Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.poweliks gm and Trojan.swifi


  • This topic is locked This topic is locked
28 replies to this topic

#1 sbader29

sbader29

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 02 January 2015 - 03:23 PM

Norton has notified that these were quarantined but are not removed. Computer is very suddenly very slow, hangs often.

 

Here is logfile:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496  BrowserJavaVersion: 10.71.2
Run by Denny at 15:09:44 on 2015-01-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5375.3188 [GMT -5:00]
.
AV: Norton Security Suite *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton Security Suite *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
E:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k LPDService
C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/?pc=U159
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\ips\ipsbho.dll
BHO: Dragon NaturallySpeaking Rich Internet Application Support - Extension: {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieshim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Denny\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SHAREP~1.LNK - C:\Program Files\D-Link\SharePort Utility\Connect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{4F16E45F-0388-463A-9DBD-2D400F073A56} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{BFFD885C-069F-4608-8CB0-6AC8F405D921} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{BFFD885C-069F-4608-8CB0-6AC8F405D921}\C696E6B6379737 : DHCPNameServer = 68.87.64.150 68.87.75.198
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} -
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-5-2 55856]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1506000.020\symds64.sys [2014-10-15 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1506000.020\symefa64.sys [2014-10-15 1148120]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [2015-1-1 1587416]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1506000.020\ccsetx64.sys [2014-10-15 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150101.001\IDSviA64.sys [2015-1-2 637656]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1506000.020\ironx64.sys [2014-10-15 266968]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1506000.020\symnets.sys [2014-10-15 593112]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;E:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 241152]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-3-28 361984]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]
R2 D-Link SharePort Helper;D-Link SharePort Helper;C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe [2011-12-30 49152]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2012-7-18 310232]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe [2014-10-15 265040]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-11-18 635416]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-12-30 1153368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-1-1 142640]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-21 471144]
R3 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2009-7-3 291336]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-11-18 38456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-4-23 46136]
S3 AODDriver4.0;AODDriver4.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-5-1 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-1-1 114688]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-7-21 1002848]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-8 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-30 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2015-01-02 19:40:23 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-01-02 19:40:23 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-01-02 19:31:30 -------- d-----w- C:\Windows\System32\appraiser
2015-01-01 06:25:54 4121600 ----a-w- C:\Windows\System32\mf.dll
2015-01-01 06:25:54 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2015-01-01 05:14:04 830976 ----a-w- C:\Windows\System32\appraiser.dll
2015-01-01 05:14:04 192000 ----a-w- C:\Windows\System32\aepic.dll
2015-01-01 05:14:04 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2015-01-01 05:14:04 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2015-01-01 05:14:03 741376 ----a-w- C:\Windows\System32\invagent.dll
2015-01-01 05:14:03 413184 ----a-w- C:\Windows\System32\generaltel.dll
2015-01-01 05:14:03 396800 ----a-w- C:\Windows\System32\devinv.dll
2015-01-01 05:14:03 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-01-01 05:12:59 10949120 ----a-w- C:\Program Files\Internet Explorer\F12Resources.dll
2015-01-01 04:54:55 40034920 ----atw- C:\Windows\SysWow64\00029503.tmp
.
==================== Find3M  ====================
.
2015-01-01 06:16:26 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-01 06:16:26 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-30 03:16:59 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-30 00:55:16 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-19 09:31:16 1217192 ----a-w- C:\Windows\SysWow64\FM20.DLL
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 15:10:15.06 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:40 AM

Posted 03 January 2015 - 11:10 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1
logo.png
Please download Powelikscleaner (by ESET) and save it to your Desktop.
  • Double-click the 3.png to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
1.png
2.png

Step 2

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Step 3

Please download 51a612a8b27e2-Zoek.pngZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    process;
    services-list;
    systemspecs;
    startupall;
    filesrcm;
    
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 sbader29

sbader29
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 03 January 2015 - 06:17 PM

Hi Jurgen and thank you so much for your help! I will send logs for each step in separate posts
1. ESET Poweliks Cleaner ran, no Poweliks found. Here is log;
 
[2015.01.03 16:51:28.475] - Begin
[2015.01.03 16:51:28.475] -
[2015.01.03 16:51:28.475] -     ....................................
[2015.01.03 16:51:28.475] -   ..::::::::::::::::::....................
[2015.01.03 16:51:28.475] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2015.01.03 16:51:28.475] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.1
[2015.01.03 16:51:28.475] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Oct 15 2014
[2015.01.03 16:51:28.475] -  .::EE:::::::::::::SS:.EE..........TT......
[2015.01.03 16:51:28.475] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2015.01.03 16:51:28.475] -   ..::::::::::::::::::....................    1992-2013. All rights reserved.
[2015.01.03 16:51:28.475] -     ....................................
[2015.01.03 16:51:28.475] -
[2015.01.03 16:51:28.475] - --------------------------------------------------------------------------------
[2015.01.03 16:51:28.475] -
[2015.01.03 16:51:28.475] - INFO: OS: 6.1.7601 SP1
[2015.01.03 16:51:28.475] - INFO: Product Type: Workstation
[2015.01.03 16:51:28.475] - INFO: WoW64: True
[2015.01.03 16:51:28.475] - INFO: Machine guid: E798E5C1-E4FD-4C65-BFC7-2FF26654D1A5
[2015.01.03 16:51:28.475] -
[2015.01.03 16:51:30.519] - INFO: Scanning for system infection...
[2015.01.03 16:51:30.519] - --------------------------------------------------------------------------------
[2015.01.03 16:51:30.519] -
[2015.01.03 16:51:30.519] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2015.01.03 16:51:30.519] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2015.01.03 16:51:30.519] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2015.01.03 16:51:30.519] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2015.01.03 16:51:30.519] - INFO: Processing classes...
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{000F1EA4-5E08-4564-A29B-29076F63A37A}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.534] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.550] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.566] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBC}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}]
[2015.01.03 16:51:30.581] - INFO: Processing clsid [\Registry\User\S-1-5-21-3009580160-1832042019-1401350382-1001\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}]
[2015.01.03 16:51:30.581] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.01.03 16:51:30.597] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.01.03 16:51:30.597] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.01.03 16:51:30.597] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.01.03 16:51:30.597] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.01.03 16:51:30.597] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.01.03 16:51:30.597] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.01.03 16:51:30.597] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.01.03 16:51:30.597] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.01.03 16:51:30.597] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2015.01.03 16:51:30.597] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2015.01.03 16:51:30.597] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2015.01.03 16:51:30.597] - INFO: Win32/Poweliks not found
[2015.01.03 16:51:40.472] - End

#4 sbader29

sbader29
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 03 January 2015 - 06:18 PM

2. Here are the FRST scan logs (had to disable Norton to get it to run)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2015 03
Ran by Denny (administrator) on FAMILY-HP6620 on 03-01-2015 17:09:47
Running from C:\Users\Denny\Desktop
Loaded Profile: Denny (Available profiles: Denny & Suzie & Luke & Evan & Kaitlyn)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
() C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-25] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [563736 2009-10-14] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SpybotSnD] => C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe [5365592 2009-01-26] (Safer Networking Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SharePort Utility.lnk
ShortcutTarget: SharePort Utility.lnk -> C:\Program Files\D-Link\SharePort Utility\Connect.exe (D-Link Corp.)
Startup: C:\Users\Kaitlyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Suzie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=U159
HKU\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
URLSearchHook: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> DefaultScope {3DDA53B0-317E-47BB-B20C-550C46A1A458} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {3DDA53B0-317E-47BB-B20C-550C46A1A458} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {4EE0AA81-8D37-4AE7-82D1-F185AD665807} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM -> {E125243F-B870-446C-9E37-8C2B8E703966} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {F6847FBF-C656-4D37-BDD9-ADDFEFB65C62} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {3DDA53B0-317E-47BB-B20C-550C46A1A458} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {3DDA53B0-317E-47BB-B20C-550C46A1A458} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {4EE0AA81-8D37-4AE7-82D1-F185AD665807} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {E125243F-B870-446C-9E37-8C2B8E703966} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {F6847FBF-C656-4D37-BDD9-ADDFEFB65C62} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 -> DefaultScope {3DDA53B0-317E-47BB-B20C-550C46A1A458} URL = http://www.bing.com/search?FORM=U159DF&PC=U159&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 -> {3DDA53B0-317E-47BB-B20C-550C46A1A458} URL = http://www.bing.com/search?FORM=U159DF&PC=U159&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 -> {4EE0AA81-8D37-4AE7-82D1-F185AD665807} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 -> {E125243F-B870-446C-9E37-8C2B8E703966} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 -> {F6847FBF-C656-4D37-BDD9-ADDFEFB65C62} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension -> {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll (Nuance Communications, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin HKU\S-1-5-21-3009580160-1832042019-1401350382-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-01-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-01-03]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012-07-18]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-04-09]
FF HKU\S-1-5-21-3009580160-1832042019-1401350382-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-29]
CHR Extension: (Google Docs) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-29]
CHR Extension: (Google Drive) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-29]
CHR Extension: (YouTube) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-29]
CHR Extension: (Google Search) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-29]
CHR Extension: (Google Sheets) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-29]
CHR Extension: (Norton Identity Safe) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-29]
CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2014-11-29]
CHR Extension: (Norton Security Toolbar) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-11-29]
CHR Extension: (Google Wallet) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-29]
CHR Extension: (Gmail) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-15]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2012-07-18]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-15]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor10.0; E:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 D-Link SharePort Helper; C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe [49152 2011-12-30] () [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [137680 2010-07-27] ()
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-10-02] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-31] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-31] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150102.001\IDSvia64.sys [637656 2014-12-31] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150102.019\ENG64.SYS [129752 2014-12-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150102.019\EX64.SYS [2137304 2014-12-31] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R3 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291336 2011-12-30] (silex technology, Inc.)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2010-09-28] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-03 17:09 - 2015-01-03 17:10 - 00028286 _____ () C:\Users\Denny\Desktop\FRST.txt
2015-01-03 17:09 - 2015-01-03 17:09 - 00000000 ____D () C:\FRST
2015-01-03 17:08 - 2015-01-03 17:08 - 02123776 _____ (Farbar) C:\Users\Denny\Desktop\FRST64.exe
2015-01-03 16:51 - 2015-01-03 16:51 - 00323920 _____ () C:\Users\Denny\Desktop\ESETPoweliksCleaner.exe_20150103.165128.4152.log
2015-01-03 16:49 - 2015-01-03 16:49 - 00186568 _____ (ESET) C:\Users\Denny\Desktop\ESETPoweliksCleaner.exe
2015-01-02 15:10 - 2015-01-02 15:12 - 00025545 _____ () C:\Users\Denny\Desktop\dds.txt
2015-01-02 15:10 - 2015-01-02 15:12 - 00012372 _____ () C:\Users\Denny\Desktop\attach.txt
2015-01-02 15:08 - 2015-01-02 15:06 - 00688992 ____R (Swearware) C:\Users\Denny\Desktop\dds.com
2015-01-02 14:55 - 2015-01-02 14:55 - 00000000 __SHD () C:\Users\Kaitlyn\AppData\Local\EmieUserList
2015-01-02 14:55 - 2015-01-02 14:55 - 00000000 __SHD () C:\Users\Kaitlyn\AppData\Local\EmieSiteList
2015-01-02 14:55 - 2015-01-02 14:55 - 00000000 __SHD () C:\Users\Kaitlyn\AppData\Local\EmieBrowserModeList
2015-01-02 14:40 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-02 14:40 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-02 14:31 - 2015-01-02 14:31 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-01 01:25 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-01 01:25 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-01 00:14 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-01 00:14 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-01 00:13 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-01 00:13 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-01 00:13 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-01 00:13 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-01 00:13 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-01 00:13 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-01 00:13 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-01 00:13 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-01 00:13 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-01 00:13 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-01 00:13 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-01 00:13 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-01 00:13 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-01 00:13 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-01 00:13 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-01 00:13 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-01 00:13 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-01 00:13 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-01 00:13 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-01 00:13 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-01 00:13 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-01 00:13 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-01 00:13 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-01 00:13 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-01 00:13 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-01 00:13 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-01 00:13 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-01 00:13 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-01 00:13 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-01 00:13 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-01 00:13 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-01 00:13 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-01 00:13 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-01 00:13 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-01 00:13 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-01 00:13 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-01 00:13 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-01 00:13 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-01 00:13 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-01 00:13 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-01 00:13 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-01 00:13 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-01 00:13 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-01 00:13 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-01 00:13 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-01 00:13 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-01 00:13 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-01 00:13 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-01 00:13 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-01 00:13 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-01 00:13 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-01 00:13 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-01 00:13 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-01 00:13 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-01 00:13 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-01 00:13 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-01 00:13 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-01 00:04 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-01 00:04 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-01 00:04 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-01 00:04 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-01 00:04 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-01 00:04 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-01 00:04 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-01 00:04 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-01 00:04 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-01 00:04 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-01 00:04 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-01 00:04 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-01 00:04 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-01 00:04 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-31 23:54 - 2014-12-31 23:55 - 40034920 ____T () C:\Windows\SysWOW64\00029503.tmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-03 17:04 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-03 17:04 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-03 16:48 - 2010-11-18 03:03 - 02074379 _____ () C:\Windows\WindowsUpdate.log
2015-01-03 16:47 - 2012-04-07 10:44 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-03 16:47 - 2012-04-07 10:44 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-03 16:47 - 2012-04-07 10:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-03 16:47 - 2011-06-19 12:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-03 16:47 - 2010-12-30 13:08 - 00000000 ____D () C:\Users\Denny\AppData\Local\Adobe
2015-01-03 16:43 - 2014-04-21 19:24 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-03 16:43 - 2013-02-17 12:38 - 00024048 _____ () C:\Windows\setupact.log
2015-01-03 16:43 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-02 15:27 - 2010-12-31 21:36 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForSuzie.job
2015-01-02 15:10 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-02 14:56 - 2010-12-31 19:59 - 00130360 _____ () C:\Users\Kaitlyn\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-02 14:31 - 2014-05-07 02:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-02 14:31 - 2013-02-17 12:38 - 00578958 _____ () C:\Windows\PFRO.log
2015-01-02 14:31 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-02 14:31 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-01 01:25 - 2011-11-05 22:30 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-01 00:45 - 2011-01-22 16:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-01 00:40 - 2013-08-08 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-01 00:29 - 2010-12-30 13:18 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-01 00:03 - 2014-04-21 19:24 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-01 00:00 - 2011-08-04 15:04 - 00000000 ____D () C:\Users\Evan\AppData\Local\CrashDumps
2014-12-31 23:37 - 2010-11-18 03:03 - 00000000 ____D () C:\ProgramData\PDFC
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-17 19:43
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-01-2015 03
Ran by Denny at 2015-01-03 17:10:27
Running from C:\Users\Denny\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Suite (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
6300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
6300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
6300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{343666E2-A059-48AC-AD67-230BF74E2DB2}) (Version: 2.1.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version: - )
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version: - )
Canon MX880 series User Registration (HKLM-x32\...\Canon MX880 series User Registration) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.00.100 - Nuance Communications Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-3009580160-1832042019-1401350382-1001\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
iTunes (HKLM\...\{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}) (Version: 10.5.2.11 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
LEGO Universe (HKLM-x32\...\NetDevil_LEGO_Universe_is1) (Version: - LEGO Software)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Picture It! Express 9 (HKLM-x32\...\PictureIt_v9) (Version: 9.0.0.0000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Octodad: Dadliest Catch (HKLM-x32\...\Steam App 224480) (Version: - Young Horses)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 - NewspaperDirect Inc.)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SharePort Utility (HKLM\...\SharePort Utility) (Version: 3.0.0 - D-Link Corporation)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartMusic (HKLM-x32\...\{287324A5-8034-4720-ACE4-497956793955}) (Version: 1.1.2557 - MakeMusic, Inc.)
SmartMusic 2012c (HKLM-x32\...\SmartMusic 2012c) (Version: 14.3.1 - MakeMusic)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Hobbit™ (HKLM-x32\...\InstallShield_{023FFB0A-C5DB-4930-B3E4-D48266C21738}) (Version: 1.00.000 - Sierra)
The Hobbit™ (x32 Version: 1.00.000 - Sierra) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Ultra Street Fighter IV (HKLM-x32\...\Steam App 45760) (Version: - Capcom)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2811 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC) Hidden
Zoo Tycoon 2 (HKLM-x32\...\InstallShield_{115B3C94-B59B-4095-AD1C-0FC40354C7F3}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================
29-11-2014 19:52:29 Installed Java 7 Update 71
01-01-2015 00:18:14 Windows Update
01-01-2015 01:25:32 Windows Update
02-01-2015 14:49:13 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2014-11-29 18:27 - 00450776 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 www.123moviedownload.com
There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01DF7A34-E386-4890-840B-9109B6584A3B} - System32\Tasks\{C9E4E6C9-BCC4-42C4-B204-D984E1844A6B} => F:\DVDCheck.exe
Task: {02913B27-A253-489C-BD32-B79B2B0B636D} - System32\Tasks\AdobeAAMUpdater-1.0-Family-HP6620-Suzie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {0887D4D6-600D-4045-A0C7-AECB901EAFE8} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {21173773-4F7E-4EA3-86B1-A0FFA68ACF04} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {275AC7D8-730E-40B2-8080-2EE89E4520F2} - System32\Tasks\{45B2EE23-A68C-4B01-8996-50882997A564} => pcalua.exe -a F:\Autoplay.exe -d F:\ -c -auto
Task: {29AEEE7F-A0CC-40A8-AFD9-C6886A78E5EE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {2C0B89AE-4BDE-4510-B896-2A5E768F7062} - System32\Tasks\{3A306303-9C65-4323-9DB6-AE152F8AEADF} => E:\Program Files (x86)\Sierra\The Hobbit™\Meridian.exe [2003-10-06] ()
Task: {31BB9F82-5575-4E5A-8A62-0E4A94060E73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21] (Google Inc.)
Task: {3531BF54-40B9-4941-AA77-A9FE55DF1869} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-03] (Adobe Systems Incorporated)
Task: {41648AC3-C620-4B01-9C8C-FEB9D290B848} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {41C6D1B4-B8D0-4876-9994-20E3F5D8D839} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {499C9972-282E-4F82-93C7-6011664A9F29} - System32\Tasks\{6A059260-8C3A-4E20-9B2B-C924881BBD64} => F:\DVDCheck.exe
Task: {4C95A455-5D79-4293-8494-A594022CF69D} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {620F6C60-0026-45F3-8BD4-765A45CE650B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {633CD0C4-E43E-4209-9056-F4B647C9261E} - System32\Tasks\{0A68F2AB-8F35-46E8-A3D7-D56FCC002A99} => E:\Program Files (x86)\Steam\Steam.exe [2014-11-18] (Valve Corporation)
Task: {6D520DD7-BE43-4FD9-8155-C58355DD588E} - System32\Tasks\{6CEBD374-A98C-B77E-1F8D-F46DF85595B9} => C:\Users\Evan\AppData\Roaming\wxqqvr.dll/s "C:\Users\Evan\AppData\Roaming\wxqqvr.dll" <==== ATTENTION
Task: {73B1D946-A57C-4E64-94B5-C6F75BBF6B1A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21] (Google Inc.)
Task: {7F43B5B3-25E1-4BA9-B792-FF1808F47154} - System32\Tasks\{503C6B1B-D182-40B8-8F85-6C0932AF1652} => F:\DVDCheck.exe
Task: {7F8EFFA8-7053-46BC-9E66-D69FEC731613} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Get HPU Packages => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe [2011-06-21] (Hewlett-Packard Company)
Task: {8095BC46-B00E-42E4-98F9-1EBB18346079} - System32\Tasks\{1CDDE838-030D-4C3C-9BAE-72973A9A61B0} => F:\DVDCheck.exe
Task: {81875251-DAA7-494D-A95F-85A813197C37} - System32\Tasks\{B642B63A-654A-441C-9B52-207BC94E47E0} => F:\DVDCheck.exe
Task: {8D962F7F-661C-49F9-B01A-034F06AC5E38} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {92424738-F5D8-42D9-BD04-D15301E9A8A5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {94F6870E-EBA4-45CE-B7C0-9ECC2E8D3CC0} - System32\Tasks\{86231C2F-0A36-4224-822D-18C7D58325F1} => F:\DVDCheck.exe
Task: {996E40F1-C9F5-4288-A400-C2F23C8C392F} - System32\Tasks\{0072D315-CE28-406D-9A4B-D83BF92EB948} => F:\DVDCheck.exe
Task: {B0C10B20-5DCF-4B7F-92CD-EF5E861868FE} - System32\Tasks\{E0BCE1E6-838E-4F33-8AEA-3D7494366B8C} => E:\Program Files (x86)\Steam\Steam.exe [2014-11-18] (Valve Corporation)
Task: {B4E9F7EA-A31A-40D1-A645-B40FF0BCC497} - System32\Tasks\{8225C005-44B6-4451-98C2-1F85877B6F80} => E:\Program Files (x86)\Sierra\The Hobbit™\Meridian.exe [2003-10-06] ()
Task: {BF0F9816-D60B-4D36-A3A0-874EB6F7BDB9} - System32\Tasks\{C33B97C1-6455-4DAE-96B2-0BDD48538F35} => F:\DVDCheck.exe
Task: {D255AE6D-D792-4C94-89CA-1B02983962CA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D5B17178-B955-4D63-8EAD-8B3EF451861C} - System32\Tasks\HPCeeScheduleForSuzie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {D7D3313D-3D79-4AEE-8CF9-5121363FC555} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL http://go.microsoft.com/fwlink/?LinkId=116866
Task: {DAE25319-E17F-48DC-A8B2-91A86FB1591E} - System32\Tasks\{3E23FB35-8811-449E-8689-2CE89517F6F9} => F:\DVDCheck.exe
Task: {DB3AEFDD-1608-49C7-A909-433BA0722DE4} - System32\Tasks\{1F09B983-EF38-4647-9930-86D2604D5C32} => F:\DVDCheck.exe
Task: {DF56AAD4-D10E-4053-BF79-9BA5B9633B19} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {E1574BC5-DE95-4688-A1E0-B9F95E15F0CD} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {E4177AFA-DEAF-4535-B24E-0E35908D3044} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {F2A454BB-4F13-4158-9437-B84B014B192D} - System32\Tasks\{479AF02D-7BB8-4394-BAB0-BDB75F1AB99B} => E:\Program Files (x86)\Steam\Steam.exe [2014-11-18] (Valve Corporation)
Task: {FE6F1C42-E23D-431B-8E29-8273D1F08E34} - System32\Tasks\{AAC225C8-BA35-4CD4-B9BB-22EE71D0AA91} => F:\DVDCheck.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSuzie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2011-12-30 12:24 - 2011-12-30 12:21 - 00049152 ____N () C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe
2011-11-05 22:38 - 2010-07-27 04:44 - 00137680 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-12-30 00:44 - 2008-06-19 20:35 - 00333288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll
2010-12-30 00:44 - 2008-03-04 17:52 - 00790392 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll
2010-12-30 00:44 - 2008-03-05 12:34 - 00795520 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll
2010-12-30 00:44 - 2008-02-26 14:04 - 00717176 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll
2010-12-30 00:44 - 2007-12-24 04:05 - 00121344 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Downloads\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Suzie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SharePort Utility.lnk => C:\Windows\pss\SharePort Utility.lnk.Startup
========================= Accounts: ==========================
Administrator (S-1-5-21-3009580160-1832042019-1401350382-500 - Administrator - Disabled)
Denny (S-1-5-21-3009580160-1832042019-1401350382-1001 - Administrator - Enabled) => C:\Users\Denny
Evan (S-1-5-21-3009580160-1832042019-1401350382-1005 - Limited - Enabled) => C:\Users\Evan
Guest (S-1-5-21-3009580160-1832042019-1401350382-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3009580160-1832042019-1401350382-1002 - Limited - Enabled)
Kaitlyn (S-1-5-21-3009580160-1832042019-1401350382-1006 - Limited - Enabled) => C:\Users\Kaitlyn
Luke (S-1-5-21-3009580160-1832042019-1401350382-1004 - Limited - Enabled) => C:\Users\Luke
Suzie (S-1-5-21-3009580160-1832042019-1401350382-1003 - Administrator - Enabled) => C:\Users\Suzie
==================== Faulty Device Manager Devices =============
Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================
Application errors:
==================
Error: (01/02/2015 03:00:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x00038e19
Faulting process id: 0x1374
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (01/02/2015 02:55:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SpybotSD.exe version 1.6.2.46 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 11f8
Start Time: 01d026c5f398a2db
Termination Time: 6
Application Path: C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
Report Id: 3c0ffad6-92b9-11e4-b61c-64315025969e
Error: (01/01/2015 00:44:54 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
Context: Application, SystemIndex Catalog
Error: (01/01/2015 00:00:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17420, time stamp: 0x4a5bc959
Faulting module name: MSHTML.dll, version: 11.0.9600.17420, time stamp: 0x545ae63c
Exception code: 0xc00000fd
Fault offset: 0x0031540f
Faulting process id: 0x321c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Error: (12/31/2014 11:57:35 PM) (Source: Windows Activation Technologies) (EventID: 14) (User: )
Description: Genuine validation failure:
hr = 0x800706BA
Error: (12/31/2014 11:55:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17420, time stamp: 0x4a5bca28
Faulting module name: MSHTML.dll, version: 11.0.9600.17420, time stamp: 0x545ae63c
Exception code: 0xc00000fd
Fault offset: 0x0014cb5c
Faulting process id: 0x3ec0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Error: (12/31/2014 11:53:27 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
Error: (11/30/2014 02:45:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584
Error: (11/30/2014 02:45:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584
Error: (11/30/2014 02:45:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (12/31/2014 11:48:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
Error: (12/31/2014 11:40:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (11/30/2014 11:15:00 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (11/30/2014 11:13:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
Error: (11/30/2014 02:47:49 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
Error: (11/29/2014 05:39:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (11/29/2014 05:32:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (11/29/2014 05:30:08 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (11/29/2014 05:29:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PDF Document Manager service failed to start due to the following error:
%%1053
Error: (11/29/2014 05:29:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the PDF Document Manager service to connect.

Microsoft Office Sessions:
=========================
Error: (01/02/2015 03:00:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c000000500038e19137401d026c609d0e11cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll08e0a7e8-92ba-11e4-b61c-64315025969e
Error: (01/02/2015 02:55:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SpybotSD.exe1.6.2.4611f801d026c5f398a2db6C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe3c0ffad6-92b9-11e4-b61c-64315025969e
Error: (01/01/2015 00:44:54 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Context: Application, SystemIndex Catalog
Error: (01/01/2015 00:00:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.174204a5bc959MSHTML.dll11.0.9600.17420545ae63cc00000fd0031540f321c01d0257eca1822d5C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll152e8b18-9173-11e4-9cf2-64315025969e
Error: (12/31/2014 11:57:35 PM) (Source: Windows Activation Technologies) (EventID: 14) (User: )
Description: 0x800706BA
Error: (12/31/2014 11:55:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.174204a5bca28MSHTML.dll11.0.9600.17420545ae63cc00000fd0014cb5c3ec001d0257eb53157a6C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll697750e5-9172-11e4-9cf2-64315025969e
Error: (12/31/2014 11:53:27 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: K:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
Error: (11/30/2014 02:45:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584
Error: (11/30/2014 02:45:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584
Error: (11/30/2014 02:45:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

==================== Memory info ===========================
Processor: AMD Phenom™ II X4 830 Processor
Percentage of memory in use: 41%
Total physical RAM: 5375.29 MB
Available physical RAM: 3153.86 MB
Total Pagefile: 10748.75 MB
Available Pagefile: 7935.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:471.71 GB) (Free:372.85 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.08 GB) (Free:1.48 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (New Volume) (Fixed) (Total:447.63 GB) (Free:240.36 GB) NTFS
Drive f: (ZOO_TYCN) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS
Drive k: () (Removable) (Total:1.83 GB) (Free:1.74 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9F021150)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=471.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=447.6 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=12.1 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 1.8 GB) (Disk ID: 00E38BC5)
Partition 1: (Active) - (Size=1.8 GB) - (Type=06)
==================== End Of Log ============================

#5 sbader29

sbader29
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 03 January 2015 - 06:20 PM

3. Zoek ran, but had stalled for error message "DaS21 has stopped working correctly. Windows will close the program...." I hit close and it resumed. Here is log;
 

Zoek.exe v5.0.0.0 Updated 31-12-2014
Tool run by Denny on Sat 01/03/2015 at 17:13:35.62.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Denny\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
1/3/2015 5:17:53 PM Zoek.exe System Restore Point Created Succesfully.
==== Running Processes ======================
E:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Denny\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Batch Command(s) Run By Tool======================
C:\Windows\system32\appdata deleted
==== Deleting Files \ Folders ======================
C:\Windows\syswow64\appdata deleted
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 5376 MB
CPU Info: AMD Phenom™ II X4 830 Processor
CPU Speed: 2855.6 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: AMD Radeon HD 6800 Series | AMD Radeon HD 6800 Series | AMD Radeon HD 6800 Series | AMD Radeon HD 6800 Series | AMD Radeon HD 6800 Series | AMD Radeon HD 6800 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; HF257 |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe FE Family Controller
CD / DVD Drives: 1x (F: | ) F: hp      DVD-RAM GH60L
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  471.7GB | D:  12.1GB | E:  447.6GB
Hard Disks - Free: C:  372.7GB | D:  1.5GB | E:  240.4GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 08/16/32 | HPQOEM - 20100907
Time Zone: Eastern Standard Time
Motherboard *: FOXCONN 2AB1
Country: United States
Language: ENU
==== System Specs (Software) ======================
Anti-Virus: Norton Security Suite On-access scanning disabled (Outdated)
Anti-Spyware: Norton Security Suite disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: Norton Security Suite disabled
Internet Explorer Version: 11.0.9600.17501
Google Chrome version: 39.0.2171.95
Adobe Reader version: 10.1.12.15
Sun Java version: 1.7.0_71 (32-bit)
Flash Player version: 15.0.0.246
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Denny\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-01-02 19:40:23 0481346D0EF668C0D4FF69A7BBEFA846 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2015-01-01 06:25:54 FF0A6E76FAE624AC74780AB008752F98 3209728 ----a-w- C:\Windows\SysWOW64\mf.dll
2015-01-01 05:13:50 E1456E7396022EBE4E5434188D1AC8B0 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-01 05:13:18 BB25F69463AD8E7E51B5D9D158B5F8DF 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2015-01-01 05:13:18 2EADED07BDA52C1FC5A6D4E1CC5858F0 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-01 05:13:17 F98B3860BB47089EA8C1504F043E90E9 342200 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-01-01 05:13:17 F25284C763E728E4DAC248C211D1FC5B 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2015-01-01 05:13:16 F34F6DC38A21FCDBB50CDD1EE97B1EA3 1307136 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-01-01 05:13:16 69AC6FD5B0B4DC963723E1EBDEE10A2C 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-01-01 05:13:16 2ABC5587D582ACCEA30B4CF968C2A4A5 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-01 05:13:15 DEB9476A3CD1A5819DD4504BB7C6BA66 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2015-01-01 05:13:15 D7A98A4CEA2E89F544065A00BF37FC10 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-01-01 05:13:15 220505B0B3E96C857DD01729AF0CD369 19749376 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-01-01 05:13:14 F0BCBD8FCDA145EED53ED66C45CC378B 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2015-01-01 05:13:14 543ADCEA31CF9C2B4EEB900D4AAFD0F9 2052096 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-01-01 05:13:14 41AFA61E061E98E97272AC02184C8C2C 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-01-01 05:13:13 01777AB557997E98691E322225314E57 2277888 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-01-01 05:13:10 EC5A3E4E21079B9D423AA0760828D678 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-01-01 05:13:09 759E2FAD5371512C6679FA346719493E 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2015-01-01 05:13:08 CF9D05678B02B44FBC8D8AD8C9F30D58 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll
2015-01-01 05:13:08 35BD045804B67E78F4CAB72CB820AF7F 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2015-01-01 05:13:07 B59E370277EDB6643083B62297175628 12836864 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-01-01 05:13:05 F728E7E9937117E0F32F39840EB6D737 4299264 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-01-01 05:13:05 5E4E0E43E0A5BF9F089696DFA7A3D677 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-01-01 05:13:05 37F078B5B435AFC6BF316F2AD14B469A 501248 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-01-01 05:13:05 2E9E105037AC1274656C3D1125323352 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-01 05:13:04 930F63D6BC43D4BCD937DFCECDA95F82 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2015-01-01 05:13:04 29CED1A4777A43526A4ED8A7B6936883 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-01 05:04:31 50C73E54062BA252350F3F29580E28DA 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
2015-01-01 05:04:25 1DE9BD23AFA36150586C732D876D9B74 1177088 ----a-w- C:\Windows\SysWOW64\WsmSvc.dll
2015-01-01 05:04:24 B975C202F590BBC5AA63225FBD148791 198656 ----a-w- C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-01 05:04:24 B6AC69FFBAA159DD5CEED814245A286D 214016 ----a-w- C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-01 05:04:24 9EA3783672D21817B9DF1061B54C3B3C 155136 ----a-w- C:\Windows\SysWOW64\charmap.exe
2015-01-01 05:04:24 5D9A1A3E5824CECE65871C60E5A08A1A 145920 ----a-w- C:\Windows\SysWOW64\WsmAuto.dll
2015-01-01 05:04:24 2C28FEC61C4AC68480A99CB7AA197FA9 248832 ----a-w- C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-01 04:54:55 65A1E735DAB1BF8E545532531AC24A94 40034920 ----atw- C:\Windows\SysWOW64\00029503.tmp
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-01-02 19:40:23 5564883BFB523D5078A5B1FE3128FD63 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2015-01-01 06:25:54 6E1DDE0E72FB8268F42F6777CE4C5036 4121600 ----a-w- C:\Windows\Sysnative\mf.dll
2015-01-01 05:14:04 F0356290BA3940F31AFF5566501495F7 192000 ----a-w- C:\Windows\Sysnative\aepic.dll
2015-01-01 05:14:04 D257AF48934D2167BE15AA4008176381 1083392 ----a-w- C:\Windows\Sysnative\aeinv.dll
2015-01-01 05:14:04 985558125FEEC89AB4AD142158B066D7 830976 ----a-w- C:\Windows\Sysnative\appraiser.dll
2015-01-01 05:14:04 8E64BB62AB3810D3C29ED50C405AD3BD 1232040 ----a-w- C:\Windows\Sysnative\aitstatic.exe
2015-01-01 05:14:03 E00981CF227CEEBE7B5A8D99C76D1116 741376 ----a-w- C:\Windows\Sysnative\invagent.dll
2015-01-01 05:14:03 DAF13A81A5FC895D68B1D9A72F65F4CB 413184 ----a-w- C:\Windows\Sysnative\generaltel.dll
2015-01-01 05:14:03 5CD6E919CE938A98AB25A2EA2C8C4EDA 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll
2015-01-01 05:14:03 4253086737D81D7C9C160FDE6C037F44 396800 ----a-w- C:\Windows\Sysnative\devinv.dll
2015-01-01 05:13:51 A9A0BFD706B3A24C403EEFEB0790D011 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
2015-01-01 05:13:18 D471F7A428C21DB04D810445D12D68E0 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2015-01-01 05:13:18 0FABE2AB8CA2D5CC7C95798533B4D057 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2015-01-01 05:13:17 F987718A5CA053DC23E94A531F1754A4 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2015-01-01 05:13:17 39B512C643812FC2D4843C0D4206C759 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2015-01-01 05:13:17 077AEB068A51B396F25BBCAB0944FC3A 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2015-01-01 05:13:16 9F07E8FC75C5F98A783ABFD3005EFC22 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-01-01 05:13:14 E7A2061ADF0F4D430FECDA1E8D6B7BA6 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-01-01 05:13:14 5BF0BAA1E5EF724287565E97C9219254 389296 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-01-01 05:13:13 B4E481E9498CE22113628C4E9EA24427 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2015-01-01 05:13:08 EBC8C9F61F4C148B8C6A28EDE80C51E4 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-01-01 05:13:08 14BA910E7731FC84EB85328BD0F1EE81 800768 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-01-01 05:13:08 0AF0AEF0BA9EF6169E61C78504DCAE55 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-01-01 05:13:07 23AE7A3B44D5C550B81347288CE3230E 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2015-01-01 05:13:06 EFBA893429814EA3244C87C2D1256618 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-01-01 05:13:06 3FE71E2A5BD3EC652E64FC8BCEFEDD2C 2125312 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-01-01 05:13:05 982B871A25B5078093FAD82D0AB0E3FC 2885120 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-01-01 05:13:04 F7CCA58B973FB5EAED8D1F12DD3E51F6 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2015-01-01 05:13:04 DFECAE6D925FBC9078870E16F98C471F 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2015-01-01 05:13:04 8EF01E2EF21D41A23FF70B28179F9ABE 633856 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-01-01 05:13:04 556D271F4243B273EDA353512BF3608A 14412800 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-01-01 05:13:03 DB10D681314714E0D4623E4C0CF6654A 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-01-01 05:13:03 7AC115968B8856004920057B2271224C 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2015-01-01 05:13:03 021DFF3CB0ADCD19B3AAA00A650FDEE2 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-01-01 05:13:02 8D64466AD12CA5677CD0099C43C58569 6039552 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-01-01 05:13:02 89296EF4A3729A049DA25B7D67A04078 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2015-01-01 05:13:02 4AF089160FE082E5EA5C4AA72782DCA2 2358272 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-01-01 05:13:02 1D294810D3A8A8F722E86AA001F54DCC 580096 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-01-01 05:13:02 17A157A4225CF562202AC71DB8103177 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2015-01-01 05:13:01 D478A4CF07FB8ADF72FB16B88E8030B8 25059840 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-01-01 05:04:31 A026998E927FD2095505154CBD72F35B 2048 ----a-w- C:\Windows\Sysnative\tzres.dll
2015-01-01 05:04:25 D929ABD465A2DED963DA8B30946A8D5C 2020352 ----a-w- C:\Windows\Sysnative\WsmSvc.dll
2015-01-01 05:04:24 FDEB5EE2E4DB9DE9251DDAF6A5BCA070 346624 ----a-w- C:\Windows\Sysnative\WSManMigrationPlugin.dll
2015-01-01 05:04:24 9B44CABE3536D0E3BF627176318AAFC9 181248 ----a-w- C:\Windows\Sysnative\WsmAuto.dll
2015-01-01 05:04:24 5C642B7B0365305451D579F3EFAD57D4 310272 ----a-w- C:\Windows\Sysnative\WsmWmiPl.dll
2015-01-01 05:04:24 41457C1909F6D1100C0F9B9CFF7960FC 266240 ----a-w- C:\Windows\Sysnative\WSManHTTPConfig.exe
2015-01-01 05:04:24 36E5E9D0400475230A7F57F274B88321 165888 ----a-w- C:\Windows\Sysnative\charmap.exe
====== C:\Windows\Sysnative\drivers =====
2015-01-01 05:13:37 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Denny\AppData\Roaming ======
2015-01-02 19:55:59 -------- d-----w- C:\Users\Kaitlyn\AppData\Locallow\XRE
2015-01-02 19:55:33 -------- d-sh--w- C:\Users\Kaitlyn\AppData\Local\EmieUserList
2015-01-02 19:55:33 -------- d-sh--w- C:\Users\Kaitlyn\AppData\Local\EmieSiteList
2015-01-02 19:55:33 -------- d-sh--w- C:\Users\Kaitlyn\AppData\Local\EmieBrowserModeList
====== C:\Users\Denny ======
2015-01-03 22:08:30 9F6F049192D4F5AF27C1A7E8C52FFAEE 2123776 ----a-w- C:\Users\Denny\Desktop\FRST64.exe
2015-01-03 21:49:55 7650EF7FFE338A50ADE28288FB601B7A 186568 ----a-w- C:\Users\Denny\Desktop\ESETPoweliksCleaner.exe
2015-01-02 20:08:53 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Denny\Desktop\dds.com
====== C: exe-files ==
2015-01-03 22:08:30 9F6F049192D4F5AF27C1A7E8C52FFAEE 2123776 ----a-w- C:\Users\Denny\Desktop\FRST64.exe
2015-01-03 21:49:55 7650EF7FFE338A50ADE28288FB601B7A 186568 ----a-w- C:\Users\Denny\Desktop\ESETPoweliksCleaner.exe
2015-01-02 19:40:23 5564883BFB523D5078A5B1FE3128FD63 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-01-02 19:40:23 0481346D0EF668C0D4FF69A7BBEFA846 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2015-01-01 05:14:04 8E64BB62AB3810D3C29ED50C405AD3BD 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2015-01-01 05:14:04 65536EB5F53B76562BBE0DE332A8BA3C 66216 ----a-w- C:\Windows\System32\CompatTel\diagtrackrunner.exe
2015-01-01 05:14:02 CCEE34CF7D700825AD839FAB298A0129 46760 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe
2015-01-01 05:14:02 A192555B09BD2A45940D7E449F311AF6 161960 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe
2015-01-01 05:13:18 0FABE2AB8CA2D5CC7C95798533B4D057 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-01-01 05:13:17 A8A8FD02E3A9264A603892DE1F522166 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-01-01 05:13:17 39B512C643812FC2D4843C0D4206C759 718848 ----a-w- C:\Windows\System32\ie4uinit.exe
2015-01-01 05:13:14 B7BCC767AC0E76384BCDC292184DD8C8 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2015-01-01 05:13:14 43CE0C99DBC0F96DB2B7259B0BE0930E 468992 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-01-01 05:13:13 A24BFBAE8B50A6780B68FF3673FAB52F 815280 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-01-01 05:13:08 EBC8C9F61F4C148B8C6A28EDE80C51E4 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-01-01 05:13:06 C3D17F3199D39A2AB85956A63731F188 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2015-01-01 05:13:05 2A9DA9E7462EBA3F6D2036E8D18FF773 813744 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2015-01-01 05:04:31 BE8F985609BE0809B7E29960AC997511 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe
2015-01-01 05:04:24 B975C202F590BBC5AA63225FBD148791 198656 ----a-w- C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-01 05:04:24 9EA3783672D21817B9DF1061B54C3B3C 155136 ----a-w- C:\Windows\SysWOW64\charmap.exe
2015-01-01 05:04:24 41457C1909F6D1100C0F9B9CFF7960FC 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2015-01-01 05:04:24 36E5E9D0400475230A7F57F274B88321 165888 ----a-w- C:\Windows\System32\charmap.exe
2015-01-01 04:39:40 450BDEE760894CE151404E41819E964F 1097808 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_39.0.2171.71_chrome_updater.exe
=== C: other files ==
2015-01-02 20:08:53 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Denny\Desktop\dds.com
2015-01-01 05:13:37 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe"
"HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler"
"DNS7reminder"="C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe -r C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"SpybotSnD"="C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Suzie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SharePort Utility.lnk]
"path"="C:\\Users\\Suzie\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SharePort Utility.lnk"
"backup"="C:\\Windows\\pss\\SharePort Utility.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\D-Link\\SHAREP~1\\Connect.exe -s15"
"item"="SharePort Utility"

==== Startup Folders ======================
2010-12-31 17:49:52 1216 ----a-w- C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SharePort Utility.lnk
2011-01-23 01:26:55 1298 ----a-w- C:\Users\Kaitlyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
2011-01-22 23:09:59 1298 ----a-w- C:\Users\Suzie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
2011-01-08 21:04:06 2101 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [01/03/2015 04:47 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/21/2014 07:24 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/21/2014 07:24 PM]
C:\Windows\tasks\HPCeeScheduleForSuzie.job --a------ [Undetermined Task]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Family-HP6620-Suzie" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForSuzie" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe"]
"C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\{0072D315-CE28-406D-9A4B-D83BF92EB948}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{0A68F2AB-8F35-46E8-A3D7-D56FCC002A99}" [E:\Program Files (x86)\Steam\Steam.exe]
"C:\Windows\SysNative\tasks\{1CDDE838-030D-4C3C-9BAE-72973A9A61B0}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{1F09B983-EF38-4647-9930-86D2604D5C32}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{3A306303-9C65-4323-9DB6-AE152F8AEADF}" [E:\Program Files (x86)\Sierra\The Hobbit™\Meridian.exe]
"C:\Windows\SysNative\tasks\{3E23FB35-8811-449E-8689-2CE89517F6F9}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{479AF02D-7BB8-4394-BAB0-BDB75F1AB99B}" [E:\Program Files (x86)\Steam\Steam.exe]
"C:\Windows\SysNative\tasks\{503C6B1B-D182-40B8-8F85-6C0932AF1652}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{6A059260-8C3A-4E20-9B2B-C924881BBD64}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{6CEBD374-A98C-B77E-1F8D-F46DF85595B9}" [C:\Windows\system32\regsvr32.exe]
"C:\Windows\SysNative\tasks\{8225C005-44B6-4451-98C2-1F85877B6F80}" [E:\Program Files (x86)\Sierra\The Hobbit™\Meridian.exe]
"C:\Windows\SysNative\tasks\{86231C2F-0A36-4224-822D-18C7D58325F1}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{AAC225C8-BA35-4CD4-B9BB-22EE71D0AA91}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{B642B63A-654A-441C-9B52-207BC94E47E0}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{C33B97C1-6455-4DAE-96B2-0BDD48538F35}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{C9E4E6C9-BCC4-42C4-B204-D984E1844A6B}" [F:\DVDCheck.exe]
"C:\Windows\SysNative\tasks\{E0BCE1E6-838E-4F33-8AEA-3D7494366B8C}" [E:\Program Files (x86)\Steam\Steam.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Get HPU Packages" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe]
"C:\Windows\SysNative\tasks\Norton Security Suite\Norton Error Analyzer" [C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Security Suite\Norton Error Processor" [C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_USERS\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_USERS\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_USERS\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_USERS\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_USERS\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2 folders=4 16449 bytes)
==== EOF on Sat 01/03/2015 at 17:37:54.99 ======================



#6 sbader29

sbader29
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 03 January 2015 - 09:12 PM

UPDATE: Right after posting above posts, Norton detected Trojan.Gen.2 and is asking to apply fix and restart computer. It looks like I must restart and apply Norton fix. I will wait for your reply and advice before I take any action.

Thanks for your help!



#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:40 AM

Posted 04 January 2015 - 05:28 AM

Norton detected Trojan.Gen.2...
Thanks for your help!


You are quite welcome! :)

Can you post the file path to that detected trojan or the Norton scan log please?
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 sbader29

sbader29
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 04 January 2015 - 12:29 PM

Filename: zoek.exe
Threat name: Trojan.Gen.2
Full Path: c:\users\denny\desktop\zoek.exe

____________________________

 

Details
Few Users,  Mature,  Risk High

 

 

Origin
Downloaded from
 Unknown

 

 

Activity
Actions performed: 2

 

____________________________

 

On computers as of 
1/3/2015 at 5:13:27 PM

Last Used 
1/3/2015 at 7:18:42 PM

Startup Item 
No

Launched 
Yes

____________________________

Few Users
Hundreds of users in the Norton Community have used this file.

Mature
This file was released more than 31 days 1 month ago.

High
This file risk is high.

Threat type: Virus. Programs that infect other programs, files, or areas of a computer by inserting themselves or attaching themselves to that medium.

 

____________________________

 

Source: External Media

 

Source File:
zoek.exe

 

____________________________

File Actions

Event: Running process: c:\Users\Denny\Desktop\ zoek.exe No fix attempted
Infected file: c:\Users\Denny\Desktop\ zoek.exe No fix attempted
____________________________

File Thumbprint - SHA:
c58a04c9b22264037daa9532fb848ef134744b84dfe937745310231c69377e53
File Thumbprint - MD5:
Not available

 

Category: Scan Results
Date & Time,Risk,Activity,Status,Scan Time (d:h:m:s),Total items scanned,Files & Directories,Registry Entries,Processes & Start-Up Items,Network & Browser Items,Other,Trusted Files,Skipped Files,Total Security Risks Detected,Virus,Total Security Risks Resolved,Virus Resolved,Total Security Risks Requiring Attention,Virus Unresolved
1/3/2015 9:32:21 PM,Info,Full System Scan results,Completed,0:03:01:20,"2,239,492","2,236,638",925,"1,345",576,8,"27,428","21,126",2,2,1,1,1,1
1/3/2015 6:53:22 PM,Info,Quick Scan results,Completed,0:00:04:28,"6,201","2,999",913,"1,633",648,8,741,52,1,1,0,,1,1
1/1/2015 12:31:35 AM,Info,Quick Scan results,Completed,0:00:17:48,"5,906","2,932",925,"1,465",576,8,700,8,0,,0,,0,

Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
1/3/2015 4:56:48 PM,Medium,frst64.exe (WS.Reputation.1) detected by Download Insight,Quarantined,Resolved - No Action Required,c:\users\denny\desktop\frst64.exe
1/3/2015 4:53:54 PM,Medium,frst64.exe (WS.Reputation.1) detected by Download Insight,Quarantined,Resolved - No Action Required,c:\users\denny\desktop\frst64.exe

Category: Unresolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
1/3/2015 7:18:42 PM,High,zoek.exe (Trojan.Gen.2) detected by Virus scanner,Attention Required,Remove this Security Risk now.,c:\users\denny\desktop\zoek.exe
1/3/2015 7:01:24 PM,High,00029503.tmp (Trojan.Poweliks!gm) detected by Virus scanner,Restart Required,You must restart your computer.,c:\windows\syswow64\00029503.tmp

Category: Quarantine
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
1/3/2015 4:56:48 PM,Medium,frst64.exe (WS.Reputation.1) detected by Download Insight,Quarantined,Resolved - No Action Required,c:\users\denny\desktop\frst64.exe
1/3/2015 4:53:54 PM,Medium,frst64.exe (WS.Reputation.1) detected by Download Insight,Quarantined,Resolved - No Action Required,c:\users\denny\desktop\frst64.exe

Category: Firewall - Network and Connections
Date & Time,Risk,Activity,Status,Recommended Action,Category,Subnet Identifier,Gateway Physical Address,Gateway IP Address
1/4/2015 12:17:46 PM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: 2001::9d38:6ab8:28ad:94:b6f2:3b5c).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 12:17:46 PM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: fe80::28ad:94:b6f2:3b5c%12).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 12:17:46 PM,Info,"Protecting your connection to a newly detected network on adapter \"Realtek PCIe FE Family Controller\" (IP address: fe80::e4b6:9d71:a966:262a%10).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 12:17:46 PM,Info,"Protecting your connection to a newly detected network on adapter \"Realtek PCIe FE Family Controller\" (IP address: 192.168.0.195).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 12:17:42 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,,
1/4/2015 12:17:42 PM,Info,Connected to a shared network. (00 26 5A CF D8 78),Shared,No Action Required,,,00 26 5A CF D8 78,
1/4/2015 12:17:29 PM,Info,"Protecting your connection to a newly detected network on adapter \"Microsoft ISATAP Adapter #2\" (IP address: fe80::5efe:192.168.0.195%13).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 12:17:29 PM,Info,IP address has disappeared from adapter Realtek PCIe FE Family Controller (IP address: fe80::e4b6:9d71:a966:262a%10).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 12:17:29 PM,Info,IP address has disappeared from adapter Realtek PCIe FE Family Controller (IP address: 192.168.0.195).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 12:17:29 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,,
1/4/2015 4:39:16 AM,Info,IP address has disappeared from adapter Microsoft ISATAP Adapter #2 (IP address: fe80::5efe:192.168.0.195%13).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:39:16 AM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: 2001::9d38:6ab8:28ad:94:b6f2:3b5c).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:39:16 AM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: fe80::28ad:94:b6f2:3b5c%12).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:17:09 AM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: 2001::9d38:6ab8:28ad:94:b6f2:3b5c).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:17:08 AM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: fe80::28ad:94:b6f2:3b5c%12).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:17:08 AM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: fe80::b1:94:3f57:ff3c%12).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:17:08 AM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: 2001::9d38:6ab8:b1:94:3f57:ff3c).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:17:07 AM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: fe80::b1:94:3f57:ff3c%12).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:17:07 AM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: 2001::9d38:6ab8:b1:94:3f57:ff3c).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:17:04 AM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: 2001::5ef5:79fb:30da:1546:b6f2:3b5c).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:17:04 AM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: fe80::30da:1546:b6f2:3b5c%12).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:16:54 AM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: 2001::5ef5:79fb:30da:1546:b6f2:3b5c).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:16:54 AM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: fe80::30da:1546:b6f2:3b5c%12).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:16:54 AM,Info,"Protecting your connection to a newly detected network on adapter \"Realtek PCIe FE Family Controller\" (IP address: fe80::e4b6:9d71:a966:262a%10).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:16:54 AM,Info,"Protecting your connection to a newly detected network on adapter \"Realtek PCIe FE Family Controller\" (IP address: 192.168.0.195).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:16:51 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,,
1/4/2015 4:16:51 AM,Info,Connected to a shared network. (00 26 5A CF D8 78),Shared,No Action Required,,,00 26 5A CF D8 78,
1/4/2015 4:16:39 AM,Info,"Protecting your connection to a newly detected network on adapter \"Microsoft ISATAP Adapter #2\" (IP address: fe80::5efe:192.168.0.195%13).",Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 4:16:39 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,,
1/4/2015 1:13:33 AM,Info,IP address has disappeared from adapter Realtek PCIe FE Family Controller (IP address: fe80::e4b6:9d71:a966:262a%10).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 1:13:33 AM,Info,IP address has disappeared from adapter Realtek PCIe FE Family Controller (IP address: 192.168.0.195).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 1:13:33 AM,Info,IP address has disappeared from adapter Microsoft ISATAP Adapter #2 (IP address: fe80::5efe:192.168.0.195%13).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 1:13:33 AM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: 2001::5ef5:79fb:30da:1546:b6f2:3b5c).,Detected,No Action Required,Firewall - Network and Connections,,,
1/4/2015 1:13:33 AM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: fe80::30da:1546:b6f2:3b5c%12).,Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:32:15 PM,Info,"Protecting your connection to a newly detected network on adapter \"Microsoft ISATAP Adapter #2\" (IP address: fe80::5efe:192.168.0.195%13).",Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:32:11 PM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: 2001::5ef5:79fb:30da:1546:b6f2:3b5c).",Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:32:11 PM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: fe80::30da:1546:b6f2:3b5c%12).",Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:32:11 PM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: fe80::18f6:1546:3f57:ff3c%12).,Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:32:11 PM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: 2001::5ef5:79fb:18f6:1546:3f57:ff3c).,Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:32:08 PM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: 2001::5ef5:79fb:18f6:1546:3f57:ff3c).",Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:32:08 PM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: fe80::18f6:1546:3f57:ff3c%12).",Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:32:05 PM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: fe80::3c44:3784:3f57:ff3c%12).,Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:32:05 PM,Info,IP address has disappeared from adapter Teredo Tunneling Pseudo-Interface (IP address: 2001::9d38:6ab8:3c44:3784:3f57:ff3c).,Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:32:05 PM,Info,Connected to a protected network. (::0),Protected,No Action Required,,,,::0
1/3/2015 11:32:05 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,,
1/3/2015 11:32:05 PM,Info,Connected to a shared network. (00 26 5A CF D8 78),Shared,No Action Required,,,00 26 5A CF D8 78,
1/3/2015 11:31:58 PM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: fe80::3c44:3784:3f57:ff3c%12).",Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:31:58 PM,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: 2001::9d38:6ab8:3c44:3784:3f57:ff3c).",Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:31:58 PM,Info,"Protecting your connection to a newly detected network on adapter \"Realtek PCIe FE Family Controller\" (IP address: fe80::e4b6:9d71:a966:262a%10).",Detected,No Action Required,Firewall - Network and Connections,,,
1/3/2015 11:31:58 PM,Info,"Protecting your connection to a newly detected network on adapter \"Realtek PCIe FE Family Controller\" (IP address: 192.168.0.195).",Detected,No Action Required,Firewall - Network and Connections,,,

Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category,Program Name,Program Path,Default Action,Action Taken,Local Computer,Traffic Description
1/4/2015 12:21:06 PM,Info,Firewall rules updated  ,Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 12:21:04 PM,Info,You allowed Microsoft Word to access your network resources.,Allowed,No Action Required,,Microsoft Word,C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE,No Action Required,Allow,"192.168.0.195, 53180","Outbound TCP, www-http"
1/4/2015 12:17:35 PM,Info, Rule  rejected  TCP(6)  traffic with  (0.0.0.0  Port (0) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:53 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51561) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:50 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.194  Port (50784) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:50 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51565) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:49 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51564) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:49 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.194  Port (50783) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:49 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51563) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:49 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.194  Port (50782) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:48 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.194  Port (50781) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:48 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.194  Port (59756) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:48 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.194  Port (59756) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:48 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.159  Port (54249) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:48 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.159  Port (54249) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:48 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51562) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:48 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.194  Port (59756) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:48 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.194  Port (59756) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:48 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.159  Port (54249) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:48 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.159  Port (54249) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:47 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51561) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:47 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.194  Port (50784) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:47 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51565) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:47 AM,Info, Rule  rejected  TCP(6)  traffic with  (fe80::307e:bb05:de8d:f37d%10  Port (50780) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:46 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51564) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:46 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.194  Port (50783) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:46 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51563) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:46 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.194  Port (50782) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:45 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.194  Port (50781) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:45 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51562) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:45 AM,Info, Rule  rejected  TCP(6)  traffic with  (0.0.0.0  Port (0) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:44 AM,Info, Rule  rejected  TCP(6)  traffic with  (192.168.0.159  Port (51561) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:44 AM,Info, Rule  rejected  TCP(6)  traffic with  (fe80::307e:bb05:de8d:f37d%10  Port (50780) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (fe80::307e:bb05:de8d:f37d%10  Port (62647) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (fe80::307e:bb05:de8d:f37d%10  Port (62647) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (fe80::1155:a67d:7065:5568%10  Port (63376) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (fe80::1155:a67d:7065:5568%10  Port (63376) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.194  Port (62646) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.194  Port (62646) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.159  Port (63375) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.159  Port (63375) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (fe80::1155:a67d:7065:5568%10  Port (63376) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (fe80::1155:a67d:7065:5568%10  Port (63376) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (fe80::307e:bb05:de8d:f37d%10  Port (62647) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (fe80::307e:bb05:de8d:f37d%10  Port (62647) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.194  Port (62646) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.159  Port (63375) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.194  Port (62646) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/4/2015 4:16:43 AM,Info, Rule  rejected  UDP(17)  traffic with  (192.168.0.159  Port (63375) ),Detected,No Action Required,Firewall - Activities,,,,,,
1/3/2015 11:31:58 PM,Info, Rule  rejected  TCP(6)  traffic with  (0.0.0.0  Port (0) ),Detected,No Action Required,Firewall - Activities,,,,,,

Category: Norton Product Tamper Protection
Date & Time,Risk,Activity,Status,Recommended Action,Date,Actor,Actor PID,Target,Action,Reaction
1/3/2015 9:58:49 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:58:49 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{3CFCB8E6-823E-4707-BD33-CDC6167DD22F}\{7C818F25-9E55-450A-83EA-D49593E59877}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:58:47 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:58:47 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{48E302C7-8D5F-4F92-883B-605EAEA74F16}\{1C24DA03-F60F-45F3-876D-6F363DEFDACB}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:58:46 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:58:46 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{7E68F7EE-2899-49DE-8137-50C5DF94D1F0}\{B6819B98-9D13-4E5B-80F9-2352FB3FFA7E}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:58:32 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:58:32 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{22FAC75B-3428-4D2B-B44A-99ED2FD65C95}\{21ECA2F5-77AE-420A-BF21-5E83E3E2BDAE}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:58:31 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:58:31 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{8563DF6F-B5E8-4F7D-8B23-7F0DA0405042}\{26EBFFC0-D3A2-4ED8-A561-826AAFE13A73}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:58:17 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:58:17 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{8563DF6F-B5E8-4F7D-8B23-7F0DA0405042}\{0800E566-90DF-46A0-94DF-FC4FF814ECA9}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:58:16 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:58:16 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{7E68F7EE-2899-49DE-8137-50C5DF94D1F0}\{211C75AF-29C1-4EC8-8586-BA53A41EC748}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:57:49 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:49 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{7E68F7EE-2899-49DE-8137-50C5DF94D1F0}\{73E9152C-C98A-4FCC-83FC-2E3D805479B4}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:57:40 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:40 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{9810710D-3E6B-46DB-9140-B640DA5C7136}\{1B7D9B44-EA42-480B-92A1-76D8CFA5F6B7}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:57:39 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:39 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{C1BF6052-8237-4DDE-A549-FC88FAC72DC3}\{5A374918-EF01-4512-A682-ECBFB7C7D0AE}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:57:37 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:37 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{E4C2DCC3-C5DE-4C2F-B400-15F7B58DAA62}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:57:36 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:36 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{C70D59D9-1F2F-4FE7-9415-B3304C6D2773}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:57:34 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:34 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{75180E46-E8C7-4DB3-B65D-5E1C96B04FAB}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:57:33 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:33 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{5E88E7C9-8568-486F-852B-197849ED0577}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:57:32 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:32 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{5E88E7C9-8568-486F-852B-197849ED0577}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:57:30 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:30 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{A954C68D-758E-4964-A94A-3F95DD5FFE95}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:57:25 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:25 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{9810710D-3E6B-46DB-9140-B640DA5C7136},Open File,Unauthorized access blocked
1/3/2015 9:57:22 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:22 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{6DC43CFF-E438-495D-80C6-8B39BB60B55F}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:57:19 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:57:19 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{6DC43CFF-E438-495D-80C6-8B39BB60B55F}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:56:49 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:49 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{FE64FA1B-1D2E-424D-A117-6DD99DD50111}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:56:47 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:47 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{80FE9851-6A45-47C0-8E58-B0B4990163D5}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:56:44 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:44 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{90DADD02-6188-42C3-B86A-B5FE215C155B}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:56:43 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:43 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{3B8F10EB-1D60-4BCF-8D49-5D883B07DDD5}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:56:39 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:39 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{8FA260D6-FE4D-474F-A2C6-2D07BC1A30F5}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:56:32 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:32 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{8FA260D6-FE4D-474F-A2C6-2D07BC1A30F5}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:56:29 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:29 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{B6F0D4CA-83A6-4253-B8EE-77787CD83358}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:56:22 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:22 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\WebProtectionDefs\BinHub\v.grd,Open File,Unauthorized access blocked
1/3/2015 9:56:17 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:17 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{BCC4214B-859D-4B91-A338-CAE78E4B5B27}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:56:15 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:15 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\CmnClnt\ccSubSDK\{90E5B2B2-40E9-4E4C-9287-8E2B491E4571},Open File,Unauthorized access blocked
1/3/2015 9:56:14 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:14 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\CmnClnt\ccSubSDK\{32C96A1F-5983-4830-852B-5F7030863B36},Open File,Unauthorized access blocked
1/3/2015 9:56:11 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:11 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{C1BF6052-8237-4DDE-A549-FC88FAC72DC3}\{5E09A07D-1311-41E8-B3D8-B49A6D525134}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:56:02 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:02 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{10A71FDA-8DAF-4802-B3C4-02F1BEAF0D76}\{DF07A00D-72AC-467E-BD85-9E2C87108757}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:56:01 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:01 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{10A71FDA-8DAF-4802-B3C4-02F1BEAF0D76}\{A5B3EDDD-7A8C-40D4-9896-21CE06F1ED4D}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:56:00 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:56:00 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{10A71FDA-8DAF-4802-B3C4-02F1BEAF0D76}\{1444B643-CDDD-465E-A7E9-92EFFD359AAB}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:55:59 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:59 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{10A71FDA-8DAF-4802-B3C4-02F1BEAF0D76},Open File,Unauthorized access blocked
1/3/2015 9:55:58 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:58 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\CmnClnt\ccSubSDK\{C828DC38-D86D-41B3-B0F9-7D46001AE004},Open File,Unauthorized access blocked
1/3/2015 9:55:57 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:57 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{10A71FDA-8DAF-4802-B3C4-02F1BEAF0D76}\{D99FF6B5-9796-424B-BEA5-BFF1D05BE149}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:55:55 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:55 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{10A71FDA-8DAF-4802-B3C4-02F1BEAF0D76}\{4583C22E-CDDE-4B16-AE78-5FB674D21CA0}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:55:53 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:53 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{9E6DE46F-8EA5-4334-B9F5-9391F92CFE69}\{0CAB4791-6812-40A8-94FE-37C79B9A9DFC}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:55:52 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:52 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{9E6DE46F-8EA5-4334-B9F5-9391F92CFE69}\{6330C426-1B4E-4933-AF18-808E93084994}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:55:51 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:51 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{C1BF6052-8237-4DDE-A549-FC88FAC72DC3}\{2BEDC7D7-C96D-40F5-AB39-4F0B6230DBD7}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:55:50 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:50 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{D01331A0-38A3-404F-8433-189238B25225}\{07CF242E-57AB-4805-B3D6-943DBB8D6C18}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:55:48 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:48 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Windows\System32\drivers\N360x64\1506000.020\srtsp64.inf,Open File,Unauthorized access blocked
1/3/2015 9:55:47 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:47 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{9E6DE46F-8EA5-4334-B9F5-9391F92CFE69}\{FB2D7C0A-50BC-4FFB-A6B4-3D6897EE84D4}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:55:46 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:55:46 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{9E6DE46F-8EA5-4334-B9F5-9391F92CFE69}\{5AD42F92-2107-4753-9A6B-3C47387A73F8}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:54:34 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:34 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{192BEED7-9B55-4B20-BABA-C77AA7F4D582}\{758F4E70-2D50-47AF-8307-C1287F27BCD3}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:54:33 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:33 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{192BEED7-9B55-4B20-BABA-C77AA7F4D582}\{8B41ECBF-F9E1-4D52-80D7-3D8AD315E057}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:54:32 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:32 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\Branding\21.1.0.18\09\01\isBrand.loc,Open File,Unauthorized access blocked
1/3/2015 9:54:31 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:31 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{9E6DE46F-8EA5-4334-B9F5-9391F92CFE69}\{A1847853-FF49-4B48-B42B-E31062D4DCF5}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:54:30 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:30 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{69E145E9-FF26-4B52-9F80-12FD8985376B}\{52F92BF7-1B13-4AE4-AF46-6850A7C73834}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:54:28 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:28 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{5C17E7F2-D4EF-4996-BADA-D14E735AE294}\{977E684E-33C0-4691-B8CA-73E26FCE2646}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:54:27 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:27 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{192BEED7-9B55-4B20-BABA-C77AA7F4D582}\{F62307B8-97EA-48CD-849A-C920E52D63CF}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:54:26 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:26 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{3236F3AB-59C4-4B5B-A604-803D51477499}\{1AD73F84-BA57-4A06-B7E4-5478F42AF492}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:54:25 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:25 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{192BEED7-9B55-4B20-BABA-C77AA7F4D582}\{E9FD394A-8F8A-4AA7-908F-ACF112765874}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:54:24 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:24 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{192BEED7-9B55-4B20-BABA-C77AA7F4D582}\{E9FD394A-8F8A-4AA7-908F-ACF112765874}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:54:22 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:22 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{27E240DE-4A60-4C47-8940-5DE12AB11BCF}\{2CC9BCD9-D994-47D3-BE2D-105A87C8FC8D}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:54:21 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:21 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{192BEED7-9B55-4B20-BABA-C77AA7F4D582}\{8139BA5C-1251-48C9-A4D4-4BA20760F171}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:54:20 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:20 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{25B4967A-6A75-4815-B0B6-9A145A707FF9}\{F8274580-ED0B-402E-8D18-AC3DBA4CA1C7}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:54:19 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:19 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\ccscanw.dll,Open File,Unauthorized access blocked
1/3/2015 9:54:18 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:18 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\bueng.dll,Open File,Unauthorized access blocked
1/3/2015 9:54:17 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:17 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\asoehook.dll,Open File,Unauthorized access blocked
1/3/2015 9:54:15 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:15 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\SbEngSCD\20140826.035,Open File,Unauthorized access blocked
1/3/2015 9:54:14 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:14 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\duptuprg.dat,Open File,Unauthorized access blocked
1/3/2015 9:54:13 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:13 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{E8FF1963-B506-49C9-835E-8A42EE475A03}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:54:12 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:12 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{9E6DE46F-8EA5-4334-B9F5-9391F92CFE69}\{0B633035-8FC8-479F-81DC-895B3A05B353}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:54:11 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:11 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{9E6DE46F-8EA5-4334-B9F5-9391F92CFE69}\{93BB5893-FCE9-4551-85DA-E066519AB7CA}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:54:09 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:09 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\SRTSPSettingsDefs\20141006.008\v.sig,Open File,Unauthorized access blocked
1/3/2015 9:54:08 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:08 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\exts,Open File,Unauthorized access blocked
1/3/2015 9:54:02 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:02 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\Logs\UserTrustActions.dat,Open File,Unauthorized access blocked
1/3/2015 9:54:00 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:54:00 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0021CE85-C213-4A17-A894-3DDF377F6080}\{7ECA0203-CAA5-407F-AAEF-2594064E7A7F}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:53:59 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:59 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{1E79B389-AF57-4957-8C1C-A4D8BAA9BF4D}\{F27709F5-4D2F-460D-8D4A-8EFEB528A6BD}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:53:58 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:58 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{1BF10D73-B901-461F-8E71-3372595AFBEF}\{9E209734-25F0-4F0F-A5E2-43810A13C5F4}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:53:57 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:57 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\WebProtectionDefs\BinHub\Catalog.dat,Open File,Unauthorized access blocked
1/3/2015 9:53:55 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:55 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{18DF1B12-8FBE-460B-9280-840E4428A51D}\{E2C03F04-998F-46B0-B673-1B628F9D5642}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:53:54 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:54 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{18DF1B12-8FBE-460B-9280-840E4428A51D}\{87220C5D-7911-40E0-AE8A-3949FEE7CCB2}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:53:53 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:53 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{6904B18F-DD31-4C24-8040-189977280454}\{EBA8D8A8-65D4-4178-BF1C-3D964BF910B0}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:53:51 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:51 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coNatHst.exe,Open File,Unauthorized access blocked
1/3/2015 9:53:48 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:48 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\Logs\SMode.dat,Open File,Unauthorized access blocked
1/3/2015 9:53:47 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:47 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{FB1B2A9B-483E-4401-9744-3F8B1BF23ADC}\{64B9B5ED-BCCA-44D5-8E1F-40EB4A06837B}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:53:46 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:46 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{20668091-6B0C-4FAE-89D3-830A4E93145C}\{39F41381-A58F-478D-AD5E-650A48A55037}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:53:45 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:45 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\EfaVTDefs\definfo.dat,Open File,Unauthorized access blocked
1/3/2015 9:53:44 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:44 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0E6D36C5-6916-4F0C-9E0F-044DE548FA7E}\{8EA2CC0A-725B-4AAA-B052-C38E04CC7DF9}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:53:43 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:43 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0021CE85-C213-4A17-A894-3DDF377F6080}\{2CDB8909-2071-4FFE-9BC9-1DAF64DBB871}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:53:41 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:41 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{1821C2E2-19E3-45F1-BC7D-41762F3D888B}\{FCA42DF8-CAED-4F6F-8B93-A8C51502E887}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:53:38 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:38 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{6904B18F-DD31-4C24-8040-189977280454}.qbi,Open File,Unauthorized access blocked
1/3/2015 9:53:36 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:36 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{1821C2E2-19E3-45F1-BC7D-41762F3D888B}\{FCA42DF8-CAED-4F6F-8B93-A8C51502E887}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:53:34 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:34 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{0F8E394D-9453-4A55-8C33-85D6AE66F5F0}\{9EC2D0FC-08D9-4D50-A81F-F1B18ECF7EF8}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:53:33 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:33 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\CmnClnt\_lck\_UI.Host.{1AFE47BB-FCF1-4096-9039-1FEBC9A0CCCF}1,Open File,Unauthorized access blocked
1/3/2015 9:53:32 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:32 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QBackup\{C1BF6052-8237-4DDE-A549-FC88FAC72DC3}\{E25DBA14-D05B-4755-8231-DE633472AF3F}.qbd,Open File,Unauthorized access blocked
1/3/2015 9:53:30 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:30 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\hotFix,Open File,Unauthorized access blocked
1/3/2015 9:53:29 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:29 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IdentitySafeDataStore\S-1-5-21-3009580160-1832042019-1401350382-1004,Open File,Unauthorized access blocked
1/3/2015 9:53:28 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:28 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\Temp\musdmys_TbzymntSaPVrT4E,Open File,Unauthorized access blocked
1/3/2015 9:53:26 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:26 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\EfaVTDefs\BinHub,Open File,Unauthorized access blocked
1/3/2015 9:53:25 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:25 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IronRevo\definfo.dat,Open File,Unauthorized access blocked
1/3/2015 9:53:24 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:24 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\CmnClnt\ccSetMgr\c641acb6-7e23-43eb-9afe-71e623b99681.dat,Open File,Unauthorized access blocked
1/3/2015 9:53:23 PM,Medium,Unauthorized access blocked (Open File),Blocked,No Action Required,1/3/2015 9:53:23 PM,C:\WINDOWS\SYSTEM32\SVCHOST.EXE,1304,C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\59861\0,Open File,Unauthorized access blocked

Category: Norton Error Reporting
Date & Time,Risk,Activity,Status,Error Type,Error Time,Error ID,Error Class,Product Name,Product Version,Process ID,Thread ID,Process Name,Process Version,Process Timestamp,Module Name,Module Version,Module Timestamp,Module Offset,Hash Code,Component Name,Component Id,Error Code,Severity,Error File
1/3/2015 11:44:57 PM,Info,Norton Error Reporting Submission,Submitted,Error Condition Detected,1/3/2015 9:25:09 PM,{53E82CE8-7096-45FD-87B8-663ED27EDE46},0x283E46CF,Norton Security Suite,21.6.0.32,0x564,0x1A88,N360,12.11.4.4,8/20/2014 11:39:12 PM,AVPSVC32,21.6.0.32,9/21/2014 7:19:48 AM,0x16F2D,0x4AC29F08,3048,0x8007045A,0x8,High,"C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\CmnClnt\ErrorInstances\283E46CF\53E82CE8-7096-45FD-87B8-663ED27EDE46.dat, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\CmnClnt\ErrorInstances\283E46CF\53E82CE8-7096-45FD-87B8-663ED27EDE46.dat.tmp, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\ErrMgmt\Queue\Incoming\SQ_{BDBC0C57-ACBB-45B5-BAFF-CD1B4CA213FE}\SQ_{7535426A-E614-4A39-9F83-14E4F135FB74}.etl, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\ErrMgmt\Queue\Incoming\SQ_{BDBC0C57-ACBB-45B5-BAFF-CD1B4CA213FE}\SQ_{C1524B29-8138-4D0A-8F34-56A49758C9AA}.plist, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\ErrMgmt\Queue\Incoming\SQ_{BDBC0C57-ACBB-45B5-BAFF-CD1B4CA213FE}\SQ_{9A1B9A30-8E11-459A-981D-C7ED370BE27C}.dlist"

Category: Norton Community Watch
Date & Time,Risk,Activity,Status,Recommended Action,Date Updated,Submitted By,Description,Submission Details,Detailed Status
1/3/2015 8:16:07 PM,Info,Statistical Submission: cleaner_gui.exe Exonerated,Submitted,No Action Required,1/3/2015 11:46:41 PM,Norton Security Suite,Statistical Submission: cleaner_gui.exe Exonerated,"cleaner_gui.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 52 2B F7 .............R+.  <br>F7 05 EE FC 60 00 00 00 00 7A 11 69 0F 01 03 00 ....`....z.i....  <br>01 A9 00 04 03 00 00 C8 19 03 06 00 01 02 02 00 ................  <br>00 00 06 91 00 08 01 12 04 00 00 00 00 1A 04 00 ................  <br>00 00 00 22 08 00 00 00 00 00 00 00 00 2A 08 00 ...\".........*..  <br>00 00 00 00 00 00 00 32 6D 01 7E D7 04 00 7F FF .......2m.~.....  <br>FF FF 80 FF FF FF 81 FF FF FF 82 A8 23 00 83 B7 ............#...  <br>30 00 84 78 33 00 85 45 37 00 86 FF FF FF 87 FF 0..x3..E7.......  <br>FF FF 88 8A 41 00 89 FB 44 00 8A 9E 47 00 8B 51 ....A...D...G..Q  <br>4C 00 8C A1 4F 00 8D 45 57 00 8E 79 5B 00 8F 4B L...O..EW..y[..K  <br>66 00 90 9E 6B 00 91 49 70 00 92 8A 01 00 93 98 f...k..Ip.......  <br>0D 00 94 68 7B 00 95 97 85 00 96 CC BA 00 97 FE ...h{...........  <br>DF 00 98 FF FF FF                               ......            <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 04:46:40 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 8:16:01 PM,Info,Statistical Submission: NirCmd.cfexe Exonerated,Submitted,No Action Required,1/3/2015 11:46:40 PM,Norton Security Suite,Statistical Submission: NirCmd.cfexe Exonerated,"32788r22fwjfw\nircmd.cfexe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 BD 03 43 ...............C  <br>32 14 B5 71 2F 00 00 00 00 20 6B 31 B8 01 03 00 2..q/.... k1....  <br>01 AA 00 04 03 00 00 C8 19 03 06 00 01 02 02 00 ................  <br>00 00 06 91 00 08 01 12 04 00 00 00 00 1A 04 00 ................  <br>00 00 00 22 08 00 00 00 00 00 00 00 00 2A 08 00 ...\".........*..  <br>00 00 00 00 00 00 00 32 6D 01 7E FF FF FF 7F FF .......2m.~.....  <br>FF FF 80 FF FF FF 81 28 21 00 82 FF FF FF 83 FF .......(!.......  <br>FF FF 84 FF FF FF 85 FF FF FF 86 FF FF FF 87 CD ................  <br>3D 00 88 D2 41 00 89 16 47 00 8A FF FF FF 8B D8 =...A...G.......  <br>4D 00 8C 3D 4F 00 8D C6 58 00 8E 31 5A 00 8F D4 M..=O...X..1Z...  <br>66 00 90 6E 69 00 91 FF FF FF 92 88 05 00 93 0F f..ni...........  <br>10 00 94 52 7A 00 95 8F 85 00 96 3F BB 00 97 60 ...Rz......?...`  <br>E5 00 98 DC 00 01                               ......            <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 04:46:39 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 8:15:56 PM,Info,Statistical Submission: NirCmd.cfexe Exonerated,Submitted,No Action Required,1/3/2015 11:46:39 PM,Norton Security Suite,Statistical Submission: NirCmd.cfexe Exonerated,"32788r22fwjfw\nircmd.cfexe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 BD 03 43 ...............C  <br>32 14 B5 71 2F 00 00 00 00 20 6B 31 B8 01 03 00 2..q/.... k1....  <br>01 AA 00 04 03 00 00 C8 19 03 06 00 01 02 02 00 ................  <br>00 00 06 91 00 08 01 12 04 00 00 00 00 1A 04 00 ................  <br>00 00 00 22 08 00 00 00 00 00 00 00 00 2A 08 00 ...\".........*..  <br>00 00 00 00 00 00 00 32 6D 01 7E 65 06 00 7F FF .......2m.~e....  <br>FF FF 80 8F 10 00 81 30 21 00 82 60 25 00 83 C4 .......0!..`%...  <br>30 00 84 3A 34 00 85 FF FF FF 86 44 3B 00 87 22 0..:4......D;..\"  <br>3E 00 88 6B 41 00 89 72 45 00 8A 02 49 00 8B FF >..kA..rE...I...  <br>FF FF 8C 6A 51 00 8D 48 57 00 8E FF FF FF 8F D4 ...jQ..HW.......  <br>66 00 90 6A 6B 00 91 B1 71 00 92 BD 01 00 93 9D f..jk...q.......  <br>0D 00 94 52 7A 00 95 8F 85 00 96 FC BA 00 97 B0 ...Rz...........  <br>DF 00 98 8B FD 00                               ......            <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 04:46:39 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 8:15:52 PM,Info,Statistical Submission: pev.exe Exonerated,Submitted,No Action Required,1/3/2015 11:46:38 PM,Norton Security Suite,Statistical Submission: pev.exe Exonerated,"32788r22fwjfw\pev.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 52 2B F7 .............R+.  <br>F7 69 D4 C5 CA 00 00 00 00 BC 5A 94 E3 01 03 00 .i........Z.....  <br>01 A2 00 04 03 00 00 C8 19 03 06 00 01 02 02 00 ................  <br>00 00 06 91 00 08 01 12 04 00 00 00 00 1A 04 00 ................  <br>00 00 00 22 08 00 00 00 00 00 00 00 00 2A 08 00 ...\".........*..  <br>00 00 00 00 00 00 00 32 6D 01 7E FD 04 00 7F FF .......2m.~.....  <br>FF FF 80 CD 10 00 81 76 21 00 82 AE 23 00 83 4E .......v!...#..N  <br>2F 00 84 F1 33 00 85 1E 36 00 86 86 3B 00 87 2D /...3...6...;..-  <br>3E 00 88 FF FF FF 89 18 45 00 8A 82 48 00 8B 7C >.......E...H..|  <br>4D 00 8C FF FF FF 8D 03 56 00 8E 7F 5B 00 8F FF M.......V...[...  <br>FF FF 90 FF FF FF 91 36 70 00 92 1B 00 00 93 87 .......6p.......  <br>09 00 94 43 77 00 95 A0 80 00 96 2D BA 00 97 FF ...Cw......-....  <br>FF FF 98 08 FC 00                               ......            <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 04:46:38 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 8:15:49 PM,Info,Statistical Submission: n.com Exonerated,Submitted,No Action Required,1/3/2015 11:46:38 PM,Norton Security Suite,Statistical Submission: n.com Exonerated,"32788r22fwjfw\n.com  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 BD 03 43 ...............C  <br>32 14 B5 71 2F 00 00 00 00 20 6B 31 B8 01 03 00 2..q/.... k1....  <br>01 AA 00 04 03 00 00 C8 19 03 06 00 01 02 02 00 ................  <br>00 00 06 91 00 08 01 12 04 00 00 00 00 1A 04 00 ................  <br>00 00 00 22 08 00 00 00 00 00 00 00 00 2A 08 00 ...\".........*..  <br>00 00 00 00 00 00 00 32 6D 01 7E FF FF FF 7F FF .......2m.~.....  <br>FF FF 80 FF FF FF 81 28 21 00 82 FF FF FF 83 FF .......(!.......  <br>FF FF 84 FF FF FF 85 FF FF FF 86 FF FF FF 87 CD ................  <br>3D 00 88 D2 41 00 89 16 47 00 8A FF FF FF 8B D8 =...A...G.......  <br>4D 00 8C 3D 4F 00 8D C6 58 00 8E 31 5A 00 8F D4 M..=O...X..1Z...  <br>66 00 90 6E 69 00 91 FF FF FF 92 88 05 00 93 0F f..ni...........  <br>10 00 94 52 7A 00 95 8F 85 00 96 3F BB 00 97 60 ...Rz......?...`  <br>E5 00 98 DC 00 01                               ......            <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 04:46:37 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 8:15:44 PM,Info,Statistical Submission: n.com Exonerated,Submitted,No Action Required,1/3/2015 11:46:37 PM,Norton Security Suite,Statistical Submission: n.com Exonerated,"32788r22fwjfw\n.com  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 BD 03 43 ...............C  <br>32 14 B5 71 2F 00 00 00 00 20 6B 31 B8 01 03 00 2..q/.... k1....  <br>01 AA 00 04 03 00 00 C8 19 03 06 00 01 02 02 00 ................  <br>00 00 06 91 00 08 01 12 04 00 00 00 00 1A 04 00 ................  <br>00 00 00 22 08 00 00 00 00 00 00 00 00 2A 08 00 ...\".........*..  <br>00 00 00 00 00 00 00 32 6D 01 7E 65 06 00 7F FF .......2m.~e....  <br>FF FF 80 8F 10 00 81 30 21 00 82 60 25 00 83 C4 .......0!..`%...  <br>30 00 84 3A 34 00 85 FF FF FF 86 44 3B 00 87 22 0..:4......D;..\"  <br>3E 00 88 6B 41 00 89 72 45 00 8A 02 49 00 8B FF >..kA..rE...I...  <br>FF FF 8C 6A 51 00 8D 48 57 00 8E FF FF FF 8F D4 ...jQ..HW.......  <br>66 00 90 6A 6B 00 91 B1 71 00 92 BD 01 00 93 9D f..jk...q.......  <br>0D 00 94 52 7A 00 95 8F 85 00 96 FC BA 00 97 B0 ...Rz...........  <br>DF 00 98 8B FD 00                               ......            <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 04:46:36 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 8:00:22 PM,Info,Statistical Submission: msspell3.dll_3082.D0DF3458_A845_11D3_8D0A_0050046416B9 Exonerated,Submitted,No Action Required,1/3/2015 11:46:36 PM,Norton Security Suite,Statistical Submission: msspell3.dll_3082.D0DF3458_A845_11D3_8D0A_0050046416B9 Exonerated,"msspell3.dll_3082.d0df3458_a845_11d3_8d0a_0050046416b9  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 03 00 00 00 00 00 BD 03 43 ...............C  <br>32 59 93 7D A4 00 00 00 00 44 0C 03 32 04 03 00 2Y.}.....D..2...  <br>00 C8 19 03 06 00 01 02 02 00 00 00 06 91 00 08 ................  <br>01 12 04 00 00 00 00 1A 04 00 00 00 00 22 08 00 .............\"..  <br>00 00 00 00 00 00 00 2A 08 00 00 00 00 00 00 00 .......*........  <br>00 32 6D 01 7E FF FF FF 7F FF FF FF 80 FF FF FF .2m.~...........  <br>81 FF FF FF 82 FF FF FF 83 FF FF FF 84 FF FF FF ................  <br>85 FF FF FF 86 FF FF FF 87 FF FF FF 88 FF FF FF ................  <br>89 FF FF FF 8A FF FF FF 8B FF FF FF 8C FF FF FF ................  <br>8D FF FF FF 8E FF FF FF 8F FF FF FF 90 FF FF FF ................  <br>91 FF FF FF 92 FF FF FF 93 FF FF FF 94 FF FF FF ................  <br>95 FF FF FF 96 FF FF FF 97 FF FF FF 98 FF FF FF ................  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 04:46:35 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:59:40 PM,Info,Statistical Submission: WZCNFLCT.EXE Exonerated,Submitted,No Action Required,1/3/2015 11:46:35 PM,Norton Security Suite,Statistical Submission: WZCNFLCT.EXE Exonerated,"wzcnflct.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 03 00 4A 00 00 00 1C FB 68 .........J.....h  <br>C2 7B 56 FF EC 00 00 00 00 B2 B7 B7 D6 04 03 00 .{V.............  <br>00 C8 19 03 06 00 01 02 02 00 00 00 06 91 00 08 ................  <br>01 12 04 00 00 00 00 1A 04 00 00 00 00 22 08 00 .............\"..  <br>00 00 00 00 00 00 00 2A 08 00 00 00 00 00 00 00 .......*........  <br>00 32 6D 01 7E 4B 05 00 7F A6 0E 00 80 4A 12 00 .2m.~K.......J..  <br>81 96 22 00 82 EC 23 00 83 B5 31 00 84 CB 34 00 ..\"...#...1...4.  <br>85 6E 39 00 86 9E 39 00 87 D2 3F 00 88 12 43 00 .n9...9...?...C.  <br>89 DE 45 00 8A 54 4A 00 8B D3 4C 00 8C FF FF FF ..E..TJ...L.....  <br>8D DE 58 00 8E 53 5A 00 8F E3 66 00 90 90 69 00 ..X..SZ...f...i.  <br>91 03 73 00 92 5E 05 00 93 D1 0F 00 94 FF FF FF ..s..^..........  <br>95 2A 84 00 96 CF BD 00 97 93 E5 00 98 D4 00 01 .*..............  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 04:46:33 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:51:48 PM,Info,Statistical Submission: Suspicious.Cloud.9 Exonerated,Submitted,No Action Required,1/3/2015 7:57:28 PM,Norton Security Suite,Statistical Submission: Suspicious.Cloud.9 Exonerated,"__________  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 03 00 00 00 00 00 52 2B F7 .............R+.  <br>F7 2B C4 23 D1 00 00 00 00 51 7B 43 3A 04 03 00 .+.#.....Q{C:...  <br>00 C8 19 03 06 00 01 02 02 00 00 00 06 91 00 08 ................  <br>01 12 04 00 00 00 00 1A 04 00 00 00 00 22 08 00 .............\"..  <br>00 00 00 00 00 00 00 2A 08 00 00 00 00 00 00 00 .......*........  <br>00 32 6D 01 7E FF FF FF 7F FF FF FF 80 CC 0F 00 .2m.~...........  <br>81 FF FF FF 82 AF 24 00 83 FF FF FF 84 62 34 00 ......$......b4.  <br>85 01 37 00 86 FF FF FF 87 FF FF FF 88 C8 41 00 ..7...........A.  <br>89 FF FF FF 8A 91 49 00 8B 01 4D 00 8C FF FF FF ......I...M.....  <br>8D FF FF FF 8E 3B 5A 00 8F FF FF FF 90 FF FF FF .....;Z.........  <br>91 80 72 00 92 FF FF FF 93 0E 0C 00 94 62 7D 00 ..r..........b}.  <br>95 45 86 00 96 06 C0 00 97 F5 E1 00 98 71 00 01 .E...........q..  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:27 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:44:00 PM,Info,Statistical Submission: kdbsync.exe Exonerated,Submitted,No Action Required,1/3/2015 7:57:27 PM,Norton Security Suite,Statistical Submission: kdbsync.exe Exonerated,"kdbsync.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 03 00 00 00 00 00 52 2B F7 .............R+.  <br>F7 E2 66 E6 65 00 00 00 00 9E 80 72 CB 04 03 00 ..f.e......r....  <br>00 C8 19 03 06 00 01 02 02 00 00 00 06 91 00 08 ................  <br>01 12 04 00 00 00 00 1A 04 00 00 00 00 22 08 00 .............\"..  <br>00 00 00 00 00 00 00 2A 08 00 00 00 00 00 00 00 .......*........  <br>00 32 6D 01 7E FF FF FF 7F 85 0D 00 80 35 12 00 .2m.~........5..  <br>81 E0 21 00 82 FF FF FF 83 2C 31 00 84 E9 33 00 ..!......,1...3.  <br>85 BA 36 00 86 95 39 00 87 8C 3E 00 88 FD 41 00 ..6...9...>...A.  <br>89 FF FF FF 8A 1D 49 00 8B 7C 4D 00 8C FF FF FF ......I..|M.....  <br>8D 0D 56 00 8E FF FF FF 8F 1A 68 00 90 FF FF FF ..V.......h.....  <br>91 ED 71 00 92 B8 02 00 93 C6 0D 00 94 FF FF FF ..q.............  <br>95 19 84 00 96 CC BC 00 97 A6 DD 00 98 FF FF FF ................  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:26 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:40:26 PM,Info,Statistical Submission: TerrariaServer.exe Exonerated,Submitted,No Action Required,1/3/2015 7:57:26 PM,Norton Security Suite,Statistical Submission: TerrariaServer.exe Exonerated,"terrariaserver.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 03 00 00 00 00 00 CE 8B C8 ................  <br>9C 66 EC 2C 2B 00 00 00 00 1D 9B 4F 7D 04 03 00 .f.,+......O}...  <br>00 C8 19 03 06 00 01 02 02 00 00 00 06 91 00 08 ................  <br>01 12 04 00 00 00 00 1A 04 00 00 00 00 22 08 00 .............\"..  <br>00 00 00 00 00 00 00 2A 08 00 00 00 00 00 00 00 .......*........  <br>00 32 6D 01 7E EE 03 00 7F FF FF FF 80 CB 12 00 .2m.~...........  <br>81 4C 22 00 82 5B 26 00 83 58 31 00 84 AC 34 00 .L\"..[&..X1...4.  <br>85 44 36 00 86 FF FF FF 87 FF FF FF 88 2E 41 00 .D6...........A.  <br>89 FF FF FF 8A 97 47 00 8B F9 4A 00 8C FF FF FF ......G...J.....  <br>8D 08 58 00 8E FF FF FF 8F FF FF FF 90 FF FF FF ..X.............  <br>91 FF FF FF 92 C0 00 00 93 88 09 00 94 B6 7F 00 ................  <br>95 FF FF FF 96 3D BA 00 97 66 DE 00 98 5F 02 01 .....=...f..._..  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:25 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:18:45 PM,Info,Statistical Submission: Trojan.Gen.2,Submitted,No Action Required,1/3/2015 7:57:25 PM,Norton Security Suite,Statistical Submission: Trojan.Gen.2,"CSIDL_PROFILE\desktop\zoek.exe  <br>Detection Digest:  <br>03 00 EA AF 1A 01 01 03 00 FE 35 E1 EB AD 0A CD ..........5.....  <br>91 87 11 25 AA 68 49 07 48 00 00 00 00 00 00 00 ...%.hI.H.......  <br>00 00 00 00 00 00 00 00 00 64 97 01 F8 04 03 00 .........d......  <br>00 C8 19 03 06 00 01 02 02 00 00 00 06 22 00 08 .............\"..  <br>01 12 04 8F B1 23 46 1A 04 8F B1 23 46 22 08 59 .....#F....#F\".Y  <br>0C DA 5D A2 27 D0 01 2A 08 8B 81 DA 5D A2 27 D0 ..].'..*....].'.  <br>01                                              .                 <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:24 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:16:57 PM,Info,Statistical Submission: hijackthis.exe Exonerated,Submitted,No Action Required,1/3/2015 7:57:24 PM,Norton Security Suite,Statistical Submission: hijackthis.exe Exonerated,"CSIDL_PROFILE\appdata\local\temp\hijackthis.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 F3 D3 DC ................  <br>07 04 F1 DB AB 00 00 00 00 47 8D 31 20 01 03 00 .........G.1 ...  <br>01 A9 00 04 03 00 00 C8 19 03 06 00 01 02 02 00 ................  <br>00 00 06 91 00 08 01 12 04 AF B1 23 46 1A 04 AE ...........#F...  <br>B1 23 46 22 08 D4 BE 13 81 A2 27 D0 01 2A 08 E4 .#F\"......'..*..  <br>E5 13 81 A2 27 D0 01 32 6D 01 7E 65 06 00 7F 9D ....'..2m.~e....  <br>0C 00 80 D8 10 00 81 76 21 00 82 37 24 00 83 96 .......v!..7$...  <br>30 00 84 C1 33 00 85 02 39 00 86 39 3C 00 87 01 0...3...9..9<...  <br>3E 00 88 8E 42 00 89 ED 44 00 8A AE 48 00 8B 83 >...B...D...H...  <br>4C 00 8C CA 51 00 8D 80 58 00 8E CE 5A 00 8F B5 L...Q...X...Z...  <br>66 00 90 92 6B 00 91 C5 72 00 92 A0 01 00 93 9D f...k...r.......  <br>0D 00 94 42 7B 00 95 22 83 00 96 1C BB 00 97 C6 ...B{..\"........  <br>E0 00 98 FB FB 00                               ......            <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:23 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:16:50 PM,Info,Statistical Submission: zoek-delete.exe Exonerated,Submitted,No Action Required,1/3/2015 7:57:23 PM,Norton Security Suite,Statistical Submission: zoek-delete.exe Exonerated,"CSIDL_PROFILE\appdata\local\temp\zoek-delete.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 CE 8B C8 ................  <br>9C DC A1 7B E9 00 00 00 00 9D 60 A6 AE 01 03 00 ...{......`.....  <br>01 A8 00 04 03 00 00 C8 19 03 06 00 01 02 02 00 ................  <br>00 00 06 91 00 08 01 12 04 AF B1 23 46 1A 04 AE ...........#F...  <br>B1 23 46 22 08 78 8A 10 81 A2 27 D0 01 2A 08 78 .#F\".x....'..*.x  <br>8A 10 81 A2 27 D0 01 32 6D 01 7E FE 04 00 7F 3C ....'..2m.~....<  <br>0D 00 80 27 12 00 81 4E 21 00 82 BE 26 00 83 AA ...'...N!...&...  <br>30 00 84 3A 34 00 85 EB 37 00 86 60 3B 00 87 16 0..:4...7..`;...  <br>3E 00 88 87 42 00 89 72 45 00 8A FB 48 00 8B 28 >...B..rE...H..(  <br>4C 00 8C AA 50 00 8D 3F 57 00 8E 18 5B 00 8F D9 L...P..?W...[...  <br>66 00 90 CF 69 00 91 E0 71 00 92 B8 01 00 93 81 f...i...q.......  <br>0B 00 94 22 7A 00 95 8F 85 00 96 04 BB 00 97 80 ...\"z...........  <br>E0 00 98 0D FC 00                               ......            <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:22 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:16:42 PM,Info,Statistical Submission: dds.com Exonerated,Submitted,No Action Required,1/3/2015 7:57:22 PM,Norton Security Suite,Statistical Submission: dds.com Exonerated,"CSIDL_PROFILE\desktop\dds.com  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 05 00 60 2B 0A 00 83 AC 71 .........`+....q  <br>92 ED 00 C0 EA 00 00 00 00 41 17 02 5F 01 03 00 .........A.._...  <br>01 A2 00 FF 01 03 00 01 AA 00 04 03 00 00 C8 19 ................  <br>03 06 00 01 02 02 00 00 00 06 91 00 08 01 12 04 ................  <br>1B A1 22 46 1A 04 D1 A0 22 46 22 08 FC F1 36 EE ..\"F....\"F\"...6.  <br>C7 26 D0 01 2A 08 FC F1 36 EE C7 26 D0 01 32 6D .&..*...6..&..2m  <br>01 7E FD 04 00 7F FF FF FF 80 CD 10 00 81 76 21 .~............v!  <br>00 82 AE 23 00 83 4E 2F 00 84 F1 33 00 85 1E 36 ...#..N/...3...6  <br>00 86 86 3B 00 87 2D 3E 00 88 4B 40 00 89 18 45 ...;..->..K@...E  <br>00 8A 82 48 00 8B 7C 4D 00 8C FF FF FF 8D 03 56 ...H..|M.......V  <br>00 8E 7F 5B 00 8F FF FF FF 90 FF FF FF 91 36 70 ...[..........6p  <br>00 92 1B 00 00 93 87 09 00 94 43 77 00 95 A0 80 ..........Cw....  <br>00 96 2D BA 00 97 4B DE 00 98 83 FD 00          ..-...K......     <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:21 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:15:17 PM,Info,Statistical Submission: kdbsync.exe Exonerated,Submitted,No Action Required,1/3/2015 7:57:21 PM,Norton Security Suite,Statistical Submission: kdbsync.exe Exonerated,"kdbsync.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 03 00 00 00 00 00 52 2B F7 .............R+.  <br>F7 E2 66 E6 65 00 00 00 00 9E 80 72 CB 04 03 00 ..f.e......r....  <br>00 C8 19 03 06 00 01 02 02 00 00 00 06 91 00 08 ................  <br>01 12 04 00 00 00 00 1A 04 00 00 00 00 22 08 00 .............\"..  <br>00 00 00 00 00 00 00 2A 08 00 00 00 00 00 00 00 .......*........  <br>00 32 6D 01 7E FF FF FF 7F 85 0D 00 80 35 12 00 .2m.~........5..  <br>81 E0 21 00 82 FF FF FF 83 2C 31 00 84 E9 33 00 ..!......,1...3.  <br>85 BA 36 00 86 95 39 00 87 8C 3E 00 88 FD 41 00 ..6...9...>...A.  <br>89 FF FF FF 8A 1D 49 00 8B 7C 4D 00 8C FF FF FF ......I..|M.....  <br>8D 0D 56 00 8E FF FF FF 8F 1A 68 00 90 FF FF FF ..V.......h.....  <br>91 ED 71 00 92 B8 02 00 93 C6 0D 00 94 FF FF FF ..q.............  <br>95 19 84 00 96 CC BC 00 97 A6 DD 00 98 FF FF FF ................  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:20 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:15:08 PM,Info,Statistical Submission: ielowutil.exe,Submitted,No Action Required,1/3/2015 7:57:20 PM,Norton Security Suite,Statistical Submission: ielowutil.exe,"CSIDL_WINDOWS\winsxs\x86_microsoft-windows-ie-ielowutil_31bf3856ad364e35_11.2.9600.17501_none_8ca2548ecdf4ad9e\ielowutil.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 52 2B F7 .............R+.  <br>F7 C4 EC 87 F5 00 00 00 00 3A C8 0E 97 02 04 00 .........:......  <br>2B A6 00 00 04 03 00 00 C8 19 03 06 00 01 02 02 +...............  <br>00 00 00 06 91 00 08 01 12 04 A9 29 21 46 1A 04 ...........)!F..  <br>47 0F 76 45 22 08 65 78 DC A6 81 25 D0 01 2A 08 G.vE\".ex...%..*.  <br>65 78 DC A6 81 25 D0 01 32 6D 01 7E 00 07 00 7F ex...%..2m.~....  <br>2A 0E 00 80 FF FF FF 81 FF FF FF 82 FF FF FF 83 *...............  <br>FF FF FF 84 FF FF FF 85 FF FF FF 86 FF FF FF 87 ................  <br>FF FF FF 88 FF FF FF 89 6B 46 00 8A FF FF FF 8B ........kF......  <br>E2 4A 00 8C FF FF FF 8D C0 56 00 8E FF FF FF 8F .J.......V......  <br>FF FF FF 90 94 69 00 91 FF FF FF 92 F9 02 00 93 .....i..........  <br>E6 0B 00 94 3F 7B 00 95 07 83 00 96 BD BC 00 97 ....?{..........  <br>4D E0 00 98 FF FF FF                            M......           <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:19 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:14:58 PM,Info,Sample Submission: ielowutil.exe,Submitted,No Action Required,1/3/2015 7:57:19 PM,Norton Security Suite,Sample Submission: ielowutil.exe,"CSIDL_WINDOWS\winsxs\x86_microsoft-windows-ie-ielowutil_31bf3856ad364e35_11.2.9600.17501_none_8ca2548ecdf4ad9e\ielowutil.exe  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:17 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:14:30 PM,Info,Statistical Submission: ielowutil.exe,Submitted,No Action Required,1/3/2015 7:57:17 PM,Norton Security Suite,Statistical Submission: ielowutil.exe,"CSIDL_WINDOWS\winsxs\x86_microsoft-windows-ie-ielowutil_31bf3856ad364e35_11.2.9600.17420_none_8caf3bd6cdeaaaba\ielowutil.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 52 2B F7 .............R+.  <br>F7 3C 29 B4 F0 00 00 00 00 E1 29 A5 75 02 04 00 .<).......).u...  <br>2B A6 00 00 04 03 00 00 C8 19 03 06 00 01 02 02 +...............  <br>00 00 00 06 91 00 08 01 12 04 8A AD 6C 45 1A 04 ............lE..  <br>5D 18 66 45 22 08 00 00 00 00 00 00 00 00 2A 08 ].fE\".........*.  <br>00 00 00 00 00 00 00 00 32 6D 01 7E 00 07 00 7F ........2m.~....  <br>2A 0E 00 80 FF FF FF 81 FF FF FF 82 FF FF FF 83 *...............  <br>FF FF FF 84 FF FF FF 85 FF FF FF 86 FF FF FF 87 ................  <br>FF FF FF 88 FF FF FF 89 6B 46 00 8A FF FF FF 8B ........kF......  <br>E2 4A 00 8C FF FF FF 8D C0 56 00 8E FF FF FF 8F .J.......V......  <br>FF FF FF 90 94 69 00 91 FF FF FF 92 F9 02 00 93 .....i..........  <br>E6 0B 00 94 3F 7B 00 95 07 83 00 96 BD BC 00 97 ....?{..........  <br>4D E0 00 98 FF FF FF                            M......           <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:16 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:14:20 PM,Info,Sample Submission: ielowutil.exe,Submitted,No Action Required,1/3/2015 7:57:16 PM,Norton Security Suite,Sample Submission: ielowutil.exe,"CSIDL_WINDOWS\winsxs\x86_microsoft-windows-ie-ielowutil_31bf3856ad364e35_11.2.9600.17420_none_8caf3bd6cdeaaaba\ielowutil.exe  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:15 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 7:01:20 PM,Info,Statistical Submission: Trojan.Poweliks!gm,Submitted,No Action Required,1/3/2015 7:57:14 PM,Norton Security Suite,Statistical Submission: Trojan.Poweliks!gm,"CSIDL_SYSTEMX86\00029503.tmp  <br>Detection Digest:  <br>03 00 EA AF 08 01 01 03 00 81 A2 D4 D6 24 89 B2 .............$..  <br>42 E0 89 17 02 EF 68 B8 E0 68 00 00 00 EF 39 3E B.....h..h....9>  <br>16 63 22 EC BF 00 00 00 00 94 7A B8 37 04 03 00 .c\".......z.7...  <br>00 C8 19 03 06 00 01 03 02 00 00 00 06 22 00 08 .............\"..  <br>01 12 04 DC 26 21 46 1A 04 E4 26 21 46 22 08 1F ....&!F...&!F\"..  <br>5D DE 15 7F 25 D0 01 2A 08 7B 07 2F 1D 7F 25 D0 ]...%..*.{./..%.  <br>01                                              .                 <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:14 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 6:53:22 PM,Info,Statistical Submission: Trojan.Gen.2,Submitted,No Action Required,1/3/2015 7:57:13 PM,Norton Security Suite,Statistical Submission: Trojan.Gen.2,"CSIDL_PROFILE\desktop\zoek.exe  <br>Detection Digest:  <br>03 00 EA AF 1A 01 01 03 00 FE 35 E1 EB AD 0A CD ..........5.....  <br>91 87 11 25 AA 68 49 07 48 00 00 00 00 00 00 00 ...%.hI.H.......  <br>00 00 00 00 00 00 00 00 00 64 97 01 F8 04 03 00 .........d......  <br>00 C8 19 03 06 00 01 02 02 00 00 00 06 22 00 08 .............\"..  <br>01 12 04 00 00 00 00 1A 04 00 00 00 00 22 08 00 .............\"..  <br>00 00 00 00 00 00 00 2A 08 00 00 00 00 00 00 00 .......*........  <br>00                                              .                 <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:13 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 5:12:23 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,1/3/2015 5:12:26 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 23318  <br>Local or Remote Attacker: 1  <br>Remote Port: 50282  <br>Local Port: 80  <br>Protocol: 6  <br>Signature Set Version: 20150102.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE  <br>Offending URL: download.bleepingcomputer.com/smeenk/zoek.exe  <br>Date Detected: Sat, 03d Jan 2015d 22d:12d:23d GMT  <br>Application File Checksum: A24BFBAE8B50A6780B68FF3673FAB52F  <br>Application File Information: 11.0.9600.17496  <br>Network Data: 434D50520014000078DAED90CD6ED34010C7676981225A2952DB14249016B89443EC4482223527D75E120BD736EB8D42E1B0729D1559ECD856B27CA8CFC753F0346C8CCB47F3005CF6278D664733F39FD9093DD7B90B003FB46D0120A4FD2D6D6BBFABADFB01A0D3D511C2B0ADE36DE8C0384A183F0B1CF74DE0278C78B0063D6BF3071B797E1607BF6A9EFCAB311DFB8CFCADF1B4CD3F6CF37EA0D7A3DE66610FEE68771B8E8092B713A26BC71EE58EEB9298F1C00947A2EC4D1240C7ADE01EF8098F69F4EE824F926B91DD46E431ECFF11218E47285F0F9F555FCBA24A67D66521442DCB8F59B5A83F2BB1B4F403D05ED3FB08BA377B29794D28A173A5EA53DB9ECB4F6996ABB95C596561AF164294B90DE8B0E9F6F43F6F74EBE5F437462464E7D5952C8AD47E69F5F1F154967A9F150E193EB106433C8DA6272F86982DE54C94CA7E65F58778F9E57430B0FACF712173814722CB2B405BCDA00EDCFF3D6842FDEB3DAE2A915BE29B00B4D39E697DCE248EC28470370A995E8307241CB1317CDFD707BBD7A83D80C3CD32761193B4AE0B99A54A56A55D654AA8DE4A2D45BA387F0F0683C16030180C0683C16030180C86FFC44FB4FE8A1D  <br>Sub-signature ID: 71184  <br>Signature Properties: 1042  <br>Referer URL: http://hijackthis.nl/smeenk/  <br>Application File SHA256: 0DD1EB6E664063C943BF36FA524A29CCA6DF575E75A647F96DC6E5AE579DDC64  <br>Application File CreateTime: 130645627938651815  <br>Remote Address: 208.43.245.220  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sat, 03 Jan 2015 22:12:23 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 4:56:48 PM,Info,Statistical Submission: WS.Reputation.1,Submitted,No Action Required,1/3/2015 7:57:11 PM,Norton Security Suite,Statistical Submission: WS.Reputation.1,"CSIDL_PROFILE\desktop\frst64.exe  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sun, 04 Jan 2015 00:57:04 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 4:56:12 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,1/3/2015 4:56:15 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 23318  <br>Local or Remote Attacker: 1  <br>Remote Port: 50017  <br>Local Port: 80  <br>Protocol: 6  <br>Signature Set Version: 20150102.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE  <br>Offending URL: download.bleepingcomputer.com/dl/0fc408d07573b92ee82647eb80169643/54a86575/windows/security/security-utilities/f/farbar-recovery-scan-tool/64/FRST64.exe  <br>Date Detected: Sat, 03d Jan 2015d 21d:56d:12d GMT  <br>Application File Checksum: A24BFBAE8B50A6780B68FF3673FAB52F  <br>Application File Information: 11.0.9600.17496  <br>Network Data: 434D50520014000078DAED914D6FD3401086C7B47C09902A410B1C900C5CCAC15EA775EC949C527B49225C27D81BA58583E5D89B7655D71BD99B96C23FE5D7B04953BE72E5B88F349A5DCDCC3BB3B3A1EF75EE03C00F691B009A26FD1D690BFF48DACE1780AD1D79D374D894F74DD882DE2026C961D0F13E06FD98601F16686F57F1676BF1E47018DCE4BCFE5B63DCEB13FCA7C69B55FCE52ADE0FE47891BF9E68C03DE9EEC27388F0A71196B93D3F4A3A9E878724093A619796C628066D7725F804FA71328C06C727C928BE1579BC1479054F7F8BE08E8FA364D13CE75765C1D3DC9C1494CE58799AF18BD95CD0CA9407D0B697B5BE9CF49F5A292F07E9E2901CF16FAC2852D4342D7D77CC4AA958EB21D11DB3D1D6C783B163B77552B19C9602B9A6D5D6ABCBF78D8669BDD30B764EF52ECDCE39681BCB46DFE567DC361A457D9417C89A66B6D5CA2DB7E9EE4F0EF6286DED39B64B272DABE11C38F63E6ADA69CB69BA4D7475D31BD5349B574C5CFF3A1873C10A2618ADD1144DD36A92564645337E49AB6BA3CED2D2109C17C8B1D18728268E6DD2AF14B407AB9D2E761F0F07618C136F1012F9E224C06197F4E04C97DB7DB81CFC056CAFA79193214E67B38265A960BC443C135418B5A8687A71F419140A8542A15028140A8542A1502814FF8F9F7FCA9B2A  <br>Sub-signature ID: 71184  <br>Signature Properties: 1042  <br>Referer URL:   <br>Application File SHA256: 0DD1EB6E664063C943BF36FA524A29CCA6DF575E75A647F96DC6E5AE579DDC64  <br>Application File CreateTime: 130645627938651815  <br>Remote Address: 208.43.245.220  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sat, 03 Jan 2015 21:56:12 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 4:53:57 PM,Info,Sample Submission: WS.Reputation.1,Submitted,No Action Required,1/3/2015 4:57:01 PM,Norton Security Suite,Sample Submission: WS.Reputation.1,"CSIDL_PROFILE\desktop\frst64.exe  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sat, 03 Jan 2015 21:57:00 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 4:53:55 PM,Info,Statistical Submission: WS.Reputation.1,Submitted,No Action Required,1/3/2015 4:57:00 PM,Norton Security Suite,Statistical Submission: WS.Reputation.1,"CSIDL_PROFILE\desktop\frst64.exe  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sat, 03 Jan 2015 21:56:59 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 4:52:17 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,1/3/2015 4:56:59 PM,Norton Security Suite,Norton Community Watch Feedback,url Reputation Message,
1/3/2015 4:49:58 PM,Info,Statistical Submission: esetpowelikscleaner.exe,Submitted,No Action Required,1/3/2015 4:56:57 PM,Norton Security Suite,Statistical Submission: esetpowelikscleaner.exe,"CSIDL_PROFILE\downloads\esetpowelikscleaner.exe  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 06 00 C8 1E 00 00 5D 00 4A .............].J  <br>20 D4 FE 68 C5 00 00 00 00 EA 43 C4 4B 01 03 00  ..h......C.K...  <br>01 A9 00 02 04 00 2B A6 00 00 04 03 00 00 C8 19 ......+.........  <br>03 06 00 01 02 02 0E 01 00 05 44 00 5C 44 65 76 ..........D.\Dev  <br>69 63 65 5C 48 61 72 64 64 69 73 6B 56 6F 6C 75 ice\HarddiskVolu  <br>6D 65 32 5C 50 72 6F 67 72 61 6D 20 46 69 6C 65 me2\Program File  <br>73 5C 49 6E 74 65 72 6E 65 74 20 45 78 70 6C 6F s\Internet Explo  <br>72 65 72 5C 69 65 78 70 6C 6F 72 65 2E 65 78 65 rer\iexplore.exe  <br>06 91 00 08 01 12 04 3B AE 23 46 1A 04 3B AE 23 .......;.#F..;.#  <br>46 22 08 A5 20 EB 35 9F 27 D0 01 2A 08 EB 7E 1F F\".. .5.'..*..~.  <br>36 9F 27 D0 01 32 6D 01 7E FF FF FF 7F FF FF FF 6.'..2m.~.......  <br>80 16 12 00 81 86 22 00 82 AF 23 00 83 4E 2F 00 ......\"...#..N/.  <br>84 FF FF FF 85 F0 37 00 86 FF FF FF 87 FF FF FF ......7.........  <br>88 42 40 00 89 F5 44 00 8A 2A 4A 00 8B 0D 4C 00 .B@...D..*J...L.  <br>8C A6 4E 00 8D 7E 57 00 8E 99 5B 00 8F D5 65 00 ..N..~W...[...e.  <br>90 FF FF FF 91 FF FF FF 92 0C 00 00 93 CE 08 00 ................  <br>94 1B 7B 00 95 15 83 00 96 89 B8 00 97 94 E3 00 ..{.............  <br>98 08 FC 00                                     ....              <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sat, 03 Jan 2015 21:56:56 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 4:49:58 PM,Info,Sample Submission: esetpowelikscleaner.exe,Submitted,No Action Required,1/3/2015 4:56:58 PM,Norton Security Suite,Sample Submission: esetpowelikscleaner.exe,"CSIDL_PROFILE\downloads\esetpowelikscleaner.exe  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sat, 03 Jan 2015 21:56:57 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/3/2015 4:49:50 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,1/3/2015 4:49:53 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 23318  <br>Local or Remote Attacker: 1  <br>Remote Port: 49826  <br>Local Port: 80  <br>Protocol: 6  <br>Signature Set Version: 20150101.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE  <br>Offending URL: download.eset.com/special/ESETPoweliksCleaner.exe  <br>Date Detected: Sat, 03d Jan 2015d 21d:49d:50d GMT  <br>Application File Checksum: A24BFBAE8B50A6780B68FF3673FAB52F  <br>Application File Information: 11.0.9600.17496  <br>Network Data: 434D50520014000078DAED925D6F944014860FB67EA56DA2D1AE7A37EA4DBD80D94DDCD574AF288CBB440A38CC66AD5E1064A715CB0281A9187FA13FC1F86B1C287E752FBD9D27393919CEE17DCF19F06CCBBC09003F646C01689ACCD764B47957C6E03DC0CE409E3404DBF2BC0D7760EE872C3A724DEBB5EB848CD8D0A23DEDEBF737EAD151E05EF63CFE5763397718F95BE3495F7FD4D71D578E47EDCD461D6EC8741D1E00256F1644F6CE6D1A9996450216B9A637E3B9BE08413BE805F7C009A380FA6F4FA245F84B64B713B90BF7FE8810D326346ACD5745936745BC3278CD8591146BD0F6BA7E0A83ABFD94BC2294D08F42948718374D637CC8382FD3FC4CBE575E085EB502F8B4A82ED63516783C19BD1C4FB0A88A4F715E160DCFD2F35A3F5BEB71BED22F9FD64D7A9A62D0F63B4F5BDEC8154FB9865C78463C765C7C4DB32CC66363880E96692E27AF91C7D0C4184DD1D25F4E9E4F11ABD215CF057E610CA7A8FA7C381A19C36748DA7234E3C97901DA56678460E7B7D1823AB82E7992C619262161413FA895F138972BF12F1CB45BFD05B71F220C7C2F2491E57B4C8E15B9C49BB1F9B7EFF277D26E77EA0F617FB38D9D04242ECB2C4D629116392E12C1855E8B8AC7EBE377A05028140A8542A15028140A8542A1F82F7E02735DA015  <br>Sub-signature ID: 71179  <br>Signature Properties: 1042  <br>Referer URL: http://www.bleepingcomputer.com/forums/t/561856/trojanpoweliks-gm-and-trojanswifi/  <br>Application File SHA256: 0DD1EB6E664063C943BF36FA524A29CCA6DF575E75A647F96DC6E5AE579DDC64  <br>Application File CreateTime: 130645627938651815  <br>Remote Address: 91.228.167.11  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sat, 03 Jan 2015 21:49:51 GMT  <br>Product:Norton Security Suite 21.6.0.32",
1/2/2015 3:20:42 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,1/3/2015 4:56:54 PM,Norton Security Suite,Norton Community Watch Feedback,"Signature ID: DLLMM  <br>Signature Set Version: 20150101.001  <br>Application Name: \??\C:\Windows\SysWOW64\jscript.dll  <br>Date Detected: Fri, 02d Jan 2015d 20d:20d:42d GMT  <br>Application File Checksum: 779E142FE2159935E78C0FA2E190FF1E  <br>Application File Information: 5.8.9600.16428  <br>Flags: 0x00000001  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sat, 03 Jan 2015 21:56:53 GMT  <br>Product:Norton Security Suite 21.6.0.32",Your item could not be submitted to Symantec at this time.  Another attempt will be made shortly.
1/2/2015 3:20:42 PM,Info,IPS Statistical Submission,Submitted,No Action Required,1/3/2015 11:46:41 PM,Norton Security Suite,IPS Statistical Submission,"Signature ID: DLLMM  <br>Signature Set Version: 20150101.001  <br>Application Name: \??\C:\Windows\SysWOW64\jscript.dll  <br>Date Detected: Fri, 02d Jan 2015d 20d:20d:42d GMT  <br>Application File Checksum: E2BBEE807C7E6F1D3AB44D50B98D5562  <br>Application File Information: 5.8.9600.16428  <br>Flags: 0x00000001  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Sat, 03 Jan 2015 21:56:31 GMT  <br>Product:Norton Security Suite 21.6.0.32",
12/31/2014 11:50:39 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,12/31/2014 11:51:04 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 27875  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 64581  <br>Protocol: 6  <br>Signature Set Version: 20141128.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\WIAACMGR.EXE  <br>Offending URL: tosearch.biz/search.php?query=weight+loss+motivation  <br>Date Detected: Thu, 01d Jan 2015d 04d:50d:36d GMT  <br>Application File Checksum: 9A4988F8F374388255F52DE5BD8A1B31  <br>Application File Information: 6.1.7600.16385  <br>Network Data: 434D50520014000078DAED8F6D4BC25014C7CFC80ACA1EA0E717C1ADDE18E254288324626E97399A736D13EBD5301D395C9BB9A5E477EA0BF5B62FD2752D7B10FA00717E70381CFEFFF33FF76A92282C02C02BAB39008E637D9BD5A42FB17AF3005E76D9C41148B13905EB50AD9B965D5105F14A554C8B4A30813B4AF4CD19DDAEE8EA87E7E06746B3AA58F47BC661A2EF25BAA2B2E719D2AC31070BACCDC30E18F4BA4199B72A19B6208A54B76C55D064C7CF354CE03249E00A28A6AD1BF59B5BBB617E86A4E390346C7C855041A2863D391E05A1D31AB4BBFC9D3B066E2BB64AEC61BFAC2C8DDD95A966D582B1EB79ADFC295F2099A6EB77825148348B94F8629934EBCDD249995803B7E3F851FE8C2F94C960785E2CF28563E2B93D87C84EBB1700B7161FDA87D5E9215D30849A79F9F8E40C9E2F468E7BDF8DB25E1086D987207287ADC80D7CE0E6E2B50C2C4FD71A86924F7ED0EFF6FF5C97A94566BD80200882200882200882200882FC03DE01C40F7C22  <br>Sub-signature ID: 71853  <br>Signature Properties: 534  <br>Referer URL:   <br>Application File SHA256: 846A3A0DBFFE9AE6967E987FEB2DEF5266DCC6FC1812354DC447CCC70F07D062  <br>Application File CreateTime: 0  <br>Remote Address: 95.215.1.57  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Thu, 01 Jan 2015 04:50:49 GMT  <br>Product:Norton Security Suite 21.6.0.32",
12/31/2014 11:48:18 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,12/31/2014 11:48:59 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 27270  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 60124  <br>Protocol: 6  <br>Signature Set Version: 20141128.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\SYSTRAY.EXE  <br>Offending URL: politicalroute.com/sen-rubio-says-he-could-run-for-president-even-if-jeb-bush-does/  <br>Date Detected: Thu, 01d Jan 2015d 04d:48d:18d GMT  <br>Application File Checksum: DF6923839C6A8F776F0DA704C5F4CEA5  <br>Application File Information: 6.1.7600.16385  <br>Network Data: 434D50520014000078DAED92CF6FD33014C71D36400A4442FC143703421A638E5B0986948A43D698B65AE84A9AAA708AD2C46DBDA6719438A5ECC8813F92337F084EE806AC974970F447729EFC7E7CDFF353FA4EDBBE0900F82ECF0E009A26ED57F9A9AC2ECFB753007E5CAB1C10ECCAFB2EB803BA27433F3872EDF6B1DB1BFAC40115DAB34DFCFE563C381AB8BF729EFCAD31EEF67CF2A7C6D34DFCF126DE73E5789EB39D88C00D69AE8347C0231F4644E6761D2FB0DB6D32F003D7EE77688A4643A0ED6D040DD01B0603EFE4E3A760343C17B95D8BDC05F77E8B10DB215E5035CF78C2048BC224E7A5A066C4974033EA82E7E0E1E5028FBC231EF1E6426416C6DBA538664594846C49730CB407B58C235F7949468E261FD1217DFF3D3F634912E2D76603EE8D591AF3CF05ECFBF0D06CB6E0F8647CF8AA05FD9CC53415F88DD968C17C65359B66E3054CD882C20E8D161C683B75231BDCBA6834F27AB890BBC9CB09E3A808BF14684E51C4CB2496BE144D798EB29C16B532A22B99CAA6E8944ED0A42CE628E6B4C01DE2C37F16815DDF1FE0A6D934743B8A68262C28E85AE0B958260730CCB2442E50309EE275E57AB9AEDCFB78DFD03D3AA539CD2D78A56D9FCB23374C676538A316AC7F0D431F153447F64C8E68C1FFB1EE8B4E248D78CCD2990567672C3B80319D26A1A086DEE585ECB53DAFA13B7DDF8272156D9EA634AA9E6DC1634A3364276C452B3F5F30397A10946219BE050A8542A15028140A8542A150281457E7272BEC048D  <br>Sub-signature ID: 66276  <br>Signature Properties: 1042  <br>Referer URL: http://politicalroute.com/disclaimer/  <br>Application File SHA256: 470D84A5425D094701A21B56EDED601654A9FE751A9517B20195390AF93777A0  <br>Application File CreateTime: 0  <br>Remote Address: 108.168.158.177  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Thu, 01 Jan 2015 04:48:55 GMT  <br>Product:Norton Security Suite 21.6.0.32",
12/31/2014 11:48:18 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,12/31/2014 11:48:51 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 27270  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 60250  <br>Protocol: 6  <br>Signature Set Version: 20141128.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\SYSTRAY.EXE  <br>Offending URL: politicalroute.com/wp-content/uploads/2014/10/background.jpg  <br>Date Detected: Thu, 01d Jan 2015d 04d:48d:17d GMT  <br>Application File Checksum: DF6923839C6A8F776F0DA704C5F4CEA5  <br>Application File Information: 6.1.7600.16385  <br>Network Data: 434D50520014000078DAED92CB6ED3401486C7B48014B084B88ADD009B12EA1B6A0B72D4851B0F71D49004C751CACA72ED8999C69E31F624853E002FC19BB1E6419898A440B361D1E57CD2782EE7F29F73E4BEDB766E03007E88B50580A288FDBBF82CF78658DFCE00F87963F900C1B6B86F837BC01B8C82F0A8E7B48F7BDD51805CB04479B1B23FDCB08747C3DE6F9F67FFE69878DD00FD9DE3F9CAFE7465EFF64479BEBBE9A8815B62BB099E001F7D1823E1EBB97EE8B4DB6818843DA7DFC1541B8F80B2B34AA882EE281CFA83938FE178B44E72B74E721F3CF89304392EF2C3A578C132C2491C65259B73ACC72C078A5A0778E0F1D5001FBD433EF23F715ED886B1196A1425C9B196134A2A8E4B0D275A1EE72423A7114D34C22BAD9897589B469447D55703288F6A25570CE28A92A85EF4D941FDE03DBB20591619FBBA0977268426ECBC82FD001EE8560B4E069383BD160C4A9260CA8D37BAD982E5C2B62CDD7C093332C3B083E31903CA562DD404772E85C67ED7382FB49851BE0C9D17198B92CA786D5A7B86651AA7513C4B456334D1CF8AB48302F8FFDED00B82A161E996DA70E21817DC86248F526C1434DD5D1DAB45FAEA4B9EADAFCDD6E743537FBB0B9BABE3BEDAF0F11497B8B4E175CD7B5D8ED68B683A17B236ACFF1FB531AE44B4938AD66C781D03BF5442346609A1A90DD30B52ECC2044FB38863B5E1B14A686DB6A436DC7E604331BA36A314C79C306AC3638C0BCDC9C8022FDFD98C88D2C370CEF3E8104824128944229148241289442291D4FC0207870EBB  <br>Sub-signature ID: 66276  <br>Signature Properties: 1042  <br>Referer URL: http://politicalroute.com/prime-minister-ed-mcmiliband-its-pure-fantasy/  <br>Application File SHA256: 470D84A5425D094701A21B56EDED601654A9FE751A9517B20195390AF93777A0  <br>Application File CreateTime: 0  <br>Remote Address: 108.168.158.177  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Thu, 01 Jan 2015 04:48:39 GMT  <br>Product:Norton Security Suite 21.6.0.32",
12/31/2014 11:48:16 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,12/31/2014 11:48:33 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 27270  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 60283  <br>Protocol: 6  <br>Signature Set Version: 20141128.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\SYSTRAY.EXE  <br>Offending URL: politicalroute.com/wp-content/uploads/2014/12/Chequers_3045816b-150x150.jpg  <br>Date Detected: Thu, 01d Jan 2015d 04d:48d:12d GMT  <br>Application File Checksum: DF6923839C6A8F776F0DA704C5F4CEA5  <br>Application File Information: 6.1.7600.16385  <br>Network Data: 434D50520014000078DAED92CD72D33010C7655A60C6E01986CFE126E0524AFD559A529CE9C18D4592694882E34CCAC9E3DA8AABD6965C5B694B1F8087E19138F320282129D0DC98DED06F465E49ABDDFFAEE4AED770EF0200BE8BB10280A208FB4D7CA65615E3EB31003F6E4D37205815EB55F000B47A8320DCEBB88DFD4E7B10200F4C515ECDFD8F97FCE15EBFF3EBCC8BBF738C5AED00FD99E3E5DCFF7CEE6F774479BEB77C50077784B90D9E011F7D1A2271B6E5F9A1DB68A07E1076DC6E13537D3800CADA3CA106DA83B0EFF70E3E87C3C122C9FD599287E0D1EF24C8F5901F4EC50B96114EE2282BD9846323663950B459400B3CBD1EE0A30FC847FE11E785639ACBA16651921CEB39A1A4E2B8D471A2E7714E327218D14427BCD28B4989F5714479547D3181F264A6E4898BB8A624AA177D365137F8C82E49964566CDB0E0DA88D0849D57B01BC06DC3AEC3516FB4BD55874149124CB9F9CEB0EAB03C736CDBB05EC38C9C60D8C4F10903CACA4CE83DB8772534F4DBE679A1C78CF269E8A4C8589454E6A6656F99F6A6D938C2A7135C56E15B6BABB6636F1FEA76CDBA10C3382ED2260AE03F07C35610F44DDBB035D58D635C7007923C4AB159D074633EADCED2371779B658AED74F772D636703AECFA7354DF5F11897B874E04DBDC6A21CBD13D17422641D38FBBB347558896837159D3AF0269EE34A09D1982584A60E4C2F49B101133CCE228E35B5C52AA1B5DC92A67ADDC081E2EA1A8C521C73C2A803F7312E7437236778BACF4E88283D0C273C8F768144229148241289442291482492FF869F48D41517  <br>Sub-signature ID: 66276  <br>Signature Properties: 1042  <br>Referer URL: http://politicalroute.com/prime-minister-ed-mcmiliband-its-pure-fantasy/  <br>Application File SHA256: 470D84A5425D094701A21B56EDED601654A9FE751A9517B20195390AF93777A0  <br>Application File CreateTime: 0  <br>Remote Address: 108.168.158.177  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Thu, 01 Jan 2015 04:48:24 GMT  <br>Product:Norton Security Suite 21.6.0.32",
12/31/2014 11:44:41 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,1/3/2015 4:57:03 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 27270  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 57388  <br>Protocol: 6  <br>Signature Set Version: 20141128.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\SYSTRAY.EXE  <br>Offending URL: politicalroute.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.0.1  <br>Date Detected: Thu, 01d Jan 2015d 04d:44d:41d GMT  <br>Application File Checksum: DF6923839C6A8F776F0DA704C5F4CEA5  <br>Application File Information: 6.1.7600.16385  <br>Network Data: 434D50520014000078DAED92DF6FD33010C71D3640CA08207E8A3703421AD31237D2D8A45413CA1AD356CBBA92A6EA788AA2C40DA6A91D256E07FB03F82379E60FC1295D07AB9078D8A33F9273B1EFEE7B77717A5ECBBD0B00F821D706009A26ED543E6ABB25D7F72F00FCBC551F40B029F79BE021E89C0EC2E8C8775BC77E7710620FD468AF97FE276BFEE8A8EFFF8E79F9B7C6A8D30DF19F1AAF96FE174B7FD797ED05DE7AA009EE48731B3C0701FE38C432B6E30591DB6AE17E18F96EAF4D98391C006D7B296880EE20EA07A7679FA2E1E052E4DE42E411787C25825D0F07515DBCE039153489F392CF04B1123E059AB14878039E5D4F08F0071CE0E0B3108583D07A2A4A6995E4319D921201EDE942C693535E9391ADC921DAB8179EF00B9AE7317A6735E0F688B2949F57B017C27DCB6EC2D1E9687FAF09C392A684097460359AB09C3BB66D35DEC29C4E086C9364C281F660514807F75785FA6EE09E0CDECF4979B867352C1B681BCB66B65631C3A08BCE0B33E14CD4F2453ECB28AB50BD8F13618E7939350F1065493E4B893CAF2A54896F39A92CF97A25DDC621BC091DD809C33EB22DDBD0DD24218570A0205F451DBF0B77D08EA107644C4A523AF0BFBEFFA58CE9C72C9BC51971E0E26731F461454AD3CD64B30EBC890B5855C22CE129659903B30B5AECC2948CF3581043EFF04AD65AEFD7D0BD5EE84039728B334612413973E0312185E9E6744EEA733EA1B2F5289A89697C08140A8542A15028140A8542A15028FEC52F8373043A  <br>Sub-signature ID: 66276  <br>Signature Properties: 1042  <br>Referer URL: http://politicalroute.com/disclaimer/  <br>Application File SHA256: 470D84A5425D094701A21B56EDED601654A9FE751A9517B20195390AF93777A0  <br>Application File CreateTime: 0  <br>Remote Address: 108.168.158.177  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Thu, 01 Jan 2015 04:45:10 GMT  <br>Product:Norton Security Suite 21.6.0.32",
12/31/2014 11:44:40 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,12/31/2014 11:45:04 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 27270  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 57387  <br>Protocol: 6  <br>Signature Set Version: 20141128.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\SYSTRAY.EXE  <br>Offending URL: politicalroute.com/disclaimer/  <br>Date Detected: Thu, 01d Jan 2015d 04d:44d:27d GMT  <br>Application File Checksum: DF6923839C6A8F776F0DA704C5F4CEA5  <br>Application File Information: 6.1.7600.16385  <br>Network Data: 434D50520014000078DAED91CD6ED34010C7C7B480646A09F1296E0B5C4AA9BD89044572C4C18D9738AA4982E32870B28CBD4997D86BCBDE94D007E02139F320AC435A4A73ED717FD27AB5F3F59F190FDCAE7317007EC9B303A069F22EE5A7B975797E7E03F87DAB3120D895EF5DB80FDE701C46C7BED33DF1FBE390B8D0A0BDDCF81F6DF9A3E391FF37E6F9FF35A65E3F24576BBCD8F89F6DFC7D5FB617B8DB8126DC91D76D780A01F9342132D67383C8E976C9288C7C67D0A3DC9C8C41DBDF1434A03F8E46C1F0F3976832BE28B2B72EF2001EFE2B421C970451235E1619132C89B3AA580A6A25450E9AB14EF0E0C9F584807C2001094E85286D8CB7537159B19C9A39E3AC16B432696AE649CE32F635E6A9C9446D96CB8A9AB3988BB8FE81417BBC5672E522AE29C9EEE59C3D32083F16E72CCB62FCD66AA1FD29E369F1BD4683101D59ED0E9A0EA7476F3A28AC584AB9C0EFAC5607556776BB6DB55EA18C2D28EAD1645180B6B316DA837B974293A08F535627592C5BAE708F84E8EA1B796138C26DAB6DE84E92D052D848D095C0A722CF0E515C96999C5CB082E355637ABD6ACC07F8C0D0033AA315AD6C74536BBAE8C0F4633E5FC6736AA3F56F37F4492DB39DB91CDD4637B1A74B25C29322657C6EA3F9392B0F514A67592CA8A17B452DB5B64732747710DA486EAB5B704E936633363AA1B4349D8C9DD1C65E2C986C3D8A96228FDF8342A15028140A8542A15028140AC5CDF207D220F804  <br>Sub-signature ID: 66276  <br>Signature Properties: 1042  <br>Referer URL: http://politicalroute.com/prime-minister-ed-mcmiliband-its-pure-fantasy/  <br>Application File SHA256: 470D84A5425D094701A21B56EDED601654A9FE751A9517B20195390AF93777A0  <br>Application File CreateTime: 0  <br>Remote Address: 108.168.158.177  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Thu, 01 Jan 2015 04:44:50 GMT  <br>Product:Norton Security Suite 21.6.0.32",
12/31/2014 11:42:29 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,12/31/2014 11:42:48 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 27270  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 53373  <br>Protocol: 6  <br>Signature Set Version: 20141128.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\SYSTRAY.EXE  <br>Offending URL: politicalroute.com/wp-content/uploads/2014/12/Oasis_Children_s_V_2638738c-150x150.jpg  <br>Date Detected: Thu, 01d Jan 2015d 04d:42d:29d GMT  <br>Application File Checksum: DF6923839C6A8F776F0DA704C5F4CEA5  <br>Application File Information: 6.1.7600.16385  <br>Network Data: 434D50520014000078DAED92CB72D3301486655A6026E01986EBB013B029A5B6E35E33CE74E1DA22C93424C17108AC34C6565D35B6646CA52D7D009E88A761CD83A084B440B3ED8AD13723EB7274FEFF4872CFF7DCBB00801FB2AD00A069B2FF2E3FB3BE26DBB713007EDE9A2D40B02AE7ABE00168F787213EE8BADE61B7330C910F6668AF16F1C74B717C30E8FEDEF3E25F8D71BB13A2BF355E2EE2CF17F14E579617F8CB1B0D704776B7C13310A0F72324F7B6FD00BB9E870621EEBABD1661C66808B4B585A00E3A433C08FA1F3FE1D1F052E4FE5CE42178F44704B93E0AF0CCBCE01915348EB2924F0531639E034D9F27B4C1D3EB09017A8B02141C0B513896B59C6A1525CD899153462B414A8324461EE734A39F239618545446312D8971143111555F2DA03D993BF9F222AE39C9EAE5395BA817BEE31734CB226BC7ACC3B53165093FAB602F84BBA6DD84E3FE7877BB09C3922684096BCFAC376179EAD8B6597F0D333A21B045E20907DACADCC803F7AE8C4641C73A2B8C9833314B9D16198F92CADAACDBDB96BD69F5A38A56D83BA6595212862BFC016FEE6E35F6B61AB161EFD4CF65334F8AB48542780332B01D8603CB366DBDE6C631298403691EA5C42A58BAB11856A7E99BF33CBB9CAE37BFECD7CDC6065C5F0C77F45A408E48494A07DED40B5D96637423964EA5AD03E77F9C5E1B5532DB4DE5991D78134F74E58458CC13CA5207A617B4D8800939CA2241F45A9B57D26BF9487ACDEF850E9457E771C6482C28670E3C24A430DC8C9E92D93A9F50593AC6539147FB40A15028140A8542A15028140AC57FC92FF97D1CDD  <br>Sub-signature ID: 66276  <br>Signature Properties: 1042  <br>Referer URL: http://politicalroute.com/prime-minister-ed-mcmiliband-its-pure-fantasy/  <br>Application File SHA256: 470D84A5425D094701A21B56EDED601654A9FE751A9517B20195390AF93777A0  <br>Application File CreateTime: 0  <br>Remote Address: 108.168.158.177  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Thu, 01 Jan 2015 04:42:42 GMT  <br>Product:Norton Security Suite 21.6.0.32",
12/31/2014 11:42:27 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,12/31/2014 11:42:34 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 27270  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 53279  <br>Protocol: 6  <br>Signature Set Version: 20141128.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\SYSTRAY.EXE  <br>Offending URL: politicalroute.com/prime-minister-ed-mcmiliband-its-pure-fantasy/  <br>Date Detected: Thu, 01d Jan 2015d 04d:42d:27d GMT  <br>Application File Checksum: DF6923839C6A8F776F0DA704C5F4CEA5  <br>Application File Information: 6.1.7600.16385  <br>Network Data: 434D50520014000078DAED92DD6ED33014C71D36402A44427C8A3B03121A63495AC45694AA425963DA6AA52B69AAC2058A4CE266A6891D25EE287B009E8567E29A07C1C9BA01EB1512DC20FF24E7C8E7F89CBFCF71866EC7B90A00F826D706009A26ED57F9296D4DAE2F1F01F87EA97440B029F79BE006E81D8EFD607FE0740E06FDB18F5C50A23D5AC56FAFC583FDD1E0F4CC83DF6B4C7B7D1FFD5AE3E12A7E7F15EF0FE4F53C77FDA001AE487319DC031E7A3341F26CCFF502A7D341233F1838C32E61C6640CB4AD55411DF4C7C1C83B7CFB2E988CCF8A5CAF8ADC04B77E16418E8BBCA014CF7842050D7192F3852066C853A0E955C27B70F76282875E210F79474264B665ADA75A2F17220D0ABEC843D20EB3C7E52E25115DA46D91E3D98C86952BE44C1026DACF5E349BBBA71E9C6698C64C2601ED4E25EFCAE95C90972DC9E6BB68E8BFE6273449B0B56BD6E1D694B2887F2AE0D0877B66A305A787D3BDE72DE8E734922A56D3ACB7607E6C371A66FD094CE89CC02E09E71C681B959005AE9D0B4DBCBE95E53425464A192D04C90D12196998D2847EC02C32A8288C6C9113638699C0C567AB8B7CF88729B0E7FB23AB6136F49A1386241336146429AC2391263B10675922872A2867D6B2743D5D96EE6D6B5BAF7964467292DBF09FBEC0D9B58C0166F102C7C486D56FA6D72685ECCE8965A60DFFC6139C2B2116F288B2D886F109CD76604466091644AFF57821B5D6FBD46BEED0B7A11C61873346C2725C363C2024339C841E93D2CFE7545E3D08647BB80D140A8542A15028140A8542A150FCEFFC001CB7229B  <br>Sub-signature ID: 66276  <br>Signature Properties: 1042  <br>Referer URL: http://politicalroute.com/?utm_source=cp&utm_medium=traffic&utm_content=28775&utm_campaign=cp  <br>Application File SHA256: 470D84A5425D094701A21B56EDED601654A9FE751A9517B20195390AF93777A0  <br>Application File CreateTime: 0  <br>Remote Address: 108.168.158.177  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Thu, 01 Jan 2015 04:42:29 GMT  <br>Product:Norton Security Suite 21.6.0.32",
12/31/2014 11:41:30 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,12/31/2014 11:41:34 PM,Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 27775  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 50539  <br>Protocol: 6  <br>Signature Set Version: 20141128.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\DLLHOST.EXE  <br>Offending URL: 95.215.1.57/query?version=1.7&sid=7786&builddate=251014&q=how+to+raise+testosterone&ua=Mozilla%2F5%2E0%20%28Windows%20NT%206%2E1%3B%20WOW64%3B%20Trident%2F7%2E0%3B%20rv%3A11%2E0%29%20like%20Gecko&lang=en-US&wt=16&lr=0&ls=2  <br>Date Detected: Thu, 01d Jan 2015d 04d:41d:04d GMT  <br>Application File Checksum: A63DC5C2EA944E6657203E0C8EDEAF61  <br>Application File Information: 6.1.7600.16385  <br>Network Data: 434D50520014000078DAED90CF4EDB4010C6C7028110D056022171E38F6C558A1AB206C7E1B0424EB225568D136C47694F96C12BB0B06CC57688E0C291A7E3D45B9FA613DBA056BC41BB3F793C3BFB7D3BF6ACDDEF19AB00F00B6309409230AF602CF21AC6530CF0BC8B95B407CB582FC327180C5DCFEF5A46EF9B65BA1EEBC302E9B0D6B7DFE97E7764559EFDBF7B4C06A6C7FEEC7150EBBBB56E5AF87B4EFFBDF1736DDC04D3F547CEF0FB0F7FECBE8A2BB5B8030EBB1C336CD41BDA1EB33DDF62F6B937A85C1BE59CEBB0F5E61A30A3CF1C7FF1E953ADA912AD499A9A0ED2C7D2F9021FDE9C23C3312EDCB37B9EE5519A50D2D4953C0AA9AE77DACAD52C8AC33028385535D22227CA94DEA6F3469136B220CA79A3E07991E605CFD2842BB3805EA48F511C07B2FA559355D692557C3A932809D3798E85EDE1AB8D0A918FBBB89C0C27ED936AE96551C893024FEAE5C97233BB978F0D42AA56A7B81147771CD339BFBE4B9538486E284FBE8C5D655E50D256E28CB69438A72A484BE5983FF14A5EC71C3BE6D174C6B3877F6AD26A001008040281402010080402814020F83FF80D8B44B5E4  <br>Sub-signature ID: 72071  <br>Signature Properties: 534  <br>Referer URL:   <br>Application File SHA256: F7AD4B09AFB301CE46DF695B22114331A57D52E6D4163FF74787BF68CCF44C78  <br>Application File CreateTime: 0  <br>Remote Address: 95.215.1.57  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 16 Model 4 Stepping 3  <br>System:Windows 7 build 7601 Service Pack 1  <br>Platform-GUID:37B2B09B-13D2-11E0-BD8D-64315025969E  <br>DateSubmitted:Thu, 01 Jan 2015 04:41:32 GMT  <br>Product:Norton Security Suite 21.6.0.32",

Category: LiveUpdate
Date & Time,Risk,Activity,Status,Recommended Action,Type of Update,Result,Date & Time,Total Updates Applied,Norton Web Protection Definitions,Reboot Required,Risk,Norton Pulse Updates
1/4/2015 4:29:31 AM,Info,LiveUpdate Session,Completed,No Action Required,Automatic,Norton LiveUpdate has successfully completed. Your Norton product now has the latest protection updates.,1/4/2015 4:29:31 AM,1,Success (12.07KB),No,Info,
1/4/2015 12:45:22 AM,Info,LiveUpdate Session,Completed,No Action Required,Automatic,Norton LiveUpdate has successfully completed. Your Norton product now has the latest protection updates.,1/4/2015 12:45:22 AM,2,Success (10.27KB),No,Info,Success (478.00bytes)
1/3/2015 10:32:22 PM,Info,LiveUpdate Session,Completed,No Action Required,Automatic,Norton LiveUpdate has successfully completed. Your Norton product now has the latest protection updates.,1/3/2015 10:32:22 PM,1,Success (9.85KB),No,Info,

 



#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:40 AM

Posted 05 January 2015 - 01:18 PM

Filename: zoek.exe
Threat name: Trojan.Gen.2
Full Path: c:\users\denny\desktop\zoek.exe

 
Norton... :rolleyes:


Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.
Step 2

Please download and install mbam.pngMalwarebytes Anti-Malware  [latest version!]
  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
  • A window with an option to view the detailed log will appear.
    mbamlog.png
  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
mbameng.gif


Step 3

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

Step 4

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 sbader29

sbader29
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 06 January 2015 - 12:27 AM

I wish Norton had found the real malware as well.....then I wouldn't need your help....which I really appreciate!

Here are logs for adwcleaner and mbam.....eset scan is still running, will send logs when done;

 

# AdwCleaner v4.106 - Report created 05/01/2015 at 21:02:26
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Denny - FAMILY-HP6620
# Running from : C:\Users\Denny\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\Users\Denny\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Evan\AppData\Local\StartNow
Folder Deleted : C:\Users\Evan\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Kaitlyn\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Luke\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Suzie\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Deleted : C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Deleted : C:\Users\Kaitlyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Suzie\Desktop\Continue MediaDownloader Installation.lnk

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4EE0AA81-8D37-4AE7-82D1-F185AD665807}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4EE0AA81-8D37-4AE7-82D1-F185AD665807}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4EE0AA81-8D37-4AE7-82D1-F185AD665807}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Google Chrome v39.0.2171.95

[C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=20140226&user_guid=&machine_id=5e1d93beb0acf8b140b05ea833f55e2c&browser=cr&os=win&os_version=6.1-x64-SP1
[C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Kaitlyn\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Kaitlyn\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Kaitlyn\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk

-\\ Chromium v

[C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=20140226&user_guid=&machine_id=5e1d93beb0acf8b140b05ea833f55e2c&browser=cr&os=win&os_version=6.1-x64-SP1
[C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Kaitlyn\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Kaitlyn\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [5009 octets] - [05/01/2015 21:00:35]
AdwCleaner[S0].txt - [6270 octets] - [05/01/2015 21:02:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6330 octets] ##########


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/5/2015
Scan Time: 9:13:19 PM
Logfile: MBAM log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.06.01
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Denny

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 528118
Time Elapsed: 21 min, 35 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-3009580160-1832042019-1401350382-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, Quarantined, [5ca55910413b90a6f682a2c63bc80cf4],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)



#11 sbader29

sbader29
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 06 January 2015 - 02:26 AM

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=f7447a3d20b95146ba394a933e893cd4
# engine=21830
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-01-06 05:38:32
# local_time=2015-01-06 12:38:32 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 87 100 209104 171098808 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 46073033 172066162 0 0
# scanned=564338
# found=16
# cleaned=0
# scan_time=10169
sh=97D7ED8C63A1F52E85B87356663B47038F3E1BAF ft=1 fh=7d92fc00368f137a vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\genfix2-a[1]"
sh=97D7ED8C63A1F52E85B87356663B47038F3E1BAF ft=1 fh=7d92fc00368f137a vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\genfix2-a[2]"
sh=303BD7E6A307688F829D0E525B87CF4480F612E9 ft=1 fh=4accdedb476c8e1d vn="a variant of Win32/Distromatic.C potentially unwanted application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\search-update2[1]"
sh=D51128B2F0E3C4535864645262886325A85B0AF6 ft=1 fh=54adc96d46817005 vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\search-update-d[1]"
sh=24C7CC721FDF5D286EF00227F6992C20B4D58ED0 ft=1 fh=bcb36227a734ed99 vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\genfix-e[1]"
sh=D51128B2F0E3C4535864645262886325A85B0AF6 ft=1 fh=54adc96d46817005 vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\search-update-d[1]"
sh=46413A185F64DCE8354E7C8008BF068E6FBC7D45 ft=1 fh=3aaa9f6fea73924a vn="a variant of Win32/Toolbar.Zugo potentially unwanted application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\updater-startnow-200-2.5-g[1].exe"
sh=24C7CC721FDF5D286EF00227F6992C20B4D58ED0 ft=1 fh=bcb36227a734ed99 vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\genfix-e[1]"
sh=97D7ED8C63A1F52E85B87356663B47038F3E1BAF ft=1 fh=7d92fc00368f137a vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\genfix2-a[1]"
sh=97D7ED8C63A1F52E85B87356663B47038F3E1BAF ft=1 fh=7d92fc00368f137a vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\genfix2-a[2]"
sh=303BD7E6A307688F829D0E525B87CF4480F612E9 ft=1 fh=4accdedb476c8e1d vn="a variant of Win32/Distromatic.C potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\search-update2[1]"
sh=D51128B2F0E3C4535864645262886325A85B0AF6 ft=1 fh=54adc96d46817005 vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\search-update-d[1]"
sh=24C7CC721FDF5D286EF00227F6992C20B4D58ED0 ft=1 fh=bcb36227a734ed99 vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\genfix-e[1]"
sh=D51128B2F0E3C4535864645262886325A85B0AF6 ft=1 fh=54adc96d46817005 vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\search-update-d[1]"
sh=46413A185F64DCE8354E7C8008BF068E6FBC7D45 ft=1 fh=3aaa9f6fea73924a vn="a variant of Win32/Toolbar.Zugo potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\updater-startnow-200-2.5-g[1].exe"
sh=24C7CC721FDF5D286EF00227F6992C20B4D58ED0 ft=1 fh=bcb36227a734ed99 vn="Win32/Toolbar.Zugo.D potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\genfix-e[1]"
 



#12 sbader29

sbader29
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 06 January 2015 - 02:29 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2015 03
Ran by Denny (administrator) on FAMILY-HP6620 on 06-01-2015 02:27:52
Running from C:\Users\Denny\Desktop
Loaded Profile: Denny (Available profiles: Denny & Suzie & Luke & Evan & Kaitlyn)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
() C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-25] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [563736 2009-10-14] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SpybotSnD] => C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe [5365592 2009-01-26] (Safer Networking Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [] => [X]
HKU\S-1-5-20\...\Run: [] => [X]
HKU\S-1-5-21-3009580160-1832042019-1401350382-1001\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Denny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SharePort Utility.lnk
ShortcutTarget: SharePort Utility.lnk -> C:\Program Files\D-Link\SharePort Utility\Connect.exe (D-Link Corp.)
Startup: C:\Users\Kaitlyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Suzie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=U159
HKU\S-1-5-21-3009580160-1832042019-1401350382-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
SearchScopes: HKLM -> {3DDA53B0-317E-47BB-B20C-550C46A1A458} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {E125243F-B870-446C-9E37-8C2B8E703966} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {F6847FBF-C656-4D37-BDD9-ADDFEFB65C62} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {3DDA53B0-317E-47BB-B20C-550C46A1A458} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {E125243F-B870-446C-9E37-8C2B8E703966} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {F6847FBF-C656-4D37-BDD9-ADDFEFB65C62} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 -> {3DDA53B0-317E-47BB-B20C-550C46A1A458} URL = http://www.bing.com/search?FORM=U159DF&PC=U159&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 -> {E125243F-B870-446C-9E37-8C2B8E703966} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 -> {F6847FBF-C656-4D37-BDD9-ADDFEFB65C62} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension -> {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll (Nuance Communications, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3009580160-1832042019-1401350382-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin HKU\S-1-5-21-3009580160-1832042019-1401350382-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-01-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-01-05]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012-07-18]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-04-09]
FF HKU\S-1-5-21-3009580160-1832042019-1401350382-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-29]
CHR Extension: (Google Docs) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-29]
CHR Extension: (Google Drive) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-29]
CHR Extension: (YouTube) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-29]
CHR Extension: (Google Search) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-29]
CHR Extension: (Google Sheets) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-29]
CHR Extension: (Norton Identity Safe) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-29]
CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2014-11-29]
CHR Extension: (Google Wallet) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-29]
CHR Extension: (Gmail) - C:\Users\Denny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-15]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2012-07-18]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor10.0; E:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 D-Link SharePort Helper; C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe [49152 2011-12-30] () [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [137680 2010-07-27] ()
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-10-02] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-31] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-31] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150105.001\IDSvia64.sys [637656 2014-12-31] (Symantec Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [129752 2015-01-05] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150105.001\ENG64.SYS [129752 2014-12-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150105.001\EX64.SYS [2137304 2014-12-31] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R3 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291336 2011-12-30] (silex technology, Inc.)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2010-09-28] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 21:45 - 2015-01-05 21:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-05 21:43 - 2015-01-05 21:43 - 02347384 _____ (ESET) C:\Users\Denny\Desktop\esetsmartinstaller_enu.exe
2015-01-05 21:10 - 2015-01-05 21:10 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Denny\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-05 21:00 - 2015-01-05 21:02 - 00000000 ____D () C:\AdwCleaner
2015-01-05 20:22 - 2015-01-05 20:22 - 02173952 _____ () C:\Users\Denny\Desktop\AdwCleaner.exe
2015-01-04 12:27 - 2015-01-04 12:27 - 00236548 _____ () C:\Users\Denny\Desktop\Recent History.txt
2015-01-04 12:25 - 2015-01-04 12:25 - 29767922 _____ () C:\Users\Denny\Desktop\Recent History.mcf
2015-01-04 12:21 - 2015-01-04 12:21 - 00000000 ____D () C:\Users\Denny\AppData\Roaming\Nuance
2015-01-03 17:17 - 2015-01-03 17:37 - 00026739 _____ () C:\zoek-results.log
2015-01-03 17:13 - 2015-01-03 17:31 - 00000000 ____D () C:\zoek_backup
2015-01-03 17:10 - 2015-01-03 17:11 - 00042792 _____ () C:\Users\Denny\Desktop\Addition.txt
2015-01-03 17:09 - 2015-01-06 02:27 - 00027005 _____ () C:\Users\Denny\Desktop\FRST.txt
2015-01-03 17:09 - 2015-01-06 02:27 - 00000000 ____D () C:\FRST
2015-01-03 17:08 - 2015-01-03 17:08 - 02123776 _____ (Farbar) C:\Users\Denny\Desktop\FRST64.exe
2015-01-03 16:51 - 2015-01-03 16:51 - 00323920 _____ () C:\Users\Denny\Desktop\ESETPoweliksCleaner.exe_20150103.165128.4152.log
2015-01-03 16:49 - 2015-01-03 16:49 - 00186568 _____ (ESET) C:\Users\Denny\Desktop\ESETPoweliksCleaner.exe
2015-01-02 15:10 - 2015-01-02 15:12 - 00025545 _____ () C:\Users\Denny\Desktop\dds.txt
2015-01-02 15:10 - 2015-01-02 15:12 - 00012372 _____ () C:\Users\Denny\Desktop\attach.txt
2015-01-02 15:08 - 2015-01-02 15:06 - 00688992 ____R (Swearware) C:\Users\Denny\Desktop\dds.com
2015-01-02 14:55 - 2015-01-02 14:55 - 00000000 __SHD () C:\Users\Kaitlyn\AppData\Local\EmieUserList
2015-01-02 14:55 - 2015-01-02 14:55 - 00000000 __SHD () C:\Users\Kaitlyn\AppData\Local\EmieSiteList
2015-01-02 14:55 - 2015-01-02 14:55 - 00000000 __SHD () C:\Users\Kaitlyn\AppData\Local\EmieBrowserModeList
2015-01-02 14:40 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-02 14:40 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-02 14:31 - 2015-01-02 14:31 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-01 01:25 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-01 01:25 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-01 00:14 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-01 00:14 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-01 00:14 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-01 00:13 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-01 00:13 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-01 00:13 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-01 00:13 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-01 00:13 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-01 00:13 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-01 00:13 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-01 00:13 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-01 00:13 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-01 00:13 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-01 00:13 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-01 00:13 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-01 00:13 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-01 00:13 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-01 00:13 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-01 00:13 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-01 00:13 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-01 00:13 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-01 00:13 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-01 00:13 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-01 00:13 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-01 00:13 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-01 00:13 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-01 00:13 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-01 00:13 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-01 00:13 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-01 00:13 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-01 00:13 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-01 00:13 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-01 00:13 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-01 00:13 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-01 00:13 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-01 00:13 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-01 00:13 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-01 00:13 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-01 00:13 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-01 00:13 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-01 00:13 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-01 00:13 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-01 00:13 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-01 00:13 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-01 00:13 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-01 00:13 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-01 00:13 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-01 00:13 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-01 00:13 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-01 00:13 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-01 00:13 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-01 00:13 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-01 00:13 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-01 00:13 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-01 00:13 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-01 00:13 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-01 00:13 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-01 00:13 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-01 00:13 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-01 00:13 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-01 00:04 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-01 00:04 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-01 00:04 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-01 00:04 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-01 00:04 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-01 00:04 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-01 00:04 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-01 00:04 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-01 00:04 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-01 00:04 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-01 00:04 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-01 00:04 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-01 00:04 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-01 00:04 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 02:16 - 2012-04-07 10:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-06 00:03 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-06 00:03 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 21:28 - 2010-12-31 21:36 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForSuzie.job
2015-01-05 21:13 - 2014-11-29 18:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 21:11 - 2014-11-29 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-05 21:11 - 2014-11-29 18:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-05 21:11 - 2013-02-16 23:00 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-05 21:08 - 2010-11-18 03:03 - 01075460 _____ () C:\Windows\WindowsUpdate.log
2015-01-05 21:05 - 2014-04-21 19:24 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 21:04 - 2013-02-17 12:38 - 00579918 _____ () C:\Windows\PFRO.log
2015-01-05 21:04 - 2013-02-17 12:38 - 00024160 _____ () C:\Windows\setupact.log
2015-01-05 21:04 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-05 21:02 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-05 20:59 - 2011-11-05 22:30 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-05 03:36 - 2010-11-18 03:06 - 00000000 ____D () C:\ProgramData\Temp
2015-01-03 22:08 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2015-01-03 17:31 - 2010-12-30 13:09 - 00000000 ____D () C:\Users\Denny\AppData\Local\CrashDumps
2015-01-03 16:47 - 2012-04-07 10:44 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-03 16:47 - 2012-04-07 10:44 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-03 16:47 - 2011-06-19 12:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-03 16:47 - 2010-12-30 13:08 - 00000000 ____D () C:\Users\Denny\AppData\Local\Adobe
2015-01-02 15:10 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-02 14:56 - 2010-12-31 19:59 - 00130360 _____ () C:\Users\Kaitlyn\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-02 14:31 - 2014-05-07 02:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-02 14:31 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-02 14:31 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-01 00:45 - 2011-01-22 16:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-01 00:40 - 2013-08-08 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-01 00:29 - 2010-12-30 13:18 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-01 00:03 - 2014-04-21 19:24 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-01 00:00 - 2011-08-04 15:04 - 00000000 ____D () C:\Users\Evan\AppData\Local\CrashDumps
2014-12-31 23:37 - 2010-11-18 03:03 - 00000000 ____D () C:\ProgramData\PDFC

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-04 00:46

==================== End Of Log ============================



#13 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:40 AM

Posted 06 January 2015 - 09:40 AM

lesestoff.png

Can you please tell me which problems still persist now?
How is the computer running?

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#14 sbader29

sbader29
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 07 January 2015 - 12:14 AM

It seems to be running good except when user Evan (my son) is logged in. Task manager is bugged and hangs and it also seems slower but not nearly as bad as before.

Logged in as User Denny (me) I see no more problems except that Task manager shows multiple processes (18) of svchost.exe running and using a lot of memory



#15 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:40 PM

Posted 07 January 2015 - 10:57 AM

Deeprybka is away for some time.

It seems to be running good except when user Evan (my son) is logged in. Task manager is bugged and hangs and it also seems slower but not nearly as bad as before.

Please describe.
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\*
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-19\...\Run: [] => [X]
    HKU\S-1-5-20\...\Run: [] => [X]
    HKU\S-1-5-21-3009580160-1832042019-1401350382-1001\...\Run: [] => [X]
    HKU\S-1-5-18\...\Run: [] => [X]
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users