf-ms"
42: Move File: Source = [l:234{117}]"\SystemRoot\WinSxS\Temp\PendingRenames\ed4ea75167d8cd010309000030105c12.$$_system32_migration_927a21df1acd7c18.cdf-ms", Destination = [l:146{73}]"\SystemRoot\WinSxS\FileMaps\$$_system32_migration_927a21df1acd7c18.cdf-ms"
43: Move File: Source = [l:230{115}]"\SystemRoot\WinSxS\Temp\PendingRenames\4db0a95167d8cd010409000030105c12.$$_system32_drivers_dc1b782427b5ee1b.cdf-ms", Destination = [l:142{71}]"\SystemRoot\WinSxS\FileMaps\$$_system32_drivers_dc1b782427b5ee1b.cdf-ms"
44: Move File: Source = [l:238{119}]"\SystemRoot\WinSxS\Temp\PendingRenames\ad11ac5167d8cd010509000030105c12.$$_system32_drivers_etc_a531967eb3dfecbd.cdf-ms", Destination = [l:150{75}]"\SystemRoot\WinSxS\FileMaps\$$_system32_drivers_etc_a531967eb3dfecbd.cdf-ms"
45: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\6ed4b05167d8cd010609000030105c12.$$_system32_wbem_06656d9fdf2f8577.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_system32_wbem_06656d9fdf2f8577.cdf-ms"
46: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\ce35b35167d8cd01070
2012-12-12 09:50:54, Info CSI 9000030105c12.$$_system32_wbem_tmf_026f0fb07227ea72.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_system32_wbem_tmf_026f0fb07227ea72.cdf-ms"
47: Move File: Source = [l:222{111}]"\SystemRoot\WinSxS\Temp\PendingRenames\ce35b35167d8cd010809000030105c12.$$_system32_com_066545e3d047e7c7.cdf-ms", Destination = [l:134{67}]"\SystemRoot\WinSxS\FileMaps\$$_system32_com_066545e3d047e7c7.cdf-ms"
48: Move File: Source = [l:208{104}]"\SystemRoot\WinSxS\Temp\PendingRenames\2f97b55167d8cd010909000030105c12.$$_fonts_40104ba9a1d20dac.cdf-ms", Destination = [l:120{60}]"\SystemRoot\WinSxS\FileMaps\$$_fonts_40104ba9a1d20dac.cdf-ms"
49: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\2f97b55167d8cd010a09000030105c12.$$_apppatch_1143992cbbbebcab.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_apppatch_1143992cbbbebcab.cdf-ms"
50: Move File: Source = [l:204{102}]"\SystemRoot\WinSxS\Temp\PendingRenames\8ff8b75167d8cd010b09000030105c12.$$_web_3f580d25a4c8e0a0.cdf-ms", Destination = [l:116{58}]"\SystemRoot\WinSxS\FileMaps\$$_web_3f580d25a4c8e0a0.cdf-ms"
51: Move File: Source = [l:216{108}]"\SystemRoot\WinSxS\Temp\PendingRenames\8ff8b75167d8cd010c09000030105c12.$$_resources_fbee56ab048ab239.cdf-ms", Destination = [l:128{64}]"\SystemRoot\WinSxS\FileMaps\$$_resources_fbee56ab048ab239.cdf-ms"
52: Set File Information: File = [l:40{20}]"\??\C:\Program Files", Attributes = 00000080
53: Move File: Source = [l:240{120}]"\SystemRoot\WinSxS\Temp\PendingRenames\56dcf55167d8cd010d09000030105c12.users_public_recorded_tv_a6d3315b447834ed.cdf-ms", Destination = [l:152{76}]"\SystemRoot\WinSxS\FileMaps\users_public_recorded_tv_a6d3315b447834ed.cdf-ms"
54: Move File: Source = [l:266{133}]"\SystemRoot\WinSxS\Temp\PendingRenames\b63df85167d8cd010e09000030105c12.users_public_recorded_tv_sample_media_273d5f336c167723.cdf-ms", Destination = [l:178{89}]"\SystemRoot\WinSxS\FileMaps\users_public_recorded_tv_sample_media_273d5f336c167723.cdf-ms"
55: Move File:
2012-12-12 09:50:54, Info CSI Source = [l:236{118}]"\SystemRoot\WinSxS\Temp\PendingRenames\37c3015267d8cd010f09000030105c12.$$_digitallocker_es-es_ff53b60333585665.cdf-ms", Destination = [l:148{74}]"\SystemRoot\WinSxS\FileMaps\$$_digitallocker_es-es_ff53b60333585665.cdf-ms"
56: Move File: Source = [l:204{102}]"\SystemRoot\WinSxS\Temp\PendingRenames\37c3015267d8cd011009000030105c12.$$_ime_3f581be9a4c8cabd.cdf-ms", Destination = [l:116{58}]"\SystemRoot\WinSxS\FileMaps\$$_ime_3f581be9a4c8cabd.cdf-ms"
57: Move File: Source = [l:216{108}]"\SystemRoot\WinSxS\Temp\PendingRenames\37c3015267d8cd011109000030105c12.$$_ime_es-es_0d349ae6e45a49dc.cdf-ms", Destination = [l:128{64}]"\SystemRoot\WinSxS\FileMaps\$$_ime_es-es_0d349ae6e45a49dc.cdf-ms"
58: Move File: Source = [l:230{115}]"\SystemRoot\WinSxS\Temp\PendingRenames\f885065267d8cd011209000030105c12.$$_inf_remoteaccess_110554180baafc8b.cdf-ms", Destination = [l:142{71}]"\SystemRoot\WinSxS\FileMaps\$$_inf_remoteaccess_110554180baafc8b.cdf-ms"
59: Move File: Source = [l:240{120}]"\SystemRoot\WinSxS\Temp\PendingRenames\f885065267d8cd011309000030105c12.$$_inf_remoteaccess_0c0a_86bc957ee65d635d.cdf-ms", Destination = [l:152{76}]"\SystemRoot\WinSxS\FileMaps\$$_inf_remoteaccess_0c0a_86bc957ee65d635d.cdf-ms"
60: Move File: Source = [l:216{108}]"\SystemRoot\WinSxS\Temp\PendingRenames\f885065267d8cd011409000030105c12.$$_inf_es-es_0ef709a4e1d1aa64.cdf-ms", Destination = [l:128{64}]"\SystemRoot\WinSxS\FileMaps\$$_inf_es-es_0ef709a4e1d1aa64.cdf-ms"
61: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\b8480b5267d8cd011509000030105c12.$$_policydefinitions_es-es_3b1c3d438da10211.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\$$_policydefinitions_es-es_3b1c3d438da10211.cdf-ms"
62: Move File: Source = [l:236{118}]"\SystemRoot\WinSxS\Temp\PendingRenames\3ace145267d8cd011609000030105c12.$$_system32_oobe_es-es_e44fc2f7f02b62f8.cdf-ms", Destination = [l:148{74}]"\SystemRoot\WinSxS\FileMaps\$$_system32_oobe_es-es_e44fc2f7f02b62f8.cdf-ms"
63: Move
2012-12-12 09:50:54, Info CSI File: Source = [l:230{115}]"\SystemRoot\WinSxS\Temp\PendingRenames\9a2f175267d8cd011709000030105c12.$$_system32_sysprep_f7b45b8dfed1b768.cdf-ms", Destination = [l:142{71}]"\SystemRoot\WinSxS\FileMaps\$$_system32_sysprep_f7b45b8dfed1b768.cdf-ms"
64: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\fa90195267d8cd011809000030105c12.$$_system32_sysprep_es-es_ed80797ca752761f.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_system32_sysprep_es-es_ed80797ca752761f.cdf-ms"
65: Move File: Source = [l:238{119}]"\SystemRoot\WinSxS\Temp\PendingRenames\5af21b5267d8cd011909000030105c12.$$_system32_setup_es-es_afa35b99583f58b2.cdf-ms", Destination = [l:150{75}]"\SystemRoot\WinSxS\FileMaps\$$_system32_setup_es-es_afa35b99583f58b2.cdf-ms"
66: Move File: Source = [l:246{123}]"\SystemRoot\WinSxS\Temp\PendingRenames\bb531e5267d8cd011a09000030105c12.$$_system32_migration_es-es_815d12d48a080b97.cdf-ms", Destination = [l:158{79}]"\SystemRoot\WinSxS\FileMaps\$$_system32_migration_es-es_815d12d48a080b97.cdf-ms"
67: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\bb531e5267d8cd011b09000030105c12.$$_system32_0c0a_06652347df2ff588.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_system32_0c0a_06652347df2ff588.cdf-ms"
68: Move File: Source = [l:240{120}]"\SystemRoot\WinSxS\Temp\PendingRenames\1bb5205267d8cd011c09000030105c12.$$_system32_drivers_umdf_a531b5dc588477d3.cdf-ms", Destination = [l:152{76}]"\SystemRoot\WinSxS\FileMaps\$$_system32_drivers_umdf_a531b5dc588477d3.cdf-ms"
69: Move File: Source = [l:252{126}]"\SystemRoot\WinSxS\Temp\PendingRenames\1bb5205267d8cd011d09000030105c12.$$_system32_drivers_umdf_es-es_b8ba81057f1c6696.cdf-ms", Destination = [l:164{82}]"\SystemRoot\WinSxS\FileMaps\$$_system32_drivers_umdf_es-es_b8ba81057f1c6696.cdf-ms"
70: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\7b16235267d8cd011e09000030105c12.$$_system32_drivers_es-es_4bb913485eb96d54.cdf-ms", Destination = [l:154{
2012-12-12 09:50:54, Info CSI 77}]"\SystemRoot\WinSxS\FileMaps\$$_system32_drivers_es-es_4bb913485eb96d54.cdf-ms"
71: Create File: File = [l:152{76}]"\SystemRoot\WinSxS\FileMaps\$$_system32_mui_dispspec_d93de566344a36d0.cdf-ms", Attributes = 00000000
72: Move File: Source = [l:240{120}]"\SystemRoot\WinSxS\Temp\PendingRenames\7b16235267d8cd011f09000030105c12.$$_system32_mui_dispspec_d93de566344a36d0.cdf-ms", Destination = [l:152{76}]"\SystemRoot\WinSxS\FileMaps\$$_system32_mui_dispspec_d93de566344a36d0.cdf-ms"
73: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\7b16235267d8cd012009000030105c12.$$_system32_mui_0c0a_ecc96bf29498daf5.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_system32_mui_0c0a_ecc96bf29498daf5.cdf-ms"
74: Move File: Source = [l:236{118}]"\SystemRoot\WinSxS\Temp\PendingRenames\3cd9275267d8cd012109000030105c12.$$_system32_wbem_es-es_45559368b1c165e6.cdf-ms", Destination = [l:148{74}]"\SystemRoot\WinSxS\FileMaps\$$_system32_wbem_es-es_45559368b1c165e6.cdf-ms"
75: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\fc9b2c5267d8cd012209000030105c12.$$_system32_es-es_429cd1a084dc7119.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_es-es_429cd1a084dc7119.cdf-ms"
76: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\fc9b2c5267d8cd012309000030105c12.$$_system32_es-es_licenses_6993a1d8de38446b.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\$$_system32_es-es_licenses_6993a1d8de38446b.cdf-ms"
77: Move File: Source = [l:234{117}]"\SystemRoot\WinSxS\Temp\PendingRenames\5dfd2e5267d8cd012409000030105c12.$$_system32_com_es-es_4019828f16e68d20.cdf-ms", Destination = [l:146{73}]"\SystemRoot\WinSxS\FileMaps\$$_system32_com_es-es_4019828f16e68d20.cdf-ms"
78: Move File: Source = [l:208{104}]"\SystemRoot\WinSxS\Temp\PendingRenames\bd5e315267d8cd012509000030105c12.$$_es-es_401057c7a1d0f81f.cdf-ms", Destination = [l:120{60}]"\SystemRoot\WinSxS\FileMaps\$$_es-es_401057c7a1d0f81f.cdf-ms"
2012-12-12 09:50:54, Info CSI
79: Move File: Source = [l:230{115}]"\SystemRoot\WinSxS\Temp\PendingRenames\bd5e315267d8cd012609000030105c12.$$_resources_themes_4d0d4910e83c2273.cdf-ms", Destination = [l:142{71}]"\SystemRoot\WinSxS\FileMaps\$$_resources_themes_4d0d4910e83c2273.cdf-ms"
80: Move File: Source = [l:240{120}]"\SystemRoot\WinSxS\Temp\PendingRenames\1dc0335267d8cd012709000030105c12.$$_resources_themes_aero_3fd78bf4cb5fa2c4.cdf-ms", Destination = [l:152{76}]"\SystemRoot\WinSxS\FileMaps\$$_resources_themes_aero_3fd78bf4cb5fa2c4.cdf-ms"
81: Move File: Source = [l:252{126}]"\SystemRoot\WinSxS\Temp\PendingRenames\1dc0335267d8cd012809000030105c12.$$_resources_themes_aero_shell_a91dfa5124b343c4.cdf-ms", Destination = [l:164{82}]"\SystemRoot\WinSxS\FileMaps\$$_resources_themes_aero_shell_a91dfa5124b343c4.cdf-ms"
82: Move File: Source = [l:276{138}]"\SystemRoot\WinSxS\Temp\PendingRenames\1dc0335267d8cd012909000030105c12.$$_resources_themes_aero_shell_normalcolor_10be8ec981b35fb6.cdf-ms", Destination = [l:188{94}]"\SystemRoot\WinSxS\FileMaps\$$_resources_themes_aero_shell_normalcolor_10be8ec981b35fb6.cdf-ms"
83: Move File: Source = [l:288{144}]"\SystemRoot\WinSxS\Temp\PendingRenames\1dc0335267d8cd012a09000030105c12.$$_resources_themes_aero_shell_normalcolor_es-es_8f1aa82b4c33183b.cdf-ms", Destination = [l:200{100}]"\SystemRoot\WinSxS\FileMaps\$$_resources_themes_aero_shell_normalcolor_es-es_8f1aa82b4c33183b.cdf-ms"
84: Move File: Source = [l:252{126}]"\SystemRoot\WinSxS\Temp\PendingRenames\7d21365267d8cd012b09000030105c12.$$_resources_themes_aero_es-es_ab1668292044425d.cdf-ms", Destination = [l:164{82}]"\SystemRoot\WinSxS\FileMaps\$$_resources_themes_aero_es-es_ab1668292044425d.cdf-ms"
85: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\7d21365267d8cd012c09000030105c12.$$_help_mui_0c0a_c7941e78fabeab18.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_help_mui_0c0a_c7941e78fabeab18.cdf-ms"
86: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\
2012-12-12 09:50:54, Info CSI de82385267d8cd012d09000030105c12.$$_apppatch_es-es_098dc7be781aed3e.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_apppatch_es-es_098dc7be781aed3e.cdf-ms"
87: Move File: Source = [l:266{133}]"\SystemRoot\WinSxS\Temp\PendingRenames\3ee43a5267d8cd012e09000030105c12.program_files_internet_explorer_es-es_2650c78b8a48b9a6.cdf-ms", Destination = [l:178{89}]"\SystemRoot\WinSxS\FileMaps\program_files_internet_explorer_es-es_2650c78b8a48b9a6.cdf-ms"
88: Move File: Source = [l:298{149}]"\SystemRoot\WinSxS\Temp\PendingRenames\9e453d5267d8cd012f09000030105c12.program_files_common_files_microsoft_shared_ink_es-es_8a1612561a0cdf91.cdf-ms", Destination = [l:210{105}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_microsoft_shared_ink_es-es_8a1612561a0cdf91.cdf-ms"
89: Move File: Source = [l:306{153}]"\SystemRoot\WinSxS\Temp\PendingRenames\fea63f5267d8cd013009000030105c12.program_files_common_files_microsoft_shared_triedit_es-es_59ae2cf607429206.cdf-ms", Destination = [l:218{109}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_microsoft_shared_triedit_es-es_59ae2cf607429206.cdf-ms"
90: Move File: Source = [l:292{146}]"\SystemRoot\WinSxS\Temp\PendingRenames\5f08425267d8cd013109000030105c12.program_files_common_files_microsoft_shared_msinfo_817ad0c7c1c8e490.cdf-ms", Destination = [l:204{102}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_microsoft_shared_msinfo_817ad0c7c1c8e490.cdf-ms"
91: Move File: Source = [l:304{152}]"\SystemRoot\WinSxS\Temp\PendingRenames\5f08425267d8cd013209000030105c12.program_files_common_files_microsoft_shared_msinfo_es-es_98319ad2bb92ae5b.cdf-ms", Destination = [l:216{108}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_microsoft_shared_msinfo_es-es_98319ad2bb92ae5b.cdf-ms"
92: Move File: Source = [l:296{148}]"\SystemRoot\WinSxS\Temp\PendingRenames\5f08425267d8cd013309000030105c12.program_files_common_files_microsoft_shared_textconv_dfb016a4185c8725.cdf-ms", Destination = [l:208{104}]"\SystemRoot\WinSxS\FileMaps\program_fil
2012-12-12 09:50:54, Info CSI es_common_files_microsoft_shared_textconv_dfb016a4185c8725.cdf-ms"
93: Move File: Source = [l:308{154}]"\SystemRoot\WinSxS\Temp\PendingRenames\bf69445267d8cd013409000030105c12.program_files_common_files_microsoft_shared_textconv_es-es_c7ff5d266291240e.cdf-ms", Destination = [l:220{110}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_microsoft_shared_textconv_es-es_c7ff5d266291240e.cdf-ms"
94: Move File: Source = [l:282{141}]"\SystemRoot\WinSxS\Temp\PendingRenames\bf69445267d8cd013509000030105c12.program_files_common_files_system_msadc_es-es_58bb029ba66b5951.cdf-ms", Destination = [l:194{97}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_system_msadc_es-es_58bb029ba66b5951.cdf-ms"
95: Move File: Source = [l:278{139}]"\SystemRoot\WinSxS\Temp\PendingRenames\1fcb465267d8cd013609000030105c12.program_files_common_files_system_ado_es-es_9c126adac13608b7.cdf-ms", Destination = [l:190{95}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_system_ado_es-es_9c126adac13608b7.cdf-ms"
96: Move File: Source = [l:284{142}]"\SystemRoot\WinSxS\Temp\PendingRenames\1fcb465267d8cd013709000030105c12.program_files_common_files_system_ole_db_es-es_5ff7121bfce07dd3.cdf-ms", Destination = [l:196{98}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_system_ole_db_es-es_5ff7121bfce07dd3.cdf-ms"
97: Move File: Source = [l:270{135}]"\SystemRoot\WinSxS\Temp\PendingRenames\802c495267d8cd013809000030105c12.program_files_common_files_system_es-es_48bd798a3f1382e1.cdf-ms", Destination = [l:182{91}]"\SystemRoot\WinSxS\FileMaps\program_files_common_files_system_es-es_48bd798a3f1382e1.cdf-ms"
98: Move File: Source = [l:286{143}]"\SystemRoot\WinSxS\Temp\PendingRenames\802c495267d8cd013909000030105c12.program_files_windows_nt_tabletextservice_es-es_0e46b01e4b3af045.cdf-ms", Destination = [l:198{99}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_nt_tabletextservice_es-es_0e46b01e4b3af045.cdf-ms"
99: Move File: Source = [l:264{132}]"\SystemRoot\WinSxS\Temp\PendingRenames\a050505267d8cd013
2012-12-12 09:50:54, Info CSI a09000030105c12.program_files_windows_nt_accessories_156d2b9b22040474.cdf-ms", Destination = [l:176{88}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_nt_accessories_156d2b9b22040474.cdf-ms"
100: Move File: Source = [l:276{138}]"\SystemRoot\WinSxS\Temp\PendingRenames\01b2525267d8cd013b09000030105c12.program_files_windows_nt_accessories_es-es_4cfa5e3cc24730b3.cdf-ms", Destination = [l:188{94}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_nt_accessories_es-es_4cfa5e3cc24730b3.cdf-ms"
101: Create Directory: Directory = [l:72{36}]"\??\C:\Windows\System32\mui\dispspec", Attributes = 00000080
102: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\c37f6a5267d8cd013c09000030105c12.$$_system32_tasks_5f1dd67a5a1ae70e.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_tasks_5f1dd67a5a1ae70e.cdf-ms"
103: Move File: Source = [l:246{123}]"\SystemRoot\WinSxS\Temp\PendingRenames\24e16c5267d8cd013d09000030105c12.$$_system32_tasks_microsoft_b7abd682baafefc2.cdf-ms", Destination = [l:158{79}]"\SystemRoot\WinSxS\FileMaps\$$_system32_tasks_microsoft_b7abd682baafefc2.cdf-ms"
104: Move File: Source = [l:288{144}]"\SystemRoot\WinSxS\Temp\PendingRenames\84426f5267d8cd013e09000030105c12.$$_system32_tasks_microsoft_windows_media_center_ad67db1bbb2dd336.cdf-ms", Destination = [l:200{100}]"\SystemRoot\WinSxS\FileMaps\$$_system32_tasks_microsoft_windows_media_center_ad67db1bbb2dd336.cdf-ms"
105: Move File: Source = [l:306{153}]"\SystemRoot\WinSxS\Temp\PendingRenames\84426f5267d8cd013f09000030105c12.$$_system32_tasks_microsoft_windows_media_center_extender_02bff096ccf79441.cdf-ms", Destination = [l:218{109}]"\SystemRoot\WinSxS\FileMaps\$$_system32_tasks_microsoft_windows_media_center_extender_02bff096ccf79441.cdf-ms"
106: Move File: Source = [l:246{123}]"\SystemRoot\WinSxS\Temp\PendingRenames\e4a3715267d8cd014009000030105c12.programdata_microsoft_ehome_72ce881aee6c0ff2.cdf-ms", Destination = [l:158{79}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_eh
2012-12-12 09:50:54, Info CSI ome_72ce881aee6c0ff2.cdf-ms"
107: Move File: Source = [l:256{128}]"\SystemRoot\WinSxS\Temp\PendingRenames\e4a3715267d8cd014109000030105c12.programdata_microsoft_ehome_logs_c9da3df2b39c6e43.cdf-ms", Destination = [l:168{84}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_ehome_logs_c9da3df2b39c6e43.cdf-ms"
108: Move File: Source = [l:294{147}]"\SystemRoot\WinSxS\Temp\PendingRenames\a566765267d8cd014209000030105c12.users_default_appdata_roaming_media_center_programs_b8fc97cb3886dd3f.cdf-ms", Destination = [l:206{103}]"\SystemRoot\WinSxS\FileMaps\users_default_appdata_roaming_media_center_programs_b8fc97cb3886dd3f.cdf-ms"
109: Set File Information: File = [l:116{58}]"\??\C:\Users\Default\AppData\Roaming\Media Center Programs", Attributes = 00000080
110: Set File Information: File = [l:68{34}]"\??\C:\ProgramData\Microsoft\eHome", Attributes = 00000080
111: Set File Information: File = [l:78{39}]"\??\C:\ProgramData\Microsoft\eHome\logs", Attributes = 00000080
112: Move File: Source = [l:308{154}]"\SystemRoot\WinSxS\Temp\PendingRenames\ccabb65267d8cd014309000030105c12.programdata_microsoft_windows_power_efficiency_diagnostics_acddb9fca5769337.cdf-ms", Destination = [l:220{110}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_windows_power_efficiency_diagnostics_acddb9fca5769337.cdf-ms"
113: Set Key Value: Key = [l:168{84}]"\Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Generalize", Value = [l:76{38}]"{8a2650e9-70de-392f-b444-cecbac9864f2}", Type = REG_SZ (1), Data = {l:116 b:43003a005c00570069006e0064006f00770073005c00530079007300740065006d00330032005c0073007900730070007200650070004d00430045002e0064006c006c002c0053007900730070007200650070005f00470065006e006500720061006c0069007a0065005f004d00430045000000}
114: Set Key Value: Key = [l:162{81}]"\Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Cleanup", Value = [l:76{38}]"{2978b9c5-6189-3aea-c4d8-ce732ddcc48e}", Type = REG_SZ (1), Data = {l:106 b:43003a005c00570069006e0064006f0
2012-12-12 09:50:54, Info CSI 0770073005c00530079007300740065006d00330032005c0077006500760074006100700069002e0064006c006c002c0045007600740049006e007400530079007300700072006500700043006c00650061006e00750070000000}

POQ 20 ends.
2012-12-12 09:50:54, Info CSI 000000a5 [SR] Verify complete
2012-12-12 09:50:54, Info CSI 000000a6 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:54, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2012-12-12 09:50:58, Info CSI 000000a8 Repair results created:
POQ 21 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\0ef6f15467d8cd01a809000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\0ef6f15467d8cd01a909000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\2f1af95467d8cd01aa09000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
3: Move File: Source = [l:270{135}]"\SystemRoot\WinSxS\Temp\PendingRenames\1001055567d8cd01ab09000030105c12.programdata_microsoft_windows_nt_msscan_549c401cd5c756f4.cdf-ms", Destination = [l:182{91}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_windows_nt_msscan_549c401cd5c756f4.cdf-ms"
4: Move File: Source = [l:304{152}]"\SystemRoot\WinSxS\Temp\PendingRenames\d1c3095567d8cd01ac09000030105c12.programdata_microsoft_windows_nt_msfax_common_coverpages_642a277e0ccb775c.cdf-ms", Destination = [l:216{108}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_windows_nt_msfax_common_coverpages_642a277e0ccb775c.cdf-ms"
5: Set File Information: File = [l:126{63}]"\??\C:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages", Attributes = 00000080
6: Move File: Source = [l:316{158}]"\SystemRoot\WinSxS\Temp\PendingRenames\565f395567d8cd01ad09000030105c12.programdata_microsoft_windows_nt_msfax_common_coverpages_es-es_eec6178f83faf367.cdf-ms", Destination = [l:228{114}]"\SystemRoot\WinSxS\FileMaps\programdata_microsoft_windows_nt_msfax_common_coverpages_es-es_eec6178f83faf367.cdf-ms"
7: Move File: Source = [l:306{153}]"\SystemRoot\WinSxS\Temp\PendingRenames\b6c03b5567d8cd01ae09000030105c12.programdata_microsoft_windows_nt_msfax_virtualinbox_es-es_9c5e5c08f8e8e10a.cdf-ms", Destination = [l:218{109}]"\SystemRoot\
2012-12-12 09:50:58, Info CSI WinSxS\FileMaps\programdata_microsoft_windows_nt_msfax_virtualinbox_es-es_9c5e5c08f8e8e10a.cdf-ms"
8: Move File: Source = [l:220{110}]"\SystemRoot\WinSxS\Temp\PendingRenames\7b99665567d8cd01af09000030105c12.$$_system32_es_9da4487427ac667a.cdf-ms", Destination = [l:132{66}]"\SystemRoot\WinSxS\FileMaps\$$_system32_es_9da4487427ac667a.cdf-ms"

POQ 21 ends.
2012-12-12 09:50:58, Info CSI 000000a9 [SR] Verify complete
2012-12-12 09:50:59, Info CSI 000000aa [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:50:59, Info CSI 000000ab [SR] Beginning Verify and Repair transaction
2012-12-12 09:51:07, Info CSI 000000ac Repair results created:
POQ 22 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\05ceff5867d8cd01140a000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:218{109}]"\SystemRoot\WinSxS\Temp\PendingRenames\662f025967d8cd01150a000030105c12.program_files_ffd0cbfc813cc4f1.cdf-ms", Destination = [l:130{65}]"\SystemRoot\WinSxS\FileMaps\program_files_ffd0cbfc813cc4f1.cdf-ms"
2: Move File: Source = [l:250{125}]"\SystemRoot\WinSxS\Temp\PendingRenames\c690045967d8cd01160a000030105c12.program_files_windows_sidebar_8d6dbc4becba56da.cdf-ms", Destination = [l:162{81}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_8d6dbc4becba56da.cdf-ms"
3: Move File: Source = [l:266{133}]"\SystemRoot\WinSxS\Temp\PendingRenames\c690045967d8cd01170a000030105c12.program_files_windows_sidebar_gadgets_265d2ddf4d58a723.cdf-ms", Destination = [l:178{89}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_265d2ddf4d58a723.cdf-ms"
4: Move File: Source = [l:298{149}]"\SystemRoot\WinSxS\Temp\PendingRenames\26f2065967d8cd01180a000030105c12.program_files_windows_sidebar_gadgets_calendar.gadget_b054eca6667f3063.cdf-ms", Destination = [l:210{105}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_calendar.gadget_b054eca6667f3063.cdf-ms"
5: Move File: Source = [l:310{155}]"\SystemRoot\WinSxS\Temp\PendingRenames\8653095967d8cd01190a000030105c12.program_files_windows_sidebar_gadgets_calendar.gadget_es-es_e8aa0d2297615762.cdf-ms", Destination = [l:222{111}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_calendar.gadget_es-es_e8aa0d2297615762.cdf-ms"
6: Move File: Source = [l:316{158}]"\SystemRoot\WinSxS\Temp\PendingRenames\e7b40b5967d8cd011a0a000030105c12.program_files_windows_sidebar_gadgets_calendar.gadget_es-es_js_47e96fc5bbacfb29.cdf-ms", Destination = [l:228{114}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_
2012-12-12 09:51:07, Info CSI calendar.gadget_es-es_js_47e96fc5bbacfb29.cdf-ms"
7: Move File: Source = [l:318{159}]"\SystemRoot\WinSxS\Temp\PendingRenames\e7b40b5967d8cd011b0a000030105c12.program_files_windows_sidebar_gadgets_calendar.gadget_es-es_css_4fc3e00d9855da07.cdf-ms", Destination = [l:230{115}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_calendar.gadget_es-es_css_4fc3e00d9855da07.cdf-ms"
8: Move File: Source = [l:298{149}]"\SystemRoot\WinSxS\Temp\PendingRenames\2f1e535967d8cd011c0a000030105c12.program_files_windows_sidebar_gadgets_currency.gadget_964bdce27d2d6734.cdf-ms", Destination = [l:210{105}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_currency.gadget_964bdce27d2d6734.cdf-ms"
9: Move File: Source = [l:310{155}]"\SystemRoot\WinSxS\Temp\PendingRenames\8f7f555967d8cd011d0a000030105c12.program_files_windows_sidebar_gadgets_currency.gadget_es-es_8182f1d52051fd7f.cdf-ms", Destination = [l:222{111}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_currency.gadget_es-es_8182f1d52051fd7f.cdf-ms"
10: Move File: Source = [l:316{158}]"\SystemRoot\WinSxS\Temp\PendingRenames\8f7f555967d8cd011e0a000030105c12.program_files_windows_sidebar_gadgets_currency.gadget_es-es_js_9277dec88ec226ae.cdf-ms", Destination = [l:228{114}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_currency.gadget_es-es_js_9277dec88ec226ae.cdf-ms"
11: Move File: Source = [l:318{159}]"\SystemRoot\WinSxS\Temp\PendingRenames\f0e0575967d8cd011f0a000030105c12.program_files_windows_sidebar_gadgets_currency.gadget_es-es_css_d1d226b7f1abbb2a.cdf-ms", Destination = [l:230{115}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_currency.gadget_es-es_css_d1d226b7f1abbb2a.cdf-ms"

POQ 22 ends.
2012-12-12 09:51:07, Info CSI 000000ad [SR] Verify complete
2012-12-12 09:51:07, Info CSI 000000ae [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:51:07, Info CSI 000000af [SR] Beginning Verify and Repair transaction
2012-12-12 09:51:11, Info CSI 000000b0 Ignoring duplicate ownership for directory [l:60{30}]"\??\C:\Program Files\DVD Maker" in component Microsoft-Windows-GPUPipeline, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:11, Info CSI 000000b1 Ignoring duplicate ownership for directory [l:74{37}]"\??\C:\Program Files\DVD Maker\Shared" in component Microsoft-Windows-GPUPipeline, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:11, Info CSI 000000b2 Repair results created:
POQ 23 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\80b5135c67d8cd01840a000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:218{109}]"\SystemRoot\WinSxS\Temp\PendingRenames\80b5135c67d8cd01850a000030105c12.program_files_ffd0cbfc813cc4f1.cdf-ms", Destination = [l:130{65}]"\SystemRoot\WinSxS\FileMaps\program_files_ffd0cbfc813cc4f1.cdf-ms"
2: Move File: Source = [l:250{125}]"\SystemRoot\WinSxS\Temp\PendingRenames\e016165c67d8cd01860a000030105c12.program_files_windows_sidebar_8d6dbc4becba56da.cdf-ms", Destination = [l:162{81}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_8d6dbc4becba56da.cdf-ms"
3: Move File: Source = [l:266{133}]"\SystemRoot\WinSxS\Temp\PendingRenames\e016165c67d8cd01870a000030105c12.program_files_windows_sidebar_gadgets_265d2ddf4d58a723.cdf-ms", Destination = [l:178{89}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_265d2ddf4d58a723.cdf-ms"
4: Move File: Source = [l:288{144}]"\SystemRoot\WinSxS\Temp\PendingRenames\4178185c67d8cd01880a000030105c12.program_files_windows_sidebar_gadgets_cpu.gadget_3ea229fc96d38c13.cdf-ms", Destination = [l:200{100}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_cpu.gadget_3ea229fc96d38c13.cdf-ms"
5: Move File: Source = [l:300{150}]"\SystemRoot\WinSxS\Temp\PendingRenames\a1d91a5c67d8cd01890a000030105c12.program_files_windows_sidebar_gadgets_cpu.gadget_es-es_268a8b595ba2fdc2.cdf-ms", Destination = [l:212{106}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_cpu.gadget_es-es_268a8b595ba2fdc2.cdf-ms"
6: Move File: Source = [l:306{153}]"\SystemRoot\WinSxS\Temp\PendingRenames\013b1d5c67d8cd018a0a000030105c12.program_files_windows_sidebar_gadgets_cpu.gadget_es-es_js_c2435490a6450033.cdf-ms", Destination = [l:218{109}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_cpu.gadget_es-es_js_c2435
2012-12-12 09:51:11, Info CSI 490a6450033.cdf-ms"
7: Move File: Source = [l:308{154}]"\SystemRoot\WinSxS\Temp\PendingRenames\013b1d5c67d8cd018b0a000030105c12.program_files_windows_sidebar_gadgets_cpu.gadget_es-es_css_0754d59e8add9dad.cdf-ms", Destination = [l:220{110}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_cpu.gadget_es-es_css_0754d59e8add9dad.cdf-ms"
8: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\c2fd215c67d8cd018c0a000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
9: Move File: Source = [l:254{127}]"\SystemRoot\WinSxS\Temp\PendingRenames\225f245c67d8cd018d0a000030105c12.$$_diagnostics_system_homegroup_1909584eb21c73e3.cdf-ms", Destination = [l:166{83}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_homegroup_1909584eb21c73e3.cdf-ms"
10: Move File: Source = [l:266{133}]"\SystemRoot\WinSxS\Temp\PendingRenames\82c0265c67d8cd018e0a000030105c12.$$_diagnostics_system_homegroup_es-es_a38a58d9d5f2b910.cdf-ms", Destination = [l:178{89}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_homegroup_es-es_a38a58d9d5f2b910.cdf-ms"
11: Move File: Source = [l:298{149}]"\SystemRoot\WinSxS\Temp\PendingRenames\a3e42d5c67d8cd018f0a000030105c12.program_files_windows_sidebar_gadgets_calendar.gadget_b054eca6667f3063.cdf-ms", Destination = [l:210{105}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_calendar.gadget_b054eca6667f3063.cdf-ms"
12: Move File: Source = [l:312{156}]"\SystemRoot\WinSxS\Temp\PendingRenames\0346305c67d8cd01900a000030105c12.program_files_windows_sidebar_gadgets_calendar.gadget_images_e8b234ae384ba7b1.cdf-ms", Destination = [l:224{112}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_calendar.gadget_images_e8b234ae384ba7b1.cdf-ms"
13: Move File: Source = [l:308{154}]"\SystemRoot\WinSxS\Temp\PendingRenames\84cb395c67d8cd01910a000030105c12.program_files_windows_sidebar_gadgets_picturepuzzle.gadget_284c80f2b12171b5.cdf-ms", Destination = [l:220{110}]"\SystemRoot\WinSxS\FileMaps\pr
2012-12-12 09:51:11, Info CSI ogram_files_windows_sidebar_gadgets_picturepuzzle.gadget_284c80f2b12171b5.cdf-ms"
14: Move File: Source = [l:320{160}]"\SystemRoot\WinSxS\Temp\PendingRenames\e52c3c5c67d8cd01920a000030105c12.program_files_windows_sidebar_gadgets_picturepuzzle.gadget_es-es_40e1fff576c7d61c.cdf-ms", Destination = [l:232{116}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_picturepuzzle.gadget_es-es_40e1fff576c7d61c.cdf-ms"
15: Move File: Source = [l:326{163}]"\SystemRoot\WinSxS\Temp\PendingRenames\e52c3c5c67d8cd01930a000030105c12.program_files_windows_sidebar_gadgets_picturepuzzle.gadget_es-es_js_f7aca60a3345880d.cdf-ms", Destination = [l:238{119}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_picturepuzzle.gadget_es-es_js_f7aca60a3345880d.cdf-ms"
16: Move File: Source = [l:328{164}]"\SystemRoot\WinSxS\Temp\PendingRenames\e52c3c5c67d8cd01940a000030105c12.program_files_windows_sidebar_gadgets_picturepuzzle.gadget_es-es_css_f7aca7061148bd83.cdf-ms", Destination = [l:240{120}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_picturepuzzle.gadget_es-es_css_f7aca7061148bd83.cdf-ms"
17: Move File: Source = [l:300{150}]"\SystemRoot\WinSxS\Temp\PendingRenames\c613485c67d8cd01950a000030105c12.program_files_windows_sidebar_gadgets_slideshow.gadget_1d53bb9c29c0aa6d.cdf-ms", Destination = [l:212{106}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_slideshow.gadget_1d53bb9c29c0aa6d.cdf-ms"
18: Move File: Source = [l:314{157}]"\SystemRoot\WinSxS\Temp\PendingRenames\c613485c67d8cd01960a000030105c12.program_files_windows_sidebar_gadgets_slideshow.gadget_images_db83d22ffb6579d1.cdf-ms", Destination = [l:226{113}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_slideshow.gadget_images_db83d22ffb6579d1.cdf-ms"
19: Move File: Source = [l:336{168}]"\SystemRoot\WinSxS\Temp\PendingRenames\26754a5c67d8cd01970a000030105c12.program_files_windows_sidebar_gadgets_slideshow.gadget_images_in_sidebar_845277d664af085f.cdf-ms", Destination = [
2012-12-12 09:51:11, Info CSI l:248{124}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_slideshow.gadget_images_in_sidebar_845277d664af085f.cdf-ms"
20: Move File: Source = [l:336{168}]"\SystemRoot\WinSxS\Temp\PendingRenames\26754a5c67d8cd01980a000030105c12.program_files_windows_sidebar_gadgets_slideshow.gadget_images_on_desktop_8c4fbdc6458a98d1.cdf-ms", Destination = [l:248{124}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_slideshow.gadget_images_on_desktop_8c4fbdc6458a98d1.cdf-ms"
21: Move File: Source = [l:322{161}]"\SystemRoot\WinSxS\Temp\PendingRenames\a7fa535c67d8cd01990a000030105c12.program_files_windows_sidebar_gadgets_picturepuzzle.gadget_images_113209543e53c7d7.cdf-ms", Destination = [l:234{117}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_picturepuzzle.gadget_images_113209543e53c7d7.cdf-ms"
22: Move File: Source = [l:296{148}]"\SystemRoot\WinSxS\Temp\PendingRenames\68bd585c67d8cd019a0a000030105c12.program_files_windows_sidebar_gadgets_weather.gadget_a4898b91b8575c47.cdf-ms", Destination = [l:208{104}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_weather.gadget_a4898b91b8575c47.cdf-ms"
23: Move File: Source = [l:308{154}]"\SystemRoot\WinSxS\Temp\PendingRenames\68bd585c67d8cd019b0a000030105c12.program_files_windows_sidebar_gadgets_weather.gadget_es-es_d90afca6c77aa36a.cdf-ms", Destination = [l:220{110}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_weather.gadget_es-es_d90afca6c77aa36a.cdf-ms"
24: Move File: Source = [l:314{157}]"\SystemRoot\WinSxS\Temp\PendingRenames\68bd585c67d8cd019c0a000030105c12.program_files_windows_sidebar_gadgets_weather.gadget_es-es_js_30ae803036ae3f0b.cdf-ms", Destination = [l:226{113}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_weather.gadget_es-es_js_30ae803036ae3f0b.cdf-ms"
25: Move File: Source = [l:316{158}]"\SystemRoot\WinSxS\Temp\PendingRenames\c81e5b5c67d8cd019d0a000030105c12.program_files_windows_sidebar_gadgets_weather.gadget_es-es_css_67d51b8
2012-12-12 09:51:11, Info CSI 1ba976205.cdf-ms", Destination = [l:228{114}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_weather.gadget_es-es_css_67d51b81ba976205.cdf-ms"
26: Move File: Source = [l:302{151}]"\SystemRoot\WinSxS\Temp\PendingRenames\89e15f5c67d8cd019e0a000030105c12.program_files_windows_sidebar_gadgets_cpu.gadget_images_987b0ad259a4806b.cdf-ms", Destination = [l:214{107}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_cpu.gadget_images_987b0ad259a4806b.cdf-ms"
27: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\6ac86b5c67d8cd019f0a000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
28: Move File: Source = [l:292{146}]"\SystemRoot\WinSxS\Temp\PendingRenames\8df7855c67d8cd01a00a000030105c12.program_files_windows_sidebar_gadgets_clock.gadget_85cde96256fb59df.cdf-ms", Destination = [l:204{102}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_clock.gadget_85cde96256fb59df.cdf-ms"
29: Move File: Source = [l:304{152}]"\SystemRoot\WinSxS\Temp\PendingRenames\8df7855c67d8cd01a10a000030105c12.program_files_windows_sidebar_gadgets_clock.gadget_es-es_b9219e1c8e7876be.cdf-ms", Destination = [l:216{108}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_clock.gadget_es-es_b9219e1c8e7876be.cdf-ms"
30: Move File: Source = [l:310{155}]"\SystemRoot\WinSxS\Temp\PendingRenames\8df7855c67d8cd01a20a000030105c12.program_files_windows_sidebar_gadgets_clock.gadget_es-es_js_2ff12e0fb347d621.cdf-ms", Destination = [l:222{111}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_clock.gadget_es-es_js_2ff12e0fb347d621.cdf-ms"
31: Move File: Source = [l:312{156}]"\SystemRoot\WinSxS\Temp\PendingRenames\ed58885c67d8cd01a30a000030105c12.program_files_windows_sidebar_gadgets_clock.gadget_es-es_css_2ff12f0b86624561.cdf-ms", Destination = [l:224{112}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_clock.gadget_es-es_cs
2012-12-12 09:51:11, Info CSI s_2ff12f0b86624561.cdf-ms"
32: Move File: Source = [l:306{153}]"\SystemRoot\WinSxS\Temp\PendingRenames\6fde915c67d8cd01a40a000030105c12.program_files_windows_sidebar_gadgets_clock.gadget_images_11f95cf60938de7b.cdf-ms", Destination = [l:218{109}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_clock.gadget_images_11f95cf60938de7b.cdf-ms"
33: Move File: Source = [l:310{155}]"\SystemRoot\WinSxS\Temp\PendingRenames\71e9a45c67d8cd01a50a000030105c12.program_files_windows_sidebar_gadgets_weather.gadget_images_585d106689450aab.cdf-ms", Destination = [l:222{111}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_weather.gadget_images_585d106689450aab.cdf-ms"
34: Move File: Source = [l:324{162}]"\SystemRoot\WinSxS\Temp\PendingRenames\71e9a45c67d8cd01a60a000030105c12.program_files_windows_sidebar_gadgets_weather.gadget_images_144dpi_12b2fa65af7b87ad.cdf-ms", Destination = [l:236{118}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_weather.gadget_images_144dpi_12b2fa65af7b87ad.cdf-ms"
35: Move File: Source = [l:324{162}]"\SystemRoot\WinSxS\Temp\PendingRenames\71e9a45c67d8cd01a70a000030105c12.program_files_windows_sidebar_gadgets_weather.gadget_images_120dpi_12fb0c15aed95ff3.cdf-ms", Destination = [l:236{118}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_weather.gadget_images_120dpi_12fb0c15aed95ff3.cdf-ms"
36: Move File: Source = [l:238{119}]"\SystemRoot\WinSxS\Temp\PendingRenames\f26eae5c67d8cd01a80a000030105c12.program_files_dvd_maker_405775de8763ce75.cdf-ms", Destination = [l:150{75}]"\SystemRoot\WinSxS\FileMaps\program_files_dvd_maker_405775de8763ce75.cdf-ms"
37: Move File: Source = [l:252{126}]"\SystemRoot\WinSxS\Temp\PendingRenames\f26eae5c67d8cd01a90a000030105c12.program_files_dvd_maker_shared_a54613779b918be2.cdf-ms", Destination = [l:164{82}]"\SystemRoot\WinSxS\FileMaps\program_files_dvd_maker_shared_a54613779b918be2.cdf-ms"
38: Move File: Source = [l:298{149}]"\SystemRoot\WinSxS\Temp\PendingRenames\1393b55c
2012-12-12 09:51:11, Info CSI 67d8cd01aa0a000030105c12.program_files_windows_sidebar_gadgets_rssfeeds.gadget_22ec6b16cd2d39ce.cdf-ms", Destination = [l:210{105}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_rssfeeds.gadget_22ec6b16cd2d39ce.cdf-ms"
39: Move File: Source = [l:310{155}]"\SystemRoot\WinSxS\Temp\PendingRenames\1393b55c67d8cd01ab0a000030105c12.program_files_windows_sidebar_gadgets_rssfeeds.gadget_es-es_42036f3020e8a467.cdf-ms", Destination = [l:222{111}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_rssfeeds.gadget_es-es_42036f3020e8a467.cdf-ms"
40: Move File: Source = [l:316{158}]"\SystemRoot\WinSxS\Temp\PendingRenames\73f4b75c67d8cd01ac0a000030105c12.program_files_windows_sidebar_gadgets_rssfeeds.gadget_es-es_js_f0fc7fed99f9b794.cdf-ms", Destination = [l:228{114}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_rssfeeds.gadget_es-es_js_f0fc7fed99f9b794.cdf-ms"
41: Move File: Source = [l:318{159}]"\SystemRoot\WinSxS\Temp\PendingRenames\73f4b75c67d8cd01ad0a000030105c12.program_files_windows_sidebar_gadgets_rssfeeds.gadget_es-es_css_b02b5596bda6ce42.cdf-ms", Destination = [l:230{115}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_rssfeeds.gadget_es-es_css_b02b5596bda6ce42.cdf-ms"
42: Move File: Source = [l:312{156}]"\SystemRoot\WinSxS\Temp\PendingRenames\f479c15c67d8cd01ae0a000030105c12.program_files_windows_sidebar_gadgets_rssfeeds.gadget_images_420b96bc9fb8ab54.cdf-ms", Destination = [l:224{112}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_rssfeeds.gadget_images_420b96bc9fb8ab54.cdf-ms"
43: Move File: Source = [l:312{156}]"\SystemRoot\WinSxS\Temp\PendingRenames\159ec85c67d8cd01af0a000030105c12.program_files_windows_sidebar_gadgets_slideshow.gadget_es-es_233128600fdd7618.cdf-ms", Destination = [l:224{112}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_slideshow.gadget_es-es_233128600fdd7618.cdf-ms"
44: Move File: Source = [l:318{159}]"\SystemRoot\WinSxS\Temp\PendingRenames\159ec85c67
2012-12-12 09:51:11, Info CSI d8cd01b00a000030105c12.program_files_windows_sidebar_gadgets_slideshow.gadget_es-es_js_d39a17ad570e1711.cdf-ms", Destination = [l:230{115}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_slideshow.gadget_es-es_js_d39a17ad570e1711.cdf-ms"
45: Move File: Source = [l:320{160}]"\SystemRoot\WinSxS\Temp\PendingRenames\75ffca5c67d8cd01b10a000030105c12.program_files_windows_sidebar_gadgets_slideshow.gadget_es-es_css_d39a18a95d971c87.cdf-ms", Destination = [l:232{116}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_slideshow.gadget_es-es_css_d39a18a95d971c87.cdf-ms"
46: Move File: Source = [l:298{149}]"\SystemRoot\WinSxS\Temp\PendingRenames\36c2cf5c67d8cd01b20a000030105c12.program_files_windows_sidebar_gadgets_currency.gadget_964bdce27d2d6734.cdf-ms", Destination = [l:210{105}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_currency.gadget_964bdce27d2d6734.cdf-ms"
47: Move File: Source = [l:312{156}]"\SystemRoot\WinSxS\Temp\PendingRenames\9623d25c67d8cd01b30a000030105c12.program_files_windows_sidebar_gadgets_currency.gadget_images_818b19610434093a.cdf-ms", Destination = [l:224{112}]"\SystemRoot\WinSxS\FileMaps\program_files_windows_sidebar_gadgets_currency.gadget_images_818b19610434093a.cdf-ms"

POQ 23 ends.
2012-12-12 09:51:11, Info CSI 000000b3 [SR] Verify complete
2012-12-12 09:51:11, Info CSI 000000b4 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:51:11, Info CSI 000000b5 [SR] Beginning Verify and Repair transaction
2012-12-12 09:51:13, Info CSI 000000b6 Repair results created:
POQ 24 starts:

POQ 24 ends.
2012-12-12 09:51:13, Info CSI 000000b7 [SR] Verify complete
2012-12-12 09:51:13, Info CSI 000000b8 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:51:13, Info CSI 000000b9 [SR] Beginning Verify and Repair transaction
2012-12-12 09:51:13, Info CSI 000000ba Repair results created:
POQ 25 starts:

POQ 25 ends.
2012-12-12 09:51:13, Info CSI 000000bb [SR] Verify complete
2012-12-12 09:51:14, Info CSI 000000bc [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:51:14, Info CSI 000000bd [SR] Beginning Verify and Repair transaction
2012-12-12 09:51:15, Info CSI 000000be Repair results created:
POQ 26 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\bd6a3f5f67d8cd01e00b000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\1ecc415f67d8cd01e10b000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:264{132}]"\SystemRoot\WinSxS\Temp\PendingRenames\1ecc415f67d8cd01e20b000030105c12.$$_globalization_els_transliteration_1547068d18bc2738.cdf-ms", Destination = [l:176{88}]"\SystemRoot\WinSxS\FileMaps\$$_globalization_els_transliteration_1547068d18bc2738.cdf-ms"
3: Move File: Source = [l:254{127}]"\SystemRoot\WinSxS\Temp\PendingRenames\a367715f67d8cd01e30b000030105c12.$$_diagnostics_system_homegroup_1909584eb21c73e3.cdf-ms", Destination = [l:166{83}]"\SystemRoot\WinSxS\FileMaps\$$_diagnostics_system_homegroup_1909584eb21c73e3.cdf-ms"

POQ 26 ends.
2012-12-12 09:51:15, Info CSI 000000bf [SR] Verify complete
2012-12-12 09:51:16, Info CSI 000000c0 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 09:51:16, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction
2012-12-12 09:51:18, Info CSI 000000c2 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\lt-LT" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"lt-LT", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:18, Info CSI 000000c3 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\tr-TR" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"tr-TR", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:18, Info CSI 000000c4 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\fr-FR" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"fr-FR", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:19, Info CSI 000000c5 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\fi-FI" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"fi-FI", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:19, Info CSI 000000c6 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\nl-NL" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"nl-NL", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:19, Info CSI 000000c7 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\hr-HR" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"hr-HR", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:19, Info CSI 000000c8 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\pl-PL" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"pl-PL", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:19, Info CSI 000000c9 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\pt-PT" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"pt-PT", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:19, Info CSI 000000ca Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\bg-BG" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"bg-BG", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:19, Info CSI 000000cb Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\ru-RU" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"ru-RU", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:19, Info CSI 000000cc Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\cs-CZ" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"cs-CZ", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:20, Info CSI 000000cd Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\ja-JP" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"ja-JP", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:21, Info CSI 000000ce Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\he-IL" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"he-IL", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:21, Info CSI 000000cf Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\nb-NO" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"nb-NO", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:21, Info CSI 000000d0 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\sl-SI" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"sl-SI", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:21, Info CSI 000000d1 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\en-US" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"en-us", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:21, Info CSI 000000d2 Ignoring duplicate ownership for directory [l:58{29}]"\??\C:\Windows\System32\ko-KR" in component Microsoft-Windows-Installer-Engine.Resources, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"ko-KR", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral

2012-12-12 09:51:21, Info CSI 000000d3 Repair results created:
POQ 27 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\2fa5f06067d8cd01480c000030105c12._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\9006f36067d8cd01490c000030105c12.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\b02afa6067d8cd014a0c000030105c12.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
3: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\118cfc6067d8cd014b0c000030105c12.$$_system32_da-dk_40b64d5e87b63595.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_da-dk_40b64d5e87b63595.cdf-ms"
4: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\f272086167d8cd014c0c000030105c12.$$_system32_lt-lt_4fea189870e886c7.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_lt-lt_4fea189870e886c7.cdf-ms"
5: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\73f8116167d8cd014d0c000030105c12.$$_system32_lv-lv_4fea1c1c70e881b7.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_lv-lv_4fea1c1c70e881b7.cdf-ms"
6: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\f47d1b6167d8cd014e0c000030105c12.$$_system32_th-th_5f1dc0505a1b09f7.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_th-th_5f1dc0505a1b09f7.cdf-ms"
7: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\d664276167d8cd014f0c000030105c12.$$_system32_tr-tr_5f1dd1e45a1af0a7.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_tr-tr_5f1dd1e45a1af0a7.cdf-ms"
8: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames
2012-12-12 09:51:21, Info CSI \57ea306167d8cd01500c000030105c12.$$_system32_et-ee_429cb6e884dc9948.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_et-ee_429cb6e884dc9948.cdf-ms"
9: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\d86f3a6167d8cd01510c000030105c12.$$_system32_it-it_4a36b1ca7975a0f9.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_it-it_4a36b1ca7975a0f9.cdf-ms"
10: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\9b3d526167d8cd01520c000030105c12.$$_system32_fr-fr_448347788202c03b.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_fr-fr_448347788202c03b.cdf-ms"
11: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\1cc35b6167d8cd01530c000030105c12.$$_system32_fi-fi_448337a68202d703.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_fi-fi_448337a68202d703.cdf-ms"
12: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\9d48656167d8cd01540c000030105c12.$$_system32_nl-nl_53b6f9bc6b35343b.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_nl-nl_53b6f9bc6b35343b.cdf-ms"
13: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\de90736167d8cd01550c000030105c12.$$_system32_sk-sk_5d374dfc5cf4b5c5.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_sk-sk_5d374dfc5cf4b5c5.cdf-ms"
14: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\60167d6167d8cd01560c000030105c12.$$_system32_hr-hr_485036ac7c4f596f.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_hr-hr_485036ac7c4f596f.cdf-ms"
15: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\e19b866167d8cd01570c000030105c12.$$_system32_hu-hu_48503bf27c4f51d7.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_hu-hu_48503bf27c4f51d7.cdf-ms"
16: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\62219061
2012-12-12 09:51:21, Info CSI 67d8cd01580c000030105c12.$$_system32_pl-pl_5783e8f06581cd6f.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_pl-pl_5783e8f06581cd6f.cdf-ms"
17: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\43089c6167d8cd01590c000030105c12.$$_system32_pt-pt_5783f7006581b92f.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_pt-pt_5783f7006581b92f.cdf-ms"
18: Move File: Source = [l:236{118}]"\SystemRoot\WinSxS\Temp\PendingRenames\c48da56167d8cd015a0c000030105c12.$$_system32_sr-latn-cs_36d1c3d11e65ce00.cdf-ms", Destination = [l:148{74}]"\SystemRoot\WinSxS\FileMaps\$$_system32_sr-latn-cs_36d1c3d11e65ce00.cdf-ms"
19: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\a674b16167d8cd015b0c000030105c12.$$_system32_es-es_429cd1a084dc7119.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_es-es_429cd1a084dc7119.cdf-ms"
20: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\875bbd6167d8cd015c0c000030105c12.$$_system32_bg-bg_3ce955ba8d69a9ab.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_bg-bg_3ce955ba8d69a9ab.cdf-ms"
21: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\08e1c66167d8cd015d0c000030105c12.$$_system32_ro-ro_5b50dd6a5fce5f0b.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ro-ro_5b50dd6a5fce5f0b.cdf-ms"
22: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\8966d06167d8cd015e0c000030105c12.$$_system32_ru-ru_5b50e7f65fce4fdb.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ru-ru_5b50e7f65fce4fdb.cdf-ms"
23: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\6a4ddc6167d8cd015f0c000030105c12.$$_system32_cs-cz_3ecfefb68a8fc3f6.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_cs-cz_3ecfefb68a8fc3f6.cdf-ms"
24: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\ecd2e5
2012-12-12 09:51:21, Info CSI 6167d8cd01600c000030105c12.$$_system32_sv-se_5d37410c5cf4ca56.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_sv-se_5d37410c5cf4ca56.cdf-ms"
25: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\6d58ef6167d8cd01610c000030105c12.$$_system32_de-de_40b6416a87b647ef.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_de-de_40b6416a87b647ef.cdf-ms"
26: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\2f26076267d8cd01620c000030105c12.$$_system32_ja-jp_4c1d2478769bf2f4.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ja-jp_4c1d2478769bf2f4.cdf-ms"
27: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\b1ab106267d8cd01630c000030105c12.$$_system32_zh-cn_6a8499504900c466.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_zh-cn_6a8499504900c466.cdf-ms"
28: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\92921c6267d8cd01640c000030105c12.$$_system32_zh-tw_6a84aa664900aad6.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_zh-tw_6a84aa664900aad6.cdf-ms"
29: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\9fd48e6267d8cd01650c000030105c12.$$_system32_he-il_48502d1c7c4f6669.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_he-il_48502d1c7c4f6669.cdf-ms"
30: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames\80bb9a6267d8cd01660c000030105c12.$$_system32_uk-ua_61042a3457416b73.cdf-ms", Destination = [l:138{69}]"\SystemRoot\WinSxS\FileMaps\$$_system32_uk-ua_61042a3457416b73.cdf-ms"
31: Move File: Source = [l:226{113}]"\SystemRoot\WinSxS\Temp\PendingRenames&