Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help needed with mulitple dllhost.exe *32 COM Surrogate process entries


  • This topic is locked This topic is locked
17 replies to this topic

#1 GinasGoodies

GinasGoodies

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:33 AM

Posted 02 November 2014 - 05:02 PM

Hello,

 

My computer has recently started having long lag times, especially when using IE (using version 10). 

Every now and then, I also get an error stating "Powershell has stopped working."

I have run AVG and Malware Bytes, but neither found any issues.

Thank you in advance for any help you can provide!

 

DDS LOG:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16921  BrowserJavaVersion: 10.17.2
Run by Gina's Laptop at 15:32:23 on 2014-11-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2935.824 [GMT -6:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe
C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TechSmith\Snagit 10\TSCHelp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\windows\syswow64\dllhost.exe
C:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
C:\windows\splwow64.exe
C:\windows\syswow64\dllhost.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\SysWOW64\DllHost.exe
C:\windows\System32\MsSpellCheckingFacility.exe
C:\windows\system32\StikyNot.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\syswow64\dllhost.exe
C:\windows\syswow64\dllhost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://pinterest.com/
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
uRun: [TivoServer] C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe /service /registry /auto:TivoServer
uRun: [TivoTransfer] C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe
uRun: [TivoNotify] C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe /service /registry /auto:TivoNotify
uRun: [TranscodingService] C:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
uRun: [RESTART_STICKY_NOTES] C:\windows\System32\StikyNot.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\GINA'S~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\HUGHES~1.LNK - C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe
StartupFolder: C:\Users\GINA'S~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://bio-radtraining.webex.com/client/WBXclient-T27L10NSP32EP1-13926/training/ieatgpc1.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{0B4DA58D-8876-4806-BAB7-A6CB7F3E5778} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{11252732-6D5B-4A27-A4D8-F44B7ADAD88B} : DHCPNameServer = 172.26.38.1 172.26.38.2
TCP: Interfaces\{A71B5B09-DB05-4A6C-81D7-902A64802FA0} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{CB54858A-B052-4862-8DCA-A4B99D475E99} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{CB54858A-B052-4862-8DCA-A4B99D475E99}\16474777966696 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{CB54858A-B052-4862-8DCA-A4B99D475E99}\2375942554032353 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{CB54858A-B052-4862-8DCA-A4B99D475E99}\375707562783 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CB54858A-B052-4862-8DCA-A4B99D475E99}\7496E6167237024337 : DHCPNameServer = 172.20.10.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2014-10-30 05:21:51 0 ----a-w- C:\windows\SysWow64\sho287C.tmp
2014-10-18 03:47:03 -------- d-----w- C:\Program Files\iPod
2014-10-18 03:46:46 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-18 03:46:46 -------- d-----w- C:\Program Files\iTunes
2014-10-18 03:46:46 -------- d-----w- C:\Program Files (x86)\iTunes
2014-10-18 03:17:17 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2014-10-18 03:17:17 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2014-10-18 03:17:17 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2014-10-18 03:17:17 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2014-10-18 03:17:17 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2014-10-04 20:38:58 -------- d-----w- C:\ProgramData\Sandlot Games
.
==================== Find3M  ====================
.
2014-10-30 05:19:25 129752 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-10-01 16:11:26 63704 ----a-w- C:\windows\System32\drivers\mwac.sys
2014-10-01 16:11:16 93400 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-10-01 16:11:12 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-09-24 01:48:36 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 01:48:36 701104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-09-05 00:08:05 0 ----a-w- C:\windows\SysWow64\shoA70A.tmp
2014-08-16 04:35:00 6112072 ----a-w- C:\windows\System32\usbaaplrc.dll
2014-08-16 04:35:00 54784 ----a-w- C:\windows\System32\drivers\usbaapl64.sys
2014-08-06 15:50:04 123672 ----a-w- C:\windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 15:34:49.03 ===============
 

 



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:33 PM

Posted 05 November 2014 - 04:43 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1
logo.png
Please download Powelikscleaner (by ESET) and save it to your Desktop.
  • Double-click the 3.png to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
1.png
2.png

Step 2

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 GinasGoodies

GinasGoodies
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:33 AM

Posted 08 November 2014 - 06:01 PM

Thank you.

 

ESETPoweliksCleaner Log:

 

[2014.11.08 16:04:12.734] - Begin
[2014.11.08 16:04:12.734] -
[2014.11.08 16:04:12.735] -     ....................................
[2014.11.08 16:04:12.735] -   ..::::::::::::::::::....................
[2014.11.08 16:04:12.737] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2014.11.08 16:04:12.739] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.1
[2014.11.08 16:04:12.739] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Oct 15 2014
[2014.11.08 16:04:12.740] -  .::EE:::::::::::::SS:.EE..........TT......
[2014.11.08 16:04:12.741] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2014.11.08 16:04:12.742] -   ..::::::::::::::::::....................    1992-2013. All rights reserved.
[2014.11.08 16:04:12.742] -     ....................................
[2014.11.08 16:04:12.742] -
[2014.11.08 16:04:12.742] - --------------------------------------------------------------------------------
[2014.11.08 16:04:12.742] -
[2014.11.08 16:04:12.743] - INFO: OS: 6.1.7601 SP1
[2014.11.08 16:04:12.744] - INFO: Product Type: Workstation
[2014.11.08 16:04:12.744] - INFO: WoW64: True
[2014.11.08 16:04:12.744] - INFO: Machine guid: 3D07ABB4-C114-4790-9434-4236258F5ACD
[2014.11.08 16:04:12.744] -
[2014.11.08 16:04:15.232] - INFO: Scanning for system infection...
[2014.11.08 16:04:15.233] - --------------------------------------------------------------------------------
[2014.11.08 16:04:15.233] -
[2014.11.08 16:04:15.233] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.08 16:04:15.233] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.08 16:04:15.234] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.08 16:04:15.234] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.08 16:04:15.235] - INFO: Processing classes...
[2014.11.08 16:04:15.264] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}]
[2014.11.08 16:04:15.264] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{0BBFE402-CCA1-4f64-9322-13B66D841049}]
[2014.11.08 16:04:15.264] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{25D005BF-FE63-4cce-AA25-CE952B1D9381}]
[2014.11.08 16:04:15.264] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{2A235D7E-0358-40E2-B51A-DE22F8F5C50D}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{54050FBB-F2AE-404b-8BFD-7EE3EC784A52}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{672CDBDB-0270-4EB9-83EC-216377522D21}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{6B1948B3-9547-42F8-9B37-7AA9768134C4}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.265] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.266] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.267] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.268] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.269] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.270] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.271] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.272] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.273] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.274] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.275] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.276] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.277] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.278] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.279] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.280] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.281] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.282] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.283] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.284] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.285] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.285] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.287] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.288] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.289] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.290] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.291] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.292] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.293] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.294] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.295] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.296] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}]
[2014.11.08 16:04:15.297] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.11.08 16:04:15.299] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.08 16:04:15.299] - WARNING: Found suspicous classid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.08 16:04:15.300] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.08 16:04:15.301] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.08 16:04:15.301] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.08 16:04:15.301] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.08 16:04:15.301] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.08 16:04:15.301] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.08 16:04:15.301] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.08 16:04:15.301] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.08 16:04:15.301] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.08 16:04:15.301] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.08 16:04:15.315] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.08 16:04:15.316] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.08 16:04:15.316] - INFO: Win32/Poweliks found
[2014.11.08 16:04:26.115] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.08 16:04:26.116] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.08 16:04:26.118] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.08 16:04:26.118] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.08 16:04:26.118] - INFO: Processing classes...
[2014.11.08 16:04:26.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}]
[2014.11.08 16:04:26.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{0BBFE402-CCA1-4f64-9322-13B66D841049}]
[2014.11.08 16:04:26.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{25D005BF-FE63-4cce-AA25-CE952B1D9381}]
[2014.11.08 16:04:26.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{2A235D7E-0358-40E2-B51A-DE22F8F5C50D}]
[2014.11.08 16:04:26.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}]
[2014.11.08 16:04:26.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}]
[2014.11.08 16:04:26.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{54050FBB-F2AE-404b-8BFD-7EE3EC784A52}]
[2014.11.08 16:04:26.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{672CDBDB-0270-4EB9-83EC-216377522D21}]
[2014.11.08 16:04:26.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{6B1948B3-9547-42F8-9B37-7AA9768134C4}]
[2014.11.08 16:04:26.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[2014.11.08 16:04:26.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}]
[2014.11.08 16:04:26.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}]
[2014.11.08 16:04:26.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.138] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.138] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.139] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.139] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.139] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.139] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.139] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.139] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.139] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.140] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.141] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.141] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.141] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.141] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.141] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.141] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.141] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.142] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.142] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.142] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.142] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.142] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.142] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.142] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.143] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.143] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.143] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.143] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.143] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.143] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.143] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.144] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.144] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.144] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.144] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.144] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.144] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.144] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.145] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.145] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.145] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.145] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.145] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.145] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.145] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.146] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.146] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.146] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.146] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.146] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.146] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.147] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.147] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.147] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.147] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.147] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.147] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.147] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.148] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.148] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.148] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.148] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.148] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.148] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.148] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.149] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.150] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.151] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.151] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.151] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.151] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.151] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.151] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.151] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.151] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.151] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.151] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.152] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.153] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.154] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.155] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.156] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.157] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.158] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.159] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.160] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.161] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.162] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.163] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.164] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.165] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.166] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.167] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.168] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.169] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.170] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.171] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.172] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.11.08 16:04:26.173] - INFO: Processing clsid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.08 16:04:26.173] - INFO: Deleted classid [\Registry\User\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.08 16:04:26.174] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.08 16:04:26.174] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.08 16:04:26.174] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.08 16:04:26.174] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.08 16:04:26.174] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.08 16:04:26.174] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.08 16:04:26.174] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.08 16:04:26.175] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.08 16:04:26.175] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.08 16:04:26.175] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.08 16:04:26.175] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.08 16:04:26.175] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.08 16:04:26.175] - INFO: Cleaning status: 0
[2014.11.08 16:04:31.707] - End
 



#4 GinasGoodies

GinasGoodies
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:33 AM

Posted 08 November 2014 - 06:04 PM

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014 01
Ran by Gina's Laptop (administrator) on GINASLAPTOP-PC on 08-11-2014 16:11:38
Running from C:\Users\Gina's Laptop\Desktop\fix dllhost issue
Loaded Profile: Gina's Laptop (Available profiles: Gina's Laptop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
() C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TivoServer] => C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe [2264336 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TivoTransfer] => C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe [608528 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TivoNotify] => C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe [437520 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TranscodingService] => C:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe [856336 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\RunOnce: [FlashPlayerUpdate] => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe [854704 2014-09-23] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk
ShortcutTarget: Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Startup: C:\Users\Gina's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HughesNetStatusMeter.lnk
ShortcutTarget: HughesNetStatusMeter.lnk -> C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe ()
Startup: C:\Users\Gina's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pinterest.com/
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {FEE68B88-C5C2-45AD-9EA3-4E35B8423A12} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {FEE68B88-C5C2-45AD-9EA3-4E35B8423A12} URL = https://www.google.com/search?q={searchTerms}
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://bio-radtraining.webex.com/client/WBXclient-T27L10NSP32EP1-13926/training/ieatgpc1.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Gina's Laptop\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Gina's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-29]
CHR Extension: (Google Wallet) - C:\Users\Gina's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc.)
R2 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [968880 2013-02-18] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [39768 2013-02-18] (AVG Technologies)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 16:10 - 2014-11-08 16:11 - 00000000 ____D () C:\FRST
2014-11-08 16:02 - 2014-11-08 16:11 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\fix dllhost issue
2014-11-03 22:10 - 2014-11-03 22:10 - 00000000 _____ () C:\windows\SysWOW64\shoE41E.tmp
2014-11-03 13:12 - 2014-11-03 14:37 - 00000000 __SHD () C:\Users\Gina's Laptop\Documents\cache
2014-11-02 15:35 - 2014-11-02 15:38 - 00008853 _____ () C:\Users\Gina's Laptop\Desktop\attach.txt
2014-11-02 15:35 - 2014-11-02 15:36 - 00017491 _____ () C:\Users\Gina's Laptop\Desktop\dds.txt
2014-11-02 15:29 - 2014-11-02 15:30 - 00688992 ____R (Swearware) C:\Users\Gina's Laptop\Desktop\dds.com
2014-10-29 23:21 - 2014-10-29 23:21 - 00000000 _____ () C:\windows\SysWOW64\sho287C.tmp
2014-10-18 02:11 - 2014-10-18 02:11 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-17 21:48 - 2014-10-17 21:48 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-17 21:48 - 2014-10-17 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-17 21:47 - 2014-10-17 21:47 - 00000000 ____D () C:\Program Files\iPod
2014-10-17 21:46 - 2014-10-17 21:48 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-17 21:46 - 2014-10-17 21:48 - 00000000 ____D () C:\Program Files\iTunes
2014-10-17 21:46 - 2014-10-17 21:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-17 21:20 - 2014-10-17 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-17 21:16 - 2014-10-17 21:17 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-17 21:16 - 2014-10-17 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-09 19:38 - 2014-11-03 15:30 - 00043571 _____ () C:\Users\Gina's Laptop\Desktop\Timesheet-Kendra.xlsx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 16:00 - 2012-04-08 11:57 - 00003560 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2014-11-08 16:00 - 2012-04-08 11:57 - 00000506 _____ () C:\windows\Tasks\SystemToolsDailyTest.job
2014-11-08 15:46 - 2012-08-05 09:10 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 15:16 - 2012-07-30 14:25 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-08 15:12 - 2009-07-13 22:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-08 15:12 - 2009-07-13 22:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-08 15:08 - 2012-04-19 20:01 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-08 15:08 - 2011-11-14 17:16 - 01765214 _____ () C:\windows\WindowsUpdate.log
2014-11-08 15:04 - 2011-11-14 18:06 - 00000000 ____D () C:\ProgramData\Sonic
2014-11-08 15:02 - 2012-07-30 14:25 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-08 15:02 - 2012-04-29 17:32 - 00039388 _____ () C:\windows\setupact.log
2014-11-08 15:02 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-07 19:45 - 2012-04-08 11:57 - 00000564 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-11-05 12:34 - 2012-04-08 11:57 - 00004294 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-11-05 12:20 - 2014-07-25 18:18 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-03 15:38 - 2012-12-27 20:24 - 00017090 _____ () C:\Users\Gina's Laptop\Desktop\Tivo Season Passes.xlsx
2014-11-03 13:50 - 2012-09-06 19:43 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Roaming\webex
2014-11-03 13:11 - 2012-09-06 19:36 - 00000000 ____D () C:\ProgramData\WebEx
2014-11-03 11:47 - 2009-07-13 23:13 - 00006498 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-02 17:38 - 2014-07-04 10:14 - 00000000 ____D () C:\Users\Gina's Laptop\Documents\Autorecovered items
2014-10-29 23:19 - 2014-07-25 20:15 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-29 23:02 - 2014-07-25 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-29 23:02 - 2014-07-25 17:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-29 23:02 - 2012-04-19 20:41 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-27 21:41 - 2012-07-30 14:25 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 18:22 - 2011-12-25 16:17 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\pics from iphone
2014-10-19 18:59 - 2014-09-16 19:09 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\College Stuff for Delane
2014-10-18 02:11 - 2012-07-30 14:25 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 23:40 - 2014-02-22 22:54 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\Games to install
2014-10-17 22:11 - 2013-02-01 21:29 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Roaming\Epson
2014-10-17 22:10 - 2009-07-13 23:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-10-17 21:52 - 2011-12-25 17:00 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Roaming\Apple Computer
2014-10-17 21:52 - 2011-12-25 16:55 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Local\Apple
2014-10-17 21:47 - 2011-12-25 16:55 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-17 21:46 - 2013-10-01 04:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-17 21:11 - 2011-12-25 16:54 - 00000000 ____D () C:\ProgramData\Apple

Some content of TEMP:
====================
C:\Users\Gina's Laptop\AppData\Local\Temp\ApnIC.dll
C:\Users\Gina's Laptop\AppData\Local\Temp\APNStub.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\ApnToolbarInstaller.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\ochelper.dll
C:\Users\Gina's Laptop\AppData\Local\Temp\ochelper.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\Offercast2802_MTV_.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\photostage_1.0.0.50_1.5.0.130_update_all.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\Setup.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\vlc-2.0.4-win32.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\_isD70D.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-29 22:46

==================== End Of Log ============================


Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-11-2014 01
Ran by Gina's Laptop at 2014-11-08 16:12:38
Running from C:\Users\Gina's Laptop\Desktop\fix dllhost issue
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4189 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot Fairy Tales (HKLM-x32\...\Build-a-lot Fairy Tales) (Version: 32.0.0.0 - Shockwave.com)
Cake Mania (HKLM-x32\...\Cake Mania) (Version: 32.0.0.0 - Shockwave.com)
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.29 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.29 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
EPSON Artisan 710 Series Printer Uninstall (HKLM\...\EPSON Artisan 710 Series) (Version:  - SEIKO EPSON Corporation)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Farm Frenzy (HKLM-x32\...\Farm Frenzy) (Version: 32.0.0.0 - Shockwave.com)
Farm Frenzy 2 (HKLM-x32\...\Farm Frenzy 2) (Version: 32.0.0.0 - Shockwave.com)
Farmers Market (HKLM-x32\...\Farmers Market) (Version: 32.0.0.0 - Shockwave.com)
Fences (HKLM-x32\...\Fences) (Version:  - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HughesNet Status Meter (HKLM-x32\...\com.hughesnet.HughesNetStatusMeter.92D257A0BA68956E9AA1D50589E83FF4134CD6A8.1) (Version: 3.035 - Hughes Network Systems)
HughesNet Status Meter (x32 Version: 3.035 - Hughes Network Systems) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java™ 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Plants vs. Zombies™ (HKLM-x32\...\Plants vs. Zombies™) (Version: 32.0.0.0 - Shockwave.com)
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Snagit 10.0.2 (HKLM-x32\...\{92D194E7-AEF9-4A9E-8620-8F3AE712E3F7}) (Version: 10.0.2 - TechSmith Corporation)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TiVo Desktop 2.8.3 (HKLM-x32\...\{4E839090-3B68-436A-B3CF-A2A08C38DD26}) (Version: 2.8.412.370 - TiVo Inc.)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WebEx Recorder and Player (HKLM-x32\...\{1A3F6AD7-7A95-439B-BF54-F418C7CC6380}) (Version: 3.29.3201 - Cisco WebEx LLC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

18-10-2014 18:44:17 Scheduled Checkpoint
03-11-2014 04:01:11 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-04-29 16:31 - 2012-04-29 16:33 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {335AA24E-8A31-4C66-87FE-A2C6063F6C47} - System32\Tasks\{FCEF9509-FB9F-4A52-A851-97D2396D7AB0} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: {3F58F1F2-519C-4CFB-B71F-0498C7D6764D} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-03-28] (PC-Doctor, Inc.)
Task: {44E81A63-64CE-48E9-870F-ED19C0B98050} - System32\Tasks\{66917DE9-B4BE-4A1E-A213-4AB7DA731554} => C:\Users\Gina's Laptop\Desktop\InstallWeddingDash2.exe <==== ATTENTION
Task: {4AE30961-3145-43F9-98D3-EDE73E640CB8} - System32\Tasks\{E613DAFC-01FD-47E3-9FD2-DCCC56819D8A} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: {7CA5B40A-0BDC-4309-B332-45929436DBD4} - System32\Tasks\{F591CD4A-F809-48E3-8983-2D2C8F5E0ED6} => C:\Users\Gina's Laptop\Desktop\InstallWeddingDash2.exe <==== ATTENTION
Task: {7D8E25F9-A959-4B7C-8FD1-232DA771EAAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {92466615-AD01-476C-9B49-04076F8203E7} - System32\Tasks\{D6F0EECD-860A-42F6-AC88-FFAD4C8AB3E3} => C:\Users\Gina's Laptop\Desktop\InstallWeddingDash2.exe <==== ATTENTION
Task: {99535F75-5009-4F69-B4CE-66E975F23463} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-03-28] (PC-Doctor, Inc.)
Task: {9F5D8E72-0FC3-4627-8051-9EC0686F5521} - System32\Tasks\{ED844909-3722-4B59-8A60-7F754A15C8B3} => C:\Users\Gina's Laptop\Desktop\InstallWeddingDash2.exe <==== ATTENTION
Task: {A344C5D5-9007-4757-8954-C5EBEC7B12B8} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {BE01027C-EA8E-458B-8403-8BD1CC80FAAB} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-03-28] (PC-Doctor, Inc.)
Task: {C01E7F18-B25F-485F-A164-EF9E87FC5A01} - System32\Tasks\{B7E5B3EF-A308-44E3-8E3A-5B693D2E3463} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: {C1927861-F753-40AF-BE10-4DA66F187F3A} - System32\Tasks\{27EFC596-12D2-44FC-B4E4-28206669F902} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: {DABC2A1B-FC33-4D9E-83D5-4A65175B5767} - System32\Tasks\{F5339532-7F1A-4CEF-A6C8-8445C536AD0D} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: {DBDFC4AC-C559-4E9A-9583-7B86CA2E1DAC} - System32\Tasks\{9DC9F2E8-AEC0-41B7-BD88-C45E45DB28C6} => C:\Users\Gina's Laptop\Desktop\InstallWeddingDash2.exe <==== ATTENTION
Task: {E74F8524-7ACA-41C4-90B1-2DD711C2E26D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {F1D2960D-3A8E-4385-AA4B-1BCF927175F8} - System32\Tasks\{6D189CE3-8072-49C5-818B-A2771CD655B7} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe

==================== Loaded Modules (whitelisted) =============

2013-02-18 14:14 - 2013-02-18 14:14 - 00968880 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
2010-11-10 22:53 - 2010-11-10 22:53 - 00817136 _____ () c:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll
2011-11-14 18:51 - 2011-03-25 19:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-01 10:50 - 2012-02-01 10:50 - 02195824 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
2010-11-17 10:35 - 2010-11-17 10:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2011-12-25 15:44 - 2011-12-25 15:44 - 00142336 _____ () C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe
2012-02-01 10:50 - 2012-02-01 10:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2012-02-01 10:50 - 2012-02-01 10:50 - 01850224 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
2010-11-17 10:35 - 2010-11-17 10:35 - 01440240 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
2014-10-11 12:06 - 2014-10-11 12:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-01 10:44 - 2012-02-01 10:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2012-02-01 10:44 - 2012-02-01 10:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2003-01-30 07:04 - 2003-01-30 07:04 - 00618496 _____ () C:\Program Files (x86)\TiVo\Desktop\STLPMT45.DLL
2010-11-24 22:44 - 2010-11-24 22:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2013-06-28 18:57 - 2013-06-28 18:57 - 04774248 _____ () c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2012-02-01 10:44 - 2012-02-01 10:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 10:44 - 2012-02-01 10:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2013-02-10 13:58 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2013-02-10 13:58 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2010-11-17 10:35 - 2010-11-17 10:35 - 00657904 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\BBEngineAS.dll
2010-05-17 22:54 - 2010-05-17 22:54 - 00716800 _____ () C:\Program Files (x86)\TiVo\Desktop\LOUDMOUTH.DLL
2010-08-24 17:34 - 2010-08-24 17:34 - 00259584 _____ () C:\Program Files (x86)\TiVo\Desktop\ID3LIB.DLL
2010-08-24 17:55 - 2010-08-24 17:55 - 00050960 _____ () C:\Program Files (x86)\TiVo\Desktop\Plus\TranscodingServicePS.dll
2010-05-17 22:56 - 2010-05-17 22:56 - 00684032 _____ () C:\Program Files (x86)\TiVo\Desktop\libeay32.dll
2010-05-17 22:56 - 2010-05-17 22:56 - 00155648 _____ () C:\Program Files (x86)\TiVo\Desktop\ssleay32.dll
2014-07-05 11:41 - 2014-07-05 11:41 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-11-14 17:28 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87131553.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87131553.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-909550099-3992804192-3579809205-500 - Administrator - Disabled)
Gina's Laptop (S-1-5-21-909550099-3992804192-3579809205-1001 - Administrator - Enabled) => C:\Users\Gina's Laptop
Guest (S-1-5-21-909550099-3992804192-3579809205-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-909550099-3992804192-3579809205-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2014 03:05:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 10.0.9200.16921 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1284

Start Time: 01cffb9778b6b4c4

Termination Time: 24

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: fa37bcdf-678a-11e4-894d-180373a4f851

Error: (11/08/2014 03:02:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 07:47:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 07:46:10 PM) (Source: Application Virtualization Client) (EventID: 2005) (User: )
Description: The Application Virtualization Core Service could not contact the Service Control Dispatcher.

Error: (11/07/2014 07:46:09 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.

Error: (11/05/2014 00:10:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/03/2014 03:13:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/03/2014 11:47:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (11/03/2014 11:47:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (11/03/2014 11:42:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (11/07/2014 07:47:54 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Client Virtualization Handler service hung on starting.

Error: (11/05/2014 00:53:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (11/05/2014 00:16:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (11/05/2014 00:12:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/05/2014 00:11:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (11/05/2014 00:10:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (11/05/2014 00:11:00 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (11/03/2014 08:33:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (11/03/2014 03:17:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (11/03/2014 03:14:18 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Microsoft Office Sessions:
=========================
Error: (11/08/2014 03:05:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe10.0.9200.16921128401cffb9778b6b4c424C:\Program Files\Internet Explorer\iexplore.exefa37bcdf-678a-11e4-894d-180373a4f851

Error: (11/08/2014 03:02:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 07:47:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 07:46:10 PM) (Source: Application Virtualization Client) (EventID: 2005) (User: )
Description:

Error: (11/07/2014 07:46:09 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.

Error: (11/05/2014 00:10:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/03/2014 03:13:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/03/2014 11:47:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (11/03/2014 11:47:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (11/03/2014 11:42:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
  Date: 2012-04-29 17:31:05.184
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-04-29 17:31:05.168
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 67%
Total physical RAM: 2934.68 MB
Available physical RAM: 946.56 MB
Total Pagefile: 5867.55 MB
Available Pagefile: 3370.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:136.43 GB) NTFS
Drive d: (AMERICAN_HORROR_STORY_S2_DISC2) (CDROM) (Total:7.07 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: EEEB67E2)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:33 PM

Posted 09 November 2014 - 10:06 AM

warning.gif Malware Warning

All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums from a CLEAN COMPUTER.

Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.
Attached File  fixlist.txt   3.2KB   4 downloads

After the Reboot:

Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 GinasGoodies

GinasGoodies
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:33 AM

Posted 10 November 2014 - 08:51 AM

Fixlog.txt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by Gina's Laptop at 2014-11-10 07:36:15 Run:1
Running from C:\Users\Gina's Laptop\Desktop\fix dllhost issue
Loaded Profile: Gina's Laptop (Available profiles: Gina's Laptop)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Winsock: Catalog5 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
2014-11-03 22:10 - 2014-11-03 22:10 - 00000000 _____ () C:\windows\SysWOW64\shoE41E.tmp
2014-10-29 23:21 - 2014-10-29 23:21 - 00000000 _____ () C:\windows\SysWOW64\sho287C.tmp
Task: {335AA24E-8A31-4C66-87FE-A2C6063F6C47} - System32\Tasks\{FCEF9509-FB9F-4A52-A851-97D2396D7AB0} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: {44E81A63-64CE-48E9-870F-ED19C0B98050} - System32\Tasks\{66917DE9-B4BE-4A1E-A213-4AB7DA731554} => C:\Users\Gina's Laptop\Desktop\InstallWeddingDash2.exe <==== ATTENTION
Task: {4AE30961-3145-43F9-98D3-EDE73E640CB8} - System32\Tasks\{E613DAFC-01FD-47E3-9FD2-DCCC56819D8A} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: {7CA5B40A-0BDC-4309-B332-45929436DBD4} - System32\Tasks\{F591CD4A-F809-48E3-8983-2D2C8F5E0ED6} => C:\Users\Gina's Laptop\Desktop\InstallWeddingDash2.exe <==== ATTENTION
Task: {92466615-AD01-476C-9B49-04076F8203E7} - System32\Tasks\{D6F0EECD-860A-42F6-AC88-FFAD4C8AB3E3} => C:\Users\Gina's Laptop\Desktop\InstallWeddingDash2.exe <==== ATTENTION
Task: {9F5D8E72-0FC3-4627-8051-9EC0686F5521} - System32\Tasks\{ED844909-3722-4B59-8A60-7F754A15C8B3} => C:\Users\Gina's Laptop\Desktop\InstallWeddingDash2.exe <==== ATTENTION
Task: {C01E7F18-B25F-485F-A164-EF9E87FC5A01} - System32\Tasks\{B7E5B3EF-A308-44E3-8E3A-5B693D2E3463} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: {C1927861-F753-40AF-BE10-4DA66F187F3A} - System32\Tasks\{27EFC596-12D2-44FC-B4E4-28206669F902} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: {DABC2A1B-FC33-4D9E-83D5-4A65175B5767} - System32\Tasks\{F5339532-7F1A-4CEF-A6C8-8445C536AD0D} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION
Task: {DBDFC4AC-C559-4E9A-9583-7B86CA2E1DAC} - System32\Tasks\{9DC9F2E8-AEC0-41B7-BD88-C45E45DB28C6} => C:\Users\Gina's Laptop\Desktop\InstallWeddingDash2.exe <==== ATTENTION
Task: {F1D2960D-3A8E-4385-AA4B-1BCF927175F8} - System32\Tasks\{6D189CE3-8072-49C5-818B-A2771CD655B7} => C:\Users\Gina's Laptop\Desktop\InstallEmpireBuilderAncientEgypt.exe <==== ATTENTION

*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-909550099-3992804192-3579809205-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key not found.
Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5-x64 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5-x64 entry 000000000005\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\windows\SysWOW64\shoE41E.tmp => Moved successfully.
C:\windows\SysWOW64\sho287C.tmp => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{335AA24E-8A31-4C66-87FE-A2C6063F6C47}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{335AA24E-8A31-4C66-87FE-A2C6063F6C47}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FCEF9509-FB9F-4A52-A851-97D2396D7AB0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FCEF9509-FB9F-4A52-A851-97D2396D7AB0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44E81A63-64CE-48E9-870F-ED19C0B98050}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44E81A63-64CE-48E9-870F-ED19C0B98050}" => Key deleted successfully.
C:\Windows\System32\Tasks\{66917DE9-B4BE-4A1E-A213-4AB7DA731554} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{66917DE9-B4BE-4A1E-A213-4AB7DA731554}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AE30961-3145-43F9-98D3-EDE73E640CB8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AE30961-3145-43F9-98D3-EDE73E640CB8}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E613DAFC-01FD-47E3-9FD2-DCCC56819D8A} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E613DAFC-01FD-47E3-9FD2-DCCC56819D8A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CA5B40A-0BDC-4309-B332-45929436DBD4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CA5B40A-0BDC-4309-B332-45929436DBD4}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F591CD4A-F809-48E3-8983-2D2C8F5E0ED6} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F591CD4A-F809-48E3-8983-2D2C8F5E0ED6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92466615-AD01-476C-9B49-04076F8203E7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92466615-AD01-476C-9B49-04076F8203E7}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D6F0EECD-860A-42F6-AC88-FFAD4C8AB3E3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D6F0EECD-860A-42F6-AC88-FFAD4C8AB3E3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F5D8E72-0FC3-4627-8051-9EC0686F5521}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F5D8E72-0FC3-4627-8051-9EC0686F5521}" => Key deleted successfully.
C:\Windows\System32\Tasks\{ED844909-3722-4B59-8A60-7F754A15C8B3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ED844909-3722-4B59-8A60-7F754A15C8B3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C01E7F18-B25F-485F-A164-EF9E87FC5A01}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C01E7F18-B25F-485F-A164-EF9E87FC5A01}" => Key deleted successfully.
C:\Windows\System32\Tasks\{B7E5B3EF-A308-44E3-8E3A-5B693D2E3463} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B7E5B3EF-A308-44E3-8E3A-5B693D2E3463}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1927861-F753-40AF-BE10-4DA66F187F3A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1927861-F753-40AF-BE10-4DA66F187F3A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{27EFC596-12D2-44FC-B4E4-28206669F902} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{27EFC596-12D2-44FC-B4E4-28206669F902}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DABC2A1B-FC33-4D9E-83D5-4A65175B5767}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DABC2A1B-FC33-4D9E-83D5-4A65175B5767}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F5339532-7F1A-4CEF-A6C8-8445C536AD0D} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F5339532-7F1A-4CEF-A6C8-8445C536AD0D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DBDFC4AC-C559-4E9A-9583-7B86CA2E1DAC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBDFC4AC-C559-4E9A-9583-7B86CA2E1DAC}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9DC9F2E8-AEC0-41B7-BD88-C45E45DB28C6} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9DC9F2E8-AEC0-41B7-BD88-C45E45DB28C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1D2960D-3A8E-4385-AA4B-1BCF927175F8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1D2960D-3A8E-4385-AA4B-1BCF927175F8}" => Key deleted successfully.
C:\Windows\System32\Tasks\{6D189CE3-8072-49C5-818B-A2771CD655B7} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6D189CE3-8072-49C5-818B-A2771CD655B7}" => Key deleted successfully.

The system needed a reboot.

==== End of Fixlog ====


FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Gina's Laptop (administrator) on GINASLAPTOP-PC on 10-11-2014 07:44:02
Running from C:\Users\Gina's Laptop\Desktop\fix dllhost issue
Loaded Profile: Gina's Laptop (Available profiles: Gina's Laptop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TivoServer] => C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe [2264336 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TivoTransfer] => C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe [608528 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TivoNotify] => C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe [437520 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TranscodingService] => C:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe [856336 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk
ShortcutTarget: Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Startup: C:\Users\Gina's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HughesNetStatusMeter.lnk
ShortcutTarget: HughesNetStatusMeter.lnk -> C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe ()
Startup: C:\Users\Gina's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pinterest.com/
SearchScopes: HKCU - DefaultScope {FEE68B88-C5C2-45AD-9EA3-4E35B8423A12} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {FEE68B88-C5C2-45AD-9EA3-4E35B8423A12} URL = https://www.google.com/search?q={searchTerms}
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://bio-radtraining.webex.com/client/WBXclient-T27L10NSP32EP1-13926/training/ieatgpc1.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Gina's Laptop\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Gina's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-29]
CHR Extension: (Google Wallet) - C:\Users\Gina's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc.)
R2 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [968880 2013-02-18] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [39768 2013-02-18] (AVG Technologies)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 16:10 - 2014-11-10 07:44 - 00000000 ____D () C:\FRST
2014-11-08 16:02 - 2014-11-10 07:44 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\fix dllhost issue
2014-11-03 13:12 - 2014-11-03 14:37 - 00000000 __SHD () C:\Users\Gina's Laptop\Documents\cache
2014-11-02 15:35 - 2014-11-02 15:38 - 00008853 _____ () C:\Users\Gina's Laptop\Desktop\attach.txt
2014-11-02 15:35 - 2014-11-02 15:36 - 00017491 _____ () C:\Users\Gina's Laptop\Desktop\dds.txt
2014-11-02 15:29 - 2014-11-02 15:30 - 00688992 ____R (Swearware) C:\Users\Gina's Laptop\Desktop\dds.com
2014-10-18 02:11 - 2014-10-18 02:11 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-17 21:48 - 2014-10-17 21:48 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-17 21:48 - 2014-10-17 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-17 21:47 - 2014-10-17 21:47 - 00000000 ____D () C:\Program Files\iPod
2014-10-17 21:46 - 2014-10-17 21:48 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-17 21:46 - 2014-10-17 21:48 - 00000000 ____D () C:\Program Files\iTunes
2014-10-17 21:46 - 2014-10-17 21:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-17 21:20 - 2014-10-17 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-17 21:16 - 2014-10-17 21:17 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-17 21:16 - 2014-10-17 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 07:39 - 2012-07-30 14:25 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 07:38 - 2012-04-29 17:32 - 00039556 _____ () C:\windows\setupact.log
2014-11-10 07:38 - 2012-04-08 11:57 - 00000506 _____ () C:\windows\Tasks\SystemToolsDailyTest.job
2014-11-10 07:38 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-10 07:36 - 2011-11-14 17:16 - 01792682 _____ () C:\windows\WindowsUpdate.log
2014-11-10 07:29 - 2012-08-05 09:10 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 07:29 - 2012-07-30 14:25 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 18:29 - 2014-07-04 10:14 - 00000000 ____D () C:\Users\Gina's Laptop\Documents\Autorecovered items
2014-11-09 18:27 - 2012-04-19 20:01 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-09 17:31 - 2012-04-08 11:57 - 00003560 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2014-11-09 17:23 - 2009-07-13 23:13 - 00006498 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-09 17:14 - 2009-07-13 22:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 17:14 - 2009-07-13 22:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-08 19:54 - 2011-12-25 15:43 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Local\Adobe
2014-11-08 15:04 - 2011-11-14 18:06 - 00000000 ____D () C:\ProgramData\Sonic
2014-11-07 19:45 - 2012-04-08 11:57 - 00000564 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-11-05 12:34 - 2012-04-08 11:57 - 00004294 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-11-05 12:20 - 2014-07-25 18:18 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-03 15:38 - 2012-12-27 20:24 - 00017090 _____ () C:\Users\Gina's Laptop\Desktop\Tivo Season Passes.xlsx
2014-11-03 15:30 - 2014-10-09 19:38 - 00043571 _____ () C:\Users\Gina's Laptop\Desktop\Timesheet-Kendra.xlsx
2014-11-03 13:50 - 2012-09-06 19:43 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Roaming\webex
2014-11-03 13:11 - 2012-09-06 19:36 - 00000000 ____D () C:\ProgramData\WebEx
2014-10-29 23:19 - 2014-07-25 20:15 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-29 23:02 - 2014-07-25 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-29 23:02 - 2014-07-25 17:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-29 23:02 - 2012-04-19 20:41 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-27 21:41 - 2012-07-30 14:25 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 18:22 - 2011-12-25 16:17 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\pics from iphone
2014-10-19 18:59 - 2014-09-16 19:09 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\College Stuff for Delane
2014-10-18 02:11 - 2012-07-30 14:25 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 23:40 - 2014-02-22 22:54 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\Games to install
2014-10-17 22:11 - 2013-02-01 21:29 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Roaming\Epson
2014-10-17 22:10 - 2009-07-13 23:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-10-17 21:52 - 2011-12-25 17:00 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Roaming\Apple Computer
2014-10-17 21:52 - 2011-12-25 16:55 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Local\Apple
2014-10-17 21:47 - 2011-12-25 16:55 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-17 21:46 - 2013-10-01 04:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-17 21:11 - 2011-12-25 16:54 - 00000000 ____D () C:\ProgramData\Apple

Some content of TEMP:
====================
C:\Users\Gina's Laptop\AppData\Local\Temp\ApnIC.dll
C:\Users\Gina's Laptop\AppData\Local\Temp\APNStub.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\ApnToolbarInstaller.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\install_flashplayer15x32axau_gtbd_chrd_dn_aaa_aih.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\ochelper.dll
C:\Users\Gina's Laptop\AppData\Local\Temp\ochelper.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\Offercast2802_MTV_.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\photostage_1.0.0.50_1.5.0.130_update_all.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\Setup.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\vlc-2.0.4-win32.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Gina's Laptop\AppData\Local\Temp\_isD70D.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-29 22:46

==================== End Of Log ============================



#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:33 PM

Posted 10 November 2014 - 11:23 AM

Hi,


Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.
Attached File  fixlist.txt   37bytes   3 downloads

After the Reboot, please do a final check up:

Step 2


Don't remove on your own anything that Hitman Pro detects!
This scanner, as it is a really good for checking, has been known for deleting files instead of curing them, which in some cases may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!


Please download hitmanpro_32.pngHitmanPro 32-bit / HitmanPro 64-bit by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click onhitmanpro.pngicon and select admin.PNGRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button (1). You must agree with the terms of EULA (2 - if asked).
  • Check the box beside "No, I only want to perform a one-time scan to check this computer" and click on the Next button. (3)
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on Save Log (4) and close HitmanPro! (5)
  • Copy and paste the content of the log file in your next reply.
hitman.gif


Step 3

Please startesetlogo.pngOnline Scanner.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif


Step 4
frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.
Step 5
Please download fss.pngFarbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
lesestoff.png

Can you please tell me which problems still persist now?
How is the computer running?

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:33 PM

Posted 13 November 2014 - 03:45 PM

Hi,

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 GinasGoodies

GinasGoodies
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:33 AM

Posted 14 November 2014 - 07:43 AM

My apologies! Life has kept me away from my computer. I will be able to continue following your instructions tomorrow. Thank you for your patience and understanding.

#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:33 PM

Posted 14 November 2014 - 08:42 AM

OK. :)
No problem. Thanks for letting me know.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 GinasGoodies

GinasGoodies
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:33 AM

Posted 16 November 2014 - 12:42 AM

Here is the FixLog.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-11-2014
Ran by Gina's Laptop at 2014-11-15 21:06:18 Run:3
Running from C:\Users\Gina's Laptop\Desktop\fix dllhost issue
Loaded Profile: Gina's Laptop (Available profiles: Gina's Laptop)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
cmd: netsh winsock reset
EmptyTemp:
*****************

=========  netsh winsock reset =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

EmptyTemp: => Removed 334.7 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====



#12 GinasGoodies

GinasGoodies
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:33 AM

Posted 16 November 2014 - 12:47 AM

Here is the Hitman Pro log:

 

HitmanPro 3.7.9.232
www.hitmanpro.com
   Computer name . . . . : GINASLAPTOP-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : GinasLaptop-PC\Gina's Laptop
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
   Scan date . . . . . . : 2014-11-15 22:12:32
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 9m 30s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 11
   Objects scanned . . . : 2,338,375
   Files scanned . . . . : 79,783
   Remnants scanned  . . : 1,172,054 files / 1,086,538 keys
Suspicious files ____________________________________________________________
   C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2,116,096 bytes
      Age  . . . . . . . : 7.2 days (2014-11-08 16:10:01)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 9D17E46B4EAEC0509800C43B23765D00810EA2CEF362301BFB2E0B174DFE5AFD
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
   C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
      Size . . . . . . . : 2,116,608 bytes
      Age  . . . . . . . : 0.1 days (2014-11-15 20:26:11)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 5E456B9E62A9865FB614FC2FAEA78BCE24F067B814D67D203C489580035EE216
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      References
         HKU\S-1-5-21-909550099-3992804192-3579809205-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
      Forensic Cluster
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe
          0.0s C:\Users\Gina's Laptop\Desktop\fix dllhost issue\FRST64.exe

Potential Unwanted Programs _________________________________________________
   HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055045535}\ (Premiumplay)
   HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066046635}\ (Premiumplay)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550055045535}\ (Premiumplay)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660066046635}\ (Premiumplay)
Cookies _____________________________________________________________________
   C:\Users\Gina's Laptop\AppData\Roaming\Microsoft\Windows\Cookies\DIUSI5TF.txt
   C:\Users\Gina's Laptop\AppData\Roaming\Microsoft\Windows\Cookies\J8DUY8JV.txt
   C:\Users\Gina's Laptop\AppData\Roaming\Microsoft\Windows\Cookies\XSRMKSOX.txt
   C:\Users\Gina's Laptop\AppData\Roaming\Microsoft\Windows\Cookies\Y6BLPHNJ.txt

Edited by GinasGoodies, 16 November 2014 - 01:31 AM.


#13 GinasGoodies

GinasGoodies
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:33 AM

Posted 16 November 2014 - 01:33 AM

Here is the ESET log:

 

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c867d514510aa44090099bf1e640d4c2
# engine=21110
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-11-16 06:17:58
# local_time=2014-11-16 12:17:58 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2014'
# compatibility_mode=1051 16777213 100 100 0 102305861 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 41664143 167662127 0 0
# scanned=208369
# found=0
# cleaned=0
# scan_time=6325
 



#14 GinasGoodies

GinasGoodies
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:33 AM

Posted 16 November 2014 - 01:42 AM

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Gina's Laptop (administrator) on GINASLAPTOP-PC on 16-11-2014 00:38:03
Running from C:\Users\Gina's Laptop\Desktop\fix dllhost issue
Loaded Profile: Gina's Laptop (Available profiles: Gina's Laptop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TivoServer] => C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe [2264336 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TivoTransfer] => C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe [608528 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TivoNotify] => C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe [437520 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [TranscodingService] => C:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe [856336 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk
ShortcutTarget: Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Startup: C:\Users\Gina's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HughesNetStatusMeter.lnk
ShortcutTarget: HughesNetStatusMeter.lnk -> C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe ()
Startup: C:\Users\Gina's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pinterest.com/
SearchScopes: HKCU - DefaultScope {FEE68B88-C5C2-45AD-9EA3-4E35B8423A12} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {FEE68B88-C5C2-45AD-9EA3-4E35B8423A12} URL = https://www.google.com/search?q={searchTerms}
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://bio-radtraining.webex.com/client/WBXclient-T27L10NSP32EP1-13926/training/ieatgpc1.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Gina's Laptop\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Gina's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-29]
CHR Extension: (Google Wallet) - C:\Users\Gina's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc.)
R2 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [968880 2013-02-18] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [39768 2013-02-18] (AVG Technologies)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 22:09 - 2014-11-15 22:25 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-11-08 16:10 - 2014-11-16 00:38 - 00000000 ____D () C:\FRST
2014-11-08 16:02 - 2014-11-16 00:38 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\fix dllhost issue
2014-11-03 13:12 - 2014-11-03 14:37 - 00000000 __SHD () C:\Users\Gina's Laptop\Documents\cache
2014-11-02 15:35 - 2014-11-02 15:38 - 00008853 _____ () C:\Users\Gina's Laptop\Desktop\attach.txt
2014-11-02 15:35 - 2014-11-02 15:36 - 00017491 _____ () C:\Users\Gina's Laptop\Desktop\dds.txt
2014-11-02 15:29 - 2014-11-02 15:30 - 00688992 ____R (Swearware) C:\Users\Gina's Laptop\Desktop\dds.com
2014-10-18 02:11 - 2014-11-12 20:06 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-17 21:48 - 2014-10-17 21:48 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-17 21:48 - 2014-10-17 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-17 21:47 - 2014-10-17 21:47 - 00000000 ____D () C:\Program Files\iPod
2014-10-17 21:46 - 2014-10-17 21:48 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-17 21:46 - 2014-10-17 21:48 - 00000000 ____D () C:\Program Files\iTunes
2014-10-17 21:46 - 2014-10-17 21:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-17 21:20 - 2014-10-17 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-17 21:16 - 2014-10-17 21:17 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-17 21:16 - 2014-10-17 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 00:11 - 2012-07-30 14:25 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-15 23:46 - 2012-08-05 09:10 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-15 21:54 - 2009-07-13 22:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-15 21:54 - 2009-07-13 22:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-15 21:50 - 2011-11-14 17:16 - 01828932 _____ () C:\windows\WindowsUpdate.log
2014-11-15 21:46 - 2012-07-30 14:25 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 21:44 - 2012-08-01 14:01 - 00049474 _____ () C:\windows\PFRO.log
2014-11-15 21:44 - 2012-04-29 17:32 - 00039780 _____ () C:\windows\setupact.log
2014-11-15 21:44 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-15 21:08 - 2009-07-13 23:13 - 00006498 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-15 21:04 - 2011-11-14 18:06 - 00000000 ____D () C:\ProgramData\Sonic
2014-11-15 20:25 - 2012-01-22 11:41 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\Groceries
2014-11-15 19:23 - 2012-04-08 11:57 - 00000506 _____ () C:\windows\Tasks\SystemToolsDailyTest.job
2014-11-15 18:11 - 2012-04-19 20:01 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-15 16:07 - 2012-04-08 11:57 - 00003560 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2014-11-15 10:50 - 2012-08-05 09:10 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-15 10:50 - 2012-04-05 12:18 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-15 10:50 - 2012-01-06 21:28 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 21:32 - 2014-07-04 10:14 - 00000000 ____D () C:\Users\Gina's Laptop\Documents\Autorecovered items
2014-11-12 20:06 - 2012-07-30 14:25 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-08 19:54 - 2011-12-25 15:43 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Local\Adobe
2014-11-07 19:45 - 2012-04-08 11:57 - 00000564 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-11-05 12:34 - 2012-04-08 11:57 - 00004294 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-11-05 12:20 - 2014-07-25 18:18 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-03 15:38 - 2012-12-27 20:24 - 00017090 _____ () C:\Users\Gina's Laptop\Desktop\Tivo Season Passes.xlsx
2014-11-03 15:30 - 2014-10-09 19:38 - 00043571 _____ () C:\Users\Gina's Laptop\Desktop\Timesheet-Kendra.xlsx
2014-11-03 13:50 - 2012-09-06 19:43 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Roaming\webex
2014-11-03 13:11 - 2012-09-06 19:36 - 00000000 ____D () C:\ProgramData\WebEx
2014-10-29 23:19 - 2014-07-25 20:15 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-29 23:02 - 2014-07-25 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-29 23:02 - 2014-07-25 17:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-29 23:02 - 2012-04-19 20:41 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-27 21:41 - 2012-07-30 14:25 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 18:22 - 2011-12-25 16:17 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\pics from iphone
2014-10-19 18:59 - 2014-09-16 19:09 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\College Stuff for Delane
2014-10-17 23:40 - 2014-02-22 22:54 - 00000000 ____D () C:\Users\Gina's Laptop\Desktop\Games to install
2014-10-17 22:11 - 2013-02-01 21:29 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Roaming\Epson
2014-10-17 22:10 - 2009-07-13 23:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-10-17 21:52 - 2011-12-25 17:00 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Roaming\Apple Computer
2014-10-17 21:52 - 2011-12-25 16:55 - 00000000 ____D () C:\Users\Gina's Laptop\AppData\Local\Apple
2014-10-17 21:47 - 2011-12-25 16:55 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-17 21:46 - 2013-10-01 04:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-17 21:11 - 2011-12-25 16:54 - 00000000 ____D () C:\ProgramData\Apple

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-10 10:03

==================== End Of Log ============================


Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by Gina's Laptop at 2014-11-16 00:38:28
Running from C:\Users\Gina's Laptop\Desktop\fix dllhost issue
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4189 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot Fairy Tales (HKLM-x32\...\Build-a-lot Fairy Tales) (Version: 32.0.0.0 - Shockwave.com)
Cake Mania (HKLM-x32\...\Cake Mania) (Version: 32.0.0.0 - Shockwave.com)
Cisco WebEx Meetings (HKU\S-1-5-21-909550099-3992804192-3579809205-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.29 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.29 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
EPSON Artisan 710 Series Printer Uninstall (HKLM\...\EPSON Artisan 710 Series) (Version:  - SEIKO EPSON Corporation)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Farm Frenzy (HKLM-x32\...\Farm Frenzy) (Version: 32.0.0.0 - Shockwave.com)
Farm Frenzy 2 (HKLM-x32\...\Farm Frenzy 2) (Version: 32.0.0.0 - Shockwave.com)
Farmers Market (HKLM-x32\...\Farmers Market) (Version: 32.0.0.0 - Shockwave.com)
Fences (HKLM-x32\...\Fences) (Version:  - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HughesNet Status Meter (HKLM-x32\...\com.hughesnet.HughesNetStatusMeter.92D257A0BA68956E9AA1D50589E83FF4134CD6A8.1) (Version: 3.035 - Hughes Network Systems)
HughesNet Status Meter (x32 Version: 3.035 - Hughes Network Systems) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java™ 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Plants vs. Zombies™ (HKLM-x32\...\Plants vs. Zombies™) (Version: 32.0.0.0 - Shockwave.com)
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Snagit 10.0.2 (HKLM-x32\...\{92D194E7-AEF9-4A9E-8620-8F3AE712E3F7}) (Version: 10.0.2 - TechSmith Corporation)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TiVo Desktop 2.8.3 (HKLM-x32\...\{4E839090-3B68-436A-B3CF-A2A08C38DD26}) (Version: 2.8.412.370 - TiVo Inc.)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WebEx Recorder and Player (HKLM-x32\...\{1A3F6AD7-7A95-439B-BF54-F418C7CC6380}) (Version: 3.29.3201 - Cisco WebEx LLC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

18-10-2014 18:44:17 Scheduled Checkpoint
03-11-2014 04:01:11 Scheduled Checkpoint
10-11-2014 16:09:44 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-04-29 16:31 - 2012-04-29 16:33 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3F58F1F2-519C-4CFB-B71F-0498C7D6764D} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-03-28] (PC-Doctor, Inc.)
Task: {99535F75-5009-4F69-B4CE-66E975F23463} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-03-28] (PC-Doctor, Inc.)
Task: {A344C5D5-9007-4757-8954-C5EBEC7B12B8} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-15] (Adobe Systems Incorporated)
Task: {AE6E8D17-F22A-444D-BFA6-717D732A10B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {BE01027C-EA8E-458B-8403-8BD1CC80FAAB} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-03-28] (PC-Doctor, Inc.)
Task: {E74F8524-7ACA-41C4-90B1-2DD711C2E26D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe

==================== Loaded Modules (whitelisted) =============

2013-02-18 14:14 - 2013-02-18 14:14 - 00968880 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
2010-11-10 22:53 - 2010-11-10 22:53 - 00817136 _____ () c:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll
2011-11-14 18:51 - 2011-03-25 19:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-01 10:50 - 2012-02-01 10:50 - 02195824 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
2011-12-25 15:44 - 2011-12-25 15:44 - 00142336 _____ () C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe
2010-11-17 10:35 - 2010-11-17 10:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2012-02-01 10:50 - 2012-02-01 10:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2012-02-01 10:50 - 2012-02-01 10:50 - 01850224 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
2010-11-17 10:35 - 2010-11-17 10:35 - 01440240 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
2014-10-11 12:06 - 2014-10-11 12:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-01 10:44 - 2012-02-01 10:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2012-02-01 10:44 - 2012-02-01 10:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2003-01-30 07:04 - 2003-01-30 07:04 - 00618496 _____ () C:\Program Files (x86)\TiVo\Desktop\STLPMT45.DLL
2013-06-28 18:57 - 2013-06-28 18:57 - 04774248 _____ () c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2010-11-24 22:44 - 2010-11-24 22:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-02-01 10:44 - 2012-02-01 10:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 10:44 - 2012-02-01 10:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2013-02-10 13:58 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2013-02-10 13:58 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2010-11-17 10:35 - 2010-11-17 10:35 - 00657904 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\BBEngineAS.dll
2014-07-05 11:41 - 2014-07-05 11:41 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-11-14 17:28 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2010-05-17 22:54 - 2010-05-17 22:54 - 00716800 _____ () C:\Program Files (x86)\TiVo\Desktop\LOUDMOUTH.DLL
2010-08-24 17:34 - 2010-08-24 17:34 - 00259584 _____ () C:\Program Files (x86)\TiVo\Desktop\ID3LIB.DLL
2010-08-24 17:55 - 2010-08-24 17:55 - 00050960 _____ () C:\Program Files (x86)\TiVo\Desktop\Plus\TranscodingServicePS.dll
2010-05-17 22:56 - 2010-05-17 22:56 - 00684032 _____ () C:\Program Files (x86)\TiVo\Desktop\libeay32.dll
2010-05-17 22:56 - 2010-05-17 22:56 - 00155648 _____ () C:\Program Files (x86)\TiVo\Desktop\ssleay32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87131553.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87131553.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-909550099-3992804192-3579809205-500 - Administrator - Disabled)
Gina's Laptop (S-1-5-21-909550099-3992804192-3579809205-1001 - Administrator - Enabled) => C:\Users\Gina's Laptop
Guest (S-1-5-21-909550099-3992804192-3579809205-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-909550099-3992804192-3579809205-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2014 11:43:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2014 10:29:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2014 10:29:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2014 10:29:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2014 10:28:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2014 10:28:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2014 10:28:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2014 10:27:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2014 09:45:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 09:08:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

System errors:
=============
Error: (11/15/2014 10:54:38 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (11/10/2014 07:36:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Virtualization Client service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/10/2014 07:36:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG WatchDog service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (11/10/2014 07:36:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (11/10/2014 07:36:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AVGIDSAgent service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/10/2014 07:36:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TiVo Beacon Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/10/2014 07:36:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The EpsonBidirectionalService service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/10/2014 07:36:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Client Virtualization Handler service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/10/2014 07:36:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Andrea ST Filters Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/10/2014 07:36:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Audio Service service terminated unexpectedly.  It has done this 1 time(s).

Microsoft Office Sessions:
=========================
Error: (11/15/2014 11:43:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/15/2014 10:29:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gina's Laptop\Desktop\fix dllhost issue\esetsmartinstaller_enu.exe

Error: (11/15/2014 10:29:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gina's Laptop\Desktop\fix dllhost issue\esetsmartinstaller_enu.exe

Error: (11/15/2014 10:29:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gina's Laptop\Desktop\fix dllhost issue\esetsmartinstaller_enu.exe

Error: (11/15/2014 10:28:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gina's Laptop\Desktop\fix dllhost issue\esetsmartinstaller_enu.exe

Error: (11/15/2014 10:28:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gina's Laptop\Desktop\fix dllhost issue\esetsmartinstaller_enu.exe

Error: (11/15/2014 10:28:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gina's Laptop\Desktop\fix dllhost issue\esetsmartinstaller_enu.exe

Error: (11/15/2014 10:27:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gina's Laptop\Desktop\fix dllhost issue\esetsmartinstaller_enu.exe

Error: (11/15/2014 09:45:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 09:08:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

CodeIntegrity Errors:
===================================
  Date: 2012-04-29 17:31:05.184
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-04-29 17:31:05.168
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 51%
Total physical RAM: 2934.68 MB
Available physical RAM: 1411.76 MB
Total Pagefile: 5867.55 MB
Available Pagefile: 3510.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:138.27 GB) NTFS
Drive d: (AMERICAN_HORROR_STORY_S2_DISC2) (CDROM) (Total:7.07 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: EEEB67E2)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#15 GinasGoodies

GinasGoodies
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:33 AM

Posted 16 November 2014 - 01:45 AM

FSS.txt:

 

Farbar Service Scanner Version: 21-07-2014
Ran by Gina's Laptop (administrator) on 16-11-2014 at 00:43:34
Running from "C:\Users\Gina's Laptop\Desktop\fix dllhost issue"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users