Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with virus(s), dllhost com surrogates & fff5ee.com popups


  • This topic is locked This topic is locked
25 replies to this topic

#1 vallen_chance

vallen_chance

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:01:56 PM

Posted 02 November 2014 - 06:17 PM

Some of my security programs have been blocking fff5ee.com popups quit frequently lately, So I ran a few scans with AVG and spybot, and found several viruses and Trojans, including crypt3.bbyn, win32/cryptor, inject2.bclt, agent5.awm, crypt3.bapo, pakes2_c.hed, Adware Generic_r.uj, Most of them seem to have been situated in C:programdata\Windows Genuine Advantage, or the User\appdata\local\temp\updateflashplayer. Avg and spybot removed them, but a few seem to be replicating, and upon inspection of Task Manager, there are about 9 dllhost.exe com surrogates running in the processes tab (Which I think are linked to the Adware Generic). I'm at a bit of a loss as to how I should proceed, and any help would be greatly appreciated.

Attached Files


Edited by vallen_chance, 02 November 2014 - 06:25 PM.


BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:56 PM

Posted 06 November 2014 - 07:05 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

If the system has been used after topic creation time we need to take a look at fresh logs.
Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#3 vallen_chance

vallen_chance
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:01:56 PM

Posted 06 November 2014 - 06:58 PM

Thank you for assisting me in this matter. So before I post the logs, i'll give you a quick update on the situation. I've run a few more scans on the computer since my first post, and during one of them AVG detected and removed Poweliks, and JS/Exploit, There's still some issues with Dllhost surrogates though, so I think it's hiding somewhere.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by josh (administrator) on JOSH-PC on 06-11-2014 15:53:08
Running from C:\Users\josh\Desktop\security
Loaded Profiles: josh & UpdatusUser (Available profiles: josh & UpdatusUser & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\authServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\CE\CovenantEyes.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\CE\CovenantEyesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-28] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [NMSVC] => C:\Program Files (x86)\CE\CovenantEyes.exe [2433832 2012-10-22] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2012-03-15] (Intel Corporation)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-19] (DivX, LLC)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\...\MountPoints2: {492bcb59-5577-11e2-bad1-902b3459ddb8} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\...\MountPoints2: {99761ff9-55c2-11e2-bb7b-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\...A8F59079A8D5}\localserver32:  <==== ATTENTION!
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ewtn.com/daily-readings/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8D4144445FE9CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.ewtn.com/Devotionals/prayers/magnificat.htm
SearchScopes: HKCU - DefaultScope {1FE312D3-AB03-4CAD-BB87-3188DF548409} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {1FE312D3-AB03-4CAD-BB87-3188DF548409} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={2EE3510E-E0BA-415D-A878-F3B49B5FD536}&mid=f20060774b5147d08661416272bd344b-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-08 22:59:50&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 09 C:\Windows\SysWOW64\nmNsp.dll [1623320] ()
Winsock: Catalog9 01 CESpy.dll File Not found ()
Winsock: Catalog9 02 CESpy.dll File Not found ()
Winsock: Catalog9 03 CESpy.dll File Not found ()
Winsock: Catalog9 04 CESpy.dll File Not found ()
Winsock: Catalog9 05 CESpy.dll File Not found ()
Winsock: Catalog9 06 CESpy.dll File Not found ()
Winsock: Catalog9 07 CESpy.dll File Not found ()
Winsock: Catalog9 08 CESpy.dll File Not found ()
Winsock: Catalog9 09 CESpy.dll File Not found ()
Winsock: Catalog9 10 CESpy.dll File Not found ()
Winsock: Catalog9 21 CESpy.dll File Not found ()
Winsock: Catalog5-x64 09 %SystemRoot%\System32\nmNsp.dll [2203648] ()
Winsock: Catalog9-x64 01 CESpy.dll File Not found ()
Winsock: Catalog9-x64 02 CESpy.dll File Not found ()
Winsock: Catalog9-x64 03 CESpy.dll File Not found ()
Winsock: Catalog9-x64 04 CESpy.dll File Not found ()
Winsock: Catalog9-x64 05 CESpy.dll File Not found ()
Winsock: Catalog9-x64 06 CESpy.dll File Not found ()
Winsock: Catalog9-x64 07 CESpy.dll File Not found ()
Winsock: Catalog9-x64 08 CESpy.dll File Not found ()
Winsock: Catalog9-x64 09 CESpy.dll File Not found ()
Winsock: Catalog9-x64 10 CESpy.dll File Not found ()
Winsock: Catalog9-x64 21 CESpy.dll File Not found ()
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\josh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204 [2014-02-08]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-09-04]
 
Chrome: 
=======
CHR Profile: C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (Google Wallet) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Auth Service; C:\Windows\system32\authServer.exe [2220544 2012-10-22] () [File not signed]
R2 Auth Service; C:\Windows\SysWOW64\authServer.exe [2220544 2012-10-22] () [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [7168 2012-03-15] (Intel Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24496 2012-03-15] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-06 15:52 - 2014-11-06 15:53 - 00000000 ____D () C:\FRST
2014-11-04 00:21 - 2014-11-04 22:12 - 00000112 _____ () C:\Windows\setupact.log
2014-11-02 15:55 - 2014-11-02 15:55 - 00000000 ____D () C:\AdwCleaner
2014-11-02 15:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-11-02 15:31 - 2014-11-04 22:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-02 15:31 - 2014-11-02 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-02 15:31 - 2014-11-02 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-02 15:31 - 2014-11-02 15:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-02 15:31 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-02 15:31 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-02 15:31 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-02 14:37 - 2014-11-02 14:37 - 00688992 ____R (Swearware) C:\Users\josh\Desktop\dds.com
2014-11-02 00:14 - 2014-11-02 00:14 - 00000604 _____ () C:\Windows\wininit.ini
2014-11-01 23:17 - 2014-11-03 16:43 - 00000000 ____D () C:\ProgramData\ManoYoke
2014-11-01 23:17 - 2014-11-01 23:18 - 00000000 ____D () C:\ProgramData\EagxuBranb
2014-10-25 17:54 - 2014-10-25 17:54 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-25 17:54 - 2014-10-25 17:54 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-25 17:54 - 2014-10-25 17:54 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-25 17:54 - 2014-10-25 17:54 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-25 17:54 - 2014-10-25 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-25 17:54 - 2014-10-25 17:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-24 16:02 - 2014-10-24 16:02 - 00087200 _____ () C:\ProgramData\wrnhoah.tmp
2014-10-24 16:02 - 2014-10-24 16:02 - 00000944 ____H () C:\ProgramData\@system2.att
2014-10-24 16:02 - 2014-10-24 16:02 - 00000448 ____H () C:\Users\josh\AppData\Roaming\麽鎒駓覜
2014-10-24 16:01 - 2014-11-01 23:17 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-10-19 23:15 - 2014-10-19 23:15 - 00000807 _____ () C:\Users\josh\Desktop\Sunday 26th seattle resteraunt trip.txt
2014-10-16 16:44 - 2014-10-16 16:44 - 00000000 ____D () C:\Users\josh\AppData\Local\SWCharGenLauncher
2014-10-16 16:12 - 2014-10-16 16:12 - 00000000 ____D () C:\Users\josh\AppData\Local\SWCharGen
2014-10-16 16:11 - 2014-10-16 16:11 - 00000118 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-10-16 16:11 - 2014-10-16 16:11 - 00000000 ____D () C:\Users\josh\AppData\Roaming\SWCharGen
2014-10-15 17:22 - 2014-10-09 18:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 17:22 - 2014-10-09 18:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 17:22 - 2014-10-09 18:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 17:22 - 2014-10-06 18:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 17:22 - 2014-10-06 18:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 17:22 - 2014-09-28 16:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 17:22 - 2014-09-25 14:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 17:22 - 2014-09-25 14:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 17:22 - 2014-09-25 14:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 17:22 - 2014-09-25 14:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 17:22 - 2014-09-25 14:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 17:22 - 2014-09-25 14:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 17:22 - 2014-09-25 14:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 17:22 - 2014-09-18 18:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 17:22 - 2014-09-18 17:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 17:22 - 2014-09-18 17:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 17:22 - 2014-09-18 17:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 17:22 - 2014-09-18 17:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 17:22 - 2014-09-18 17:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 17:22 - 2014-09-18 17:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 17:22 - 2014-09-18 17:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 17:22 - 2014-09-18 17:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 17:22 - 2014-09-18 17:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 17:22 - 2014-09-18 17:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 17:22 - 2014-09-18 17:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 17:22 - 2014-09-18 17:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 17:22 - 2014-09-18 17:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 17:22 - 2014-09-18 17:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 17:22 - 2014-09-18 17:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 17:22 - 2014-09-18 17:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 17:22 - 2014-09-18 17:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 17:22 - 2014-09-18 17:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 17:22 - 2014-09-18 17:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 17:22 - 2014-09-18 17:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 17:22 - 2014-09-18 17:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 17:22 - 2014-09-18 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 17:22 - 2014-09-18 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 17:22 - 2014-09-18 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 17:22 - 2014-09-18 17:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 17:22 - 2014-09-18 16:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 17:22 - 2014-09-18 16:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 17:22 - 2014-09-18 16:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 17:22 - 2014-09-18 16:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 17:22 - 2014-09-18 16:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 17:22 - 2014-09-18 16:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 17:22 - 2014-09-18 16:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 17:22 - 2014-09-18 16:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 17:22 - 2014-09-18 16:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 17:22 - 2014-09-18 16:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 17:22 - 2014-09-18 16:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 17:22 - 2014-09-18 16:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 17:22 - 2014-09-18 16:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 17:22 - 2014-09-18 16:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 17:22 - 2014-09-18 16:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 17:22 - 2014-09-18 16:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 17:22 - 2014-09-18 16:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 17:22 - 2014-09-18 15:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 17:22 - 2014-09-18 15:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 17:22 - 2014-09-18 15:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 17:22 - 2014-09-18 15:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 17:22 - 2014-09-17 18:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 17:22 - 2014-09-17 17:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 17:22 - 2014-09-03 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 17:22 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 17:22 - 2014-07-16 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 17:22 - 2014-07-16 18:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 17:22 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 17:22 - 2014-07-16 17:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 17:22 - 2014-07-16 17:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 17:22 - 2014-07-16 17:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 17:22 - 2014-07-16 17:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 17:22 - 2014-07-16 17:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 17:22 - 2014-07-16 17:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 17:22 - 2014-07-16 17:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 17:22 - 2014-06-18 14:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 17:22 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 17:22 - 2014-06-18 14:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 17:22 - 2014-06-18 14:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 17:22 - 2014-06-18 14:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 17:22 - 2014-06-18 14:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 17:21 - 2014-09-12 17:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 17:21 - 2014-09-12 17:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-13 22:17 - 2014-10-13 22:17 - 00000000 ____D () C:\Users\josh\AppData\Local\DDMSettings
2014-10-11 22:51 - 2014-10-11 22:52 - 04115757 _____ () C:\Users\josh\Downloads\MotioninJoy_070000_signed.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-06 15:53 - 2013-01-02 19:41 - 00000000 ____D () C:\Users\josh\Desktop\security
2014-11-06 15:52 - 2013-01-04 19:44 - 00231486 _____ () C:\ceProcesses.txt
2014-11-06 15:51 - 2013-01-07 14:58 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2499D03F-6D67-4AD8-8848-2AEA152F5C64}
2014-11-06 15:51 - 2013-01-02 16:36 - 01472071 _____ () C:\Windows\WindowsUpdate.log
2014-11-06 01:50 - 2013-01-02 19:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-06 01:50 - 2013-01-02 19:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-06 00:11 - 2013-01-02 20:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-05 19:50 - 2013-01-02 19:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-05 18:58 - 2013-01-02 19:07 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-04 22:19 - 2009-07-13 21:13 - 00798430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-04 22:19 - 2009-07-13 20:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 22:19 - 2009-07-13 20:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 22:12 - 2013-01-02 19:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-04 22:12 - 2013-01-02 18:27 - 00394086 _____ () C:\Windows\PFRO.log
2014-11-04 22:12 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-02 15:37 - 2013-01-02 19:16 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-02 00:13 - 2013-01-02 19:37 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-02 00:12 - 2013-01-02 19:37 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-10-25 17:54 - 2014-05-03 21:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-24 16:02 - 2013-09-25 15:21 - 00000000 ____D () C:\ProgramData\AVG2014
2014-10-21 21:45 - 2009-07-13 21:08 - 00032598 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-20 00:01 - 2014-08-30 23:16 - 00000102 _____ () C:\Users\josh\Desktop\New Text Document.txt
2014-10-18 18:45 - 2013-01-02 19:54 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 18:45 - 2013-01-02 19:54 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 15:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 02:21 - 2009-07-13 20:45 - 00278344 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 02:18 - 2014-05-06 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 02:01 - 2013-08-15 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 02:00 - 2013-01-05 16:14 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 18:07 - 2013-01-02 23:33 - 00000000 ____D () C:\Users\josh\Desktop\games
2014-10-15 00:04 - 2014-04-17 16:26 - 00000000 ____D () C:\Users\josh\Desktop\New folder
2014-10-13 01:15 - 2013-05-26 17:50 - 00000000 ____D () C:\Windows\System32\Tasks\Games
 
Some content of TEMP:
====================
C:\Users\josh\AppData\Local\Temp\_isE12B.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-05 00:14
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2014
Ran by josh at 2014-11-06 15:53:26
Running from C:\Users\josh\Desktop\security
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\Steam App 228400) (Version:  - Namco )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - )
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
Artemis Artemis DEMO (HKLM-x32\...\Artemis DEMO) (Version: 1.66.0 - Thom Robertson)
Assassin's Creed® III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4189 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
Binary Domain (HKLM-x32\...\Steam App 203750) (Version:  - Devil's Details)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Cargo Commander (HKLM-x32\...\Steam App 220460) (Version:  - Serious Brew)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - )
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - )
Choplifter HD (HKLM-x32\...\Steam App 202070) (Version:  - )
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Covenant Eyes (HKLM-x32\...\{5AC5ED2E-2936-4B54-A429-703F9034938E}) (Version: 4.5.3 - Covenant Eyes, Inc.)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
DEFCON (HKLM-x32\...\Steam App 1520) (Version:  - Introversion Software)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dungeon Siege (HKLM-x32\...\Steam App 39190) (Version:  - )
E.Y.E: Divine Cybermancy (HKLM-x32\...\Steam App 91700) (Version:  - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Galaxy on Fire 2™ Full HD (HKLM-x32\...\Steam App 212010) (Version:  - Fishlabs Entertainment GmbH)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version:  - Eidos)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
Infinite Space III: Sea of Stars (HKLM-x32\...\Steam App 269990) (Version:  - Digital Eel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.21.1134 - Intel Corporation)
Intel® Network Connections 17.0.200.2 (HKLM\...\PROSetDX) (Version: 17.0.200.2 - Intel)
Intel® Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 3.1.0.1068 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Rockstar)
Legendary (HKLM-x32\...\Steam App 16730) (Version:  - Spark Unlimited)
Leviathan: Warships (HKLM-x32\...\Steam App 202270) (Version:  - Pieces Interactive)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios AB)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Miner Wars 2081 (HKLM-x32\...\Steam App 223430) (Version:  - Keen Software House)
Mount & Blade (HKLM-x32\...\Steam App 22100) (Version:  - Paradox Interactive)
My Game Long Name (HKLM\...\UDK-4c92c5ce-ce7c-4c80-9b34-774d4e2fe254) (Version:  - Epic Games, Inc.)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version:  - CyberConnect 2)
No Time to Explain (HKLM-x32\...\Steam App 227280) (Version:  - tinyBuild)
NVIDIA 3D Vision Controller Driver 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Organ Trail: Director's Cut (HKLM-x32\...\Steam App 233740) (Version:  - The Men Who Wear Many Hats)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap Games, Inc.)
Prototype (HKLM-x32\...\Steam App 10150) (Version:  - Radical Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Game Booster (HKLM-x32\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)
Retro City Rampage™ (HKLM-x32\...\Steam App 204630) (Version:  - Vblank Entertainment, Inc.)
Rise of Flight (HKLM-x32\...\{1101370E-0BBC-4939-8037-2AED92A5C15C}_is1) (Version:  - 777)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
Rome: Total War - Alexander (HKLM-x32\...\Steam App 4770) (Version:  - The Creative Assembly)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
Sequence (HKLM-x32\...\Steam App 200910) (Version:  - )
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
Shank (HKLM-x32\...\Steam App 6120) (Version:  - Electronic Arts)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - )
Solar 2 (HKLM-x32\...\Steam App 97000) (Version:  - Murudai)
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - MinMax Games Ltd.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
SpywareBlaster 4.6 (HKLM-x32\...\SpywareBlaster_is1) (Version: 4.6.1 - BrightFort LLC)
Star Wars Jedi Knight: Dark Forces II (HKLM-x32\...\Steam App 32380) (Version:  - LucasArts)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
StarCitizen (HKLM-x32\...\StarCitizen) (Version: 1.0 - Cloud Imperium Games)
StarForge Alpha (HKLM-x32\...\Steam App 227680) (Version:  - CodeHatch)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strike Suit Infinity (HKLM-x32\...\Steam App 234160) (Version:  - Born Ready Games Ltd.)
Strike Suit Zero (HKLM-x32\...\Steam App 209540) (Version:  - Born Ready Games Ltd.)
Super House of Dead Ninjas (HKLM-x32\...\Steam App 224820) (Version:  - Megadev)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
Sword of the Stars: The Pit (HKLM-x32\...\Steam App 233700) (Version:  - Kerberos Productions)
Tactical Expansion Mod V1.1 (HKCU\...\Tactical Expansion Mod V1.1) (Version:  - )
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Elder Scrolls IV: Oblivion  (HKLM-x32\...\Steam App 22330) (Version:  - Bethesda Game Studios)
They Bleed Pixels (HKLM-x32\...\Steam App 211260) (Version:  - )
Tom Clancy's Rainbow Six: Vegas 2 (HKLM-x32\...\Steam App 15120) (Version:  - Ubisoft Montreal)
Tom Clancy's Splinter Cell: Conviction (HKLM-x32\...\Steam App 33220) (Version:  - Ubisoft)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wargame: European Escalation (HKLM-x32\...\Steam App 58610) (Version:  - Focus,Eugen Systems)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wizorb (HKLM-x32\...\Steam App 207420) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
23-10-2014 10:09:13 Scheduled Checkpoint
26-10-2014 01:53:49 Installed Java 7 Update 71
02-11-2014 19:14:28 Scheduled Checkpoint
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {04CAF1E6-D167-4AD8-B40B-618FA731D938} - System32\Tasks\{85D49950-3433-467F-B328-BDE065DB650C} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {07C98709-BA84-4A99-9F16-A3BB87ACBF65} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {07FF802D-DD0C-4FB2-8D4E-461A8D20F555} - System32\Tasks\{A1088B6F-F4E8-4865-B374-74F8024CECB9} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {287A604E-2B73-4BE0-9946-04E882B97C12} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {30F81A87-8D0B-4BE4-B206-0ED03204F534} - System32\Tasks\{85C469B7-197D-4A37-BA39-6351BB123AD8} => C:\Users\josh\Desktop\games\Xpadder.exe [2008-08-29] ()
Task: {33170443-891D-4FE0-84D1-C73198CA1425} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {39B4A3BD-FD7C-4FE2-9941-B9C147A9F4CB} - System32\Tasks\{9ACEBA01-060E-492A-B79F-296F64E5BA3D} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {3F1B0A20-1532-4E39-986F-2A5719E587BB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-27] (Adobe Systems Incorporated)
Task: {3F274F2A-F991-410F-BA5A-37E3EE4761B5} - System32\Tasks\{3D1700CA-000A-4271-8259-B896BA59CB31} => G:\Games\Xpadder5-3\Xpadder.exe
Task: {424504E3-EDE6-4774-93FB-484737706B9C} - System32\Tasks\{B825A075-E0B2-4EE2-ABA5-205FE21415A0} => E:\Assassin's Creed III\AC3SP.exe [2013-05-23] ()
Task: {51EF7246-0401-44E0-A984-F138F8D2A949} - System32\Tasks\{8C48E063-7495-41CD-A15C-7A5BFEF499A0} => C:\Users\josh\Desktop\Xpadder.exe
Task: {53DE7FBB-820C-4332-A9DE-99874512FB7D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {67C2C464-4DE1-48FB-A873-76C312395C04} - System32\Tasks\{96F6FA81-0AB1-46B3-9FAF-23D679F5B8AD} => I:\Universal-USB-Installer-1.9.5.5.exe [2014-09-08] ()
Task: {82B2DD73-ECD5-4B26-85C2-89E5857B8C3B} - System32\Tasks\{833B8124-0A85-4036-B576-313754FA61C9} => E:\Assassin's Creed III\AC3SP.exe [2013-05-23] ()
Task: {84DDF47F-5DB8-4EDF-8187-AB57C28DD529} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {919511FC-99F6-41A3-A7F4-A198C42D97C8} - System32\Tasks\{3DB23434-ABE7-4764-8B49-DF8D34832E4C} => G:\Games\Xpadder5-3\Xpadder.exe
Task: {ABD58125-168F-4ED3-912E-8FBF9BEB8012} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {B7439065-1028-4878-BBC2-BB524F671FAF} - System32\Tasks\{AE3FE97A-7EE0-4633-843C-6AEADC67EE13} => I:\Universal-USB-Installer-1.9.5.5.exe [2014-09-08] ()
Task: {BC135016-66A8-42E5-BA90-6C2D93B0B07F} - System32\Tasks\{CCCA6DC6-BBF4-4862-BD6F-2E777AAFEBFF} => E:\Assassin's Creed III\AC3SP.exe [2013-05-23] ()
Task: {C1C6B58B-DAE8-4211-B8AA-6637117BC720} - System32\Tasks\{5C8A5181-1F2E-4893-8598-B243F27631D9} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {C58A98DF-1473-41CF-ACFD-4DAE8BD5DBE7} - System32\Tasks\{9F9A2F28-3280-42A8-8B88-2E626EF45817} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {DD93FF42-9F34-4A92-8292-EC0F2BAFCC43} - System32\Tasks\{73659D5C-54F5-4D65-A017-C9B9C8693F8B} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {F0E9ECE7-830A-4A22-B046-C5BCC62EBD6D} - System32\Tasks\{3C833A73-BC1E-47D7-8105-26C6BAFD7CF5} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-01-04 19:44 - 2012-10-22 16:01 - 00206336 _____ () C:\Windows\system32\CESpy.dll
2013-01-04 19:44 - 2012-10-22 16:01 - 02203648 _____ () C:\Windows\System32\nmNsp.dll
2013-01-02 19:03 - 2013-01-18 07:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-01-04 19:44 - 2012-10-22 16:01 - 00206336 _____ () C:\Windows\System32\CESpy.dll
2013-01-04 19:44 - 2012-10-22 15:59 - 02220544 _____ () C:\Windows\SysWOW64\authServer.exe
2013-12-03 03:52 - 2013-12-03 03:52 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-11 17:48 - 2014-08-11 17:48 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2013-01-22 16:36 - 2014-08-28 15:13 - 02640408 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-01-04 19:44 - 2012-10-22 16:02 - 02433832 _____ () C:\Program Files (x86)\CE\CovenantEyes.exe
2013-02-12 18:37 - 2013-02-12 18:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-01-04 19:44 - 2012-10-22 16:02 - 01533240 _____ () C:\Program Files (x86)\CE\CovenantEyesHelper.exe
2013-01-04 19:44 - 2012-10-22 16:00 - 00577024 _____ () C:\Program Files\CE\nmsvc64.dll
2013-01-04 19:44 - 2012-10-22 16:00 - 00079872 _____ () C:\Program Files\CE\nmsvTree64.dll
2013-01-04 19:44 - 2012-10-22 16:00 - 00130048 _____ () C:\Program Files\CE\zlib64.dll
2013-01-04 19:44 - 2012-10-22 16:02 - 01623320 _____ () C:\Windows\SysWOW64\nmNsp.dll
2013-01-04 19:44 - 2012-10-22 16:02 - 00177944 _____ () C:\Windows\SysWOW64\CESpy.dll
2013-01-02 19:16 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-01-02 19:16 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-01-02 19:16 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-01-02 19:16 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-01-02 19:16 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2014-08-11 17:48 - 2014-08-11 17:48 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2013-01-04 19:44 - 2012-10-22 16:02 - 02021144 _____ () C:\Program Files (x86)\CE\nmsvc.dll
2013-01-04 19:44 - 2012-10-22 16:02 - 00072992 _____ () C:\Program Files (x86)\CE\nmsvTree.dll
2013-01-04 19:44 - 2012-10-22 15:47 - 00112128 _____ () C:\Program Files (x86)\CE\zlib.dll
2013-01-02 19:16 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2013-02-12 18:38 - 2013-02-12 18:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-12-08 21:22 - 2014-08-28 03:17 - 01654296 ____N () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
2014-10-16 02:25 - 2014-10-16 02:25 - 00019968 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\PSIClient\3d540ad543f40ac2fc1107b17a8fef40\PSIClient.ni.dll
2014-10-29 21:02 - 2014-10-21 20:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-29 21:02 - 2014-10-21 20:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-29 21:02 - 2014-10-21 20:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-29 21:02 - 2014-10-21 20:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-09-13 22:57 - 2014-08-21 10:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-13 22:57 - 2014-08-21 10:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-13 22:57 - 2014-08-21 10:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-13 22:57 - 2014-10-01 15:16 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-09-13 22:57 - 2014-10-21 11:22 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-13 22:57 - 2014-08-21 10:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-13 22:57 - 2014-08-21 10:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-09-13 22:57 - 2014-10-21 11:22 - 00682176 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-09-13 22:57 - 2014-09-04 15:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-09-13 22:57 - 2014-09-04 15:29 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-10-29 21:02 - 2014-10-21 20:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3254576318-3639862535-4154343160-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3254576318-3639862535-4154343160-1003 - Limited - Enabled)
Guest (S-1-5-21-3254576318-3639862535-4154343160-501 - Limited - Enabled) => C:\Users\Guest
josh (S-1-5-21-3254576318-3639862535-4154343160-1000 - Administrator - Enabled) => C:\Users\josh
UpdatusUser (S-1-5-21-3254576318-3639862535-4154343160-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/06/2014 01:17:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FalloutNV.exe, version: 1.4.0.525, time stamp: 0x4e0d50ed
Faulting module name: FalloutNV.exe, version: 1.4.0.525, time stamp: 0x4e0d50ed
Exception code: 0xc0000005
Fault offset: 0x0025893a
Faulting process id: 0xcb8
Faulting application start time: 0xFalloutNV.exe0
Faulting application path: FalloutNV.exe1
Faulting module path: FalloutNV.exe2
Report Id: FalloutNV.exe3
 
Error: (11/04/2014 08:24:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FalloutNV.exe, version: 1.4.0.525, time stamp: 0x4e0d50ed
Faulting module name: FalloutNV.exe, version: 1.4.0.525, time stamp: 0x4e0d50ed
Exception code: 0xc0000005
Fault offset: 0x0015a509
Faulting process id: 0x1548
Faulting application start time: 0xFalloutNV.exe0
Faulting application path: FalloutNV.exe1
Faulting module path: FalloutNV.exe2
Report Id: FalloutNV.exe3
 
Error: (11/03/2014 00:20:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x2698
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (11/02/2014 10:56:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x4e0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (11/02/2014 09:47:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x157c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (11/02/2014 09:29:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x2b14
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (11/02/2014 08:06:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6c
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000223e0
Faulting process id: 0x1920
Faulting application start time: 0xGoogleUpdate.exe0
Faulting application path: GoogleUpdate.exe1
Faulting module path: GoogleUpdate.exe2
Report Id: GoogleUpdate.exe3
 
Error: (11/02/2014 04:33:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x2020
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (11/02/2014 01:46:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x001f01e2
Faulting process id: 0x9c4
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
 
Error: (11/02/2014 11:55:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x001d01e2
Faulting process id: 0x1d44
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
 
 
System errors:
=============
Error: (11/06/2014 03:51:39 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/06/2014 03:51:39 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/06/2014 03:51:38 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/06/2014 03:51:37 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/06/2014 03:51:37 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/06/2014 03:51:37 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/06/2014 03:51:36 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/06/2014 03:51:34 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/06/2014 01:55:33 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/06/2014 01:55:32 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
 
Microsoft Office Sessions:
=========================
Error: (11/06/2014 01:17:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FalloutNV.exe1.4.0.5254e0d50edFalloutNV.exe1.4.0.5254e0d50edc00000050025893acb801cff99938d8ac68E:\SteamLibrary\steamapps\common\Fallout New Vegas\FalloutNV.exeE:\SteamLibrary\steamapps\common\Fallout New Vegas\FalloutNV.execbc3584b-6595-11e4-8c6b-902b3459ddb8
 
Error: (11/04/2014 08:24:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FalloutNV.exe1.4.0.5254e0d50edFalloutNV.exe1.4.0.5254e0d50edc00000050015a509154801cff8ac467e408cE:\SteamLibrary\steamapps\common\Fallout New Vegas\FalloutNV.exeE:\SteamLibrary\steamapps\common\Fallout New Vegas\FalloutNV.exe9fc99be8-64a3-11e4-a96d-902b3459ddb8
 
Error: (11/03/2014 00:20:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753269801cff73eff3be378C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll4422a474-6332-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 10:56:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7ntdll.dll6.1.7601.18247521ea8e7c0000374000ce7534e001cff73343094c37C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll90681935-6326-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 09:47:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753157c01cff729a36829edC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dlleb952832-631c-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 09:29:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7ntdll.dll6.1.7601.18247521ea8e7c0000374000ce7532b1401cff727264bed3cC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll6f0d29e7-631a-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 08:06:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c0000005000223e0192001cff71a9c5c808cC:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\ntdll.dllda44f5db-630e-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 04:33:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753202001cff6fda9d0e826C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll0b1a9fd2-62f1-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 01:46:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.1.7600.163854a5bc6b7unknown0.0.0.000000000c0000005001f01e29c401cff6e67eac26a0C:\Windows\syswow64\dllhost.exeunknownbecf7e29-62d9-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 11:55:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.1.7600.163854a5bc6b7unknown0.0.0.000000000c0000005001d01e21d4401cff6d6e4f52b08C:\Windows\syswow64\dllhost.exeunknown23c41dca-62ca-11e4-82eb-902b3459ddb8
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3820 CPU @ 3.60GHz
Percentage of memory in use: 36%
Total physical RAM: 8141 MB
Available physical RAM: 5205.41 MB
Total Pagefile: 16280.19 MB
Available Pagefile: 11480.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:119.24 GB) (Free:24.36 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:931.41 GB) (Free:624.02 GB) NTFS
Drive f: (WD SmartWare) (CDROM) (Total:0.43 GB) (Free:0 GB) UDF
Drive g: (My Book) (Fixed) (Total:930.86 GB) (Free:505.18 GB) NTFS
Drive i: () (Removable) (Total:14.91 GB) (Free:12.71 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C339D386)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: C339D3FE)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 14.9 GB) (Disk ID: 169A5D28)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)
 
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 0002AE3F)
Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Edited by vallen_chance, 06 November 2014 - 07:00 PM.


#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:56 PM

Posted 07 November 2014 - 03:29 AM

Hi,

 

 

Thank you for the updated information. I can see that Poweliks is still there...Let's get rid of it:

 

Please download the following file => and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#5 vallen_chance

vallen_chance
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:01:56 PM

Posted 07 November 2014 - 07:07 PM

So, After I ran Fix in FRST, it created a log, but during the whole process, a program that I use on my computer called Covenant Eyes (it's an internet filtering program) was uninstalled and then re installed, after which it reboot the computer, and I'm wondering if perhaps it might have interfered with FRST. Here's the log, if I need to re-run the program, let me know and I'll uninstall Covenant Eyes before I run it.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-11-2014
Ran by josh at 2014-11-07 15:59:06 Run:1
Running from C:\Users\josh\Desktop
Loaded Profiles: josh & UpdatusUser (Available profiles: josh & UpdatusUser & Guest)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\...A8F59079A8D5}\localserver32:  <==== ATTENTION!
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
cmd: netsh winsock reset
hosts:
cmd: ipconfig /flushdns
2014-11-01 23:17 - 2014-11-03 16:43 - 00000000 ____D () C:\ProgramData\ManoYoke
2014-11-01 23:17 - 2014-11-01 23:18 - 00000000 ____D () C:\ProgramData\EagxuBranb
2014-10-24 16:02 - 2014-10-24 16:02 - 00087200 _____ () C:\ProgramData\wrnhoah.tmp
2014-10-24 16:02 - 2014-10-24 16:02 - 00000944 ____H () C:\ProgramData\@system2.att
2014-10-24 16:02 - 2014-10-24 16:02 - 00000448 ____H () C:\Users\josh\AppData\Roaming\麽鎒駓覜
2014-10-24 16:01 - 2014-11-01 23:17 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
emptytemp:
end
*****************
 
"HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key Deleted Successfully.
"HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key not found.
 
=========  netsh winsock reset =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
Hosts was reset successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
C:\ProgramData\ManoYoke => Moved successfully.
C:\ProgramData\EagxuBranb => Moved successfully.
C:\ProgramData\wrnhoah.tmp => Moved successfully.
C:\ProgramData\@system2.att => Moved successfully.
C:\Users\josh\AppData\Roaming\麽鎒駓覜 => Moved successfully.
C:\ProgramData\Windows Genuine Advantage => Moved successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.


#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:56 PM

Posted 08 November 2014 - 03:35 AM

Hi,

 

Regarding the log the fix was successful. :)

Just in case to check for leftovers please re-run FRST (make sure that Addition.txt is checked before you press the Scan button) and post both logs in your next reply.

Also let me know how are things after the fix above.

 

 

Regards,

Georgi


cXfZ4wS.png


#7 vallen_chance

vallen_chance
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:01:56 PM

Posted 08 November 2014 - 02:55 PM

I haven't noticed the com surrogates today, I'll keep a close eye on the task manager these next few days. Other than that, the computer seems fine, but then again it was running optimally a during the viral takeover, so there haven't been any performance changes really, I was much more concerned of the security breach than any drop in performance, lol. So am I free to run my usual antiviral software? Also, is there anything I should start doing to make sure this doesn't happen again? (Obviously I won't be trying to watch "The Walking Dead" online again, haha, I think thats how I got the virus. I'll have to see if I can barrow a copy of the series from someone).
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014 01
Ran by josh (administrator) on JOSH-PC on 08-11-2014 11:53:16
Running from C:\Users\josh\Desktop
Loaded Profiles: josh & UpdatusUser (Available profiles: josh & UpdatusUser & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\authServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\CE\CovenantEyes.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\CE\CovenantEyesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-28] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [NMSVC] => C:\Program Files (x86)\CE\CovenantEyes.exe [2433832 2012-10-22] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2012-03-15] (Intel Corporation)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-19] (DivX, LLC)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\...\MountPoints2: {492bcb59-5577-11e2-bad1-902b3459ddb8} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\...\MountPoints2: {99761ff9-55c2-11e2-bb7b-806e6f6e6963} - D:\Run.exe
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ewtn.com/daily-readings/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8D4144445FE9CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.ewtn.com/Devotionals/prayers/magnificat.htm
SearchScopes: HKCU - DefaultScope {1FE312D3-AB03-4CAD-BB87-3188DF548409} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {1FE312D3-AB03-4CAD-BB87-3188DF548409} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={2EE3510E-E0BA-415D-A878-F3B49B5FD536}&mid=f20060774b5147d08661416272bd344b-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-08 22:59:50&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 09 C:\Windows\SysWOW64\nmNsp.dll [1623320] ()
Winsock: Catalog9 01 CESpy.dll File Not found ()
Winsock: Catalog9 02 CESpy.dll File Not found ()
Winsock: Catalog9 03 CESpy.dll File Not found ()
Winsock: Catalog9 04 CESpy.dll File Not found ()
Winsock: Catalog9 05 CESpy.dll File Not found ()
Winsock: Catalog9 06 CESpy.dll File Not found ()
Winsock: Catalog9 07 CESpy.dll File Not found ()
Winsock: Catalog9 08 CESpy.dll File Not found ()
Winsock: Catalog9 09 CESpy.dll File Not found ()
Winsock: Catalog9 10 CESpy.dll File Not found ()
Winsock: Catalog9 21 CESpy.dll File Not found ()
Winsock: Catalog5-x64 09 %SystemRoot%\System32\nmNsp.dll [2203648] ()
Winsock: Catalog9-x64 01 CESpy.dll File Not found ()
Winsock: Catalog9-x64 02 CESpy.dll File Not found ()
Winsock: Catalog9-x64 03 CESpy.dll File Not found ()
Winsock: Catalog9-x64 04 CESpy.dll File Not found ()
Winsock: Catalog9-x64 05 CESpy.dll File Not found ()
Winsock: Catalog9-x64 06 CESpy.dll File Not found ()
Winsock: Catalog9-x64 07 CESpy.dll File Not found ()
Winsock: Catalog9-x64 08 CESpy.dll File Not found ()
Winsock: Catalog9-x64 09 CESpy.dll File Not found ()
Winsock: Catalog9-x64 10 CESpy.dll File Not found ()
Winsock: Catalog9-x64 21 CESpy.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\josh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204 [2014-02-08]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-09-04]
 
Chrome: 
=======
CHR Profile: C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (Google Wallet) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Auth Service; C:\Windows\system32\authServer.exe [2220544 2012-10-22] () [File not signed]
R2 Auth Service; C:\Windows\SysWOW64\authServer.exe [2220544 2012-10-22] () [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [7168 2012-03-15] (Intel Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24496 2012-03-15] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-08 11:52 - 2014-11-08 11:52 - 00000000 ____D () C:\Users\josh\Desktop\FRST-OlderVersion
2014-11-07 15:58 - 2014-11-08 11:53 - 00017062 _____ () C:\Users\josh\Desktop\FRST.txt
2014-11-07 15:58 - 2014-11-07 15:58 - 00039277 _____ () C:\Users\josh\Desktop\Addition.txt
2014-11-07 15:56 - 2014-11-07 15:56 - 00001672 _____ () C:\Users\josh\Desktop\fixlist.txt
2014-11-06 15:52 - 2014-11-08 11:53 - 00000000 ____D () C:\FRST
2014-11-04 00:21 - 2014-11-07 16:01 - 00000168 _____ () C:\Windows\setupact.log
2014-11-02 15:55 - 2014-11-02 15:55 - 00000000 ____D () C:\AdwCleaner
2014-11-02 15:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-11-02 15:31 - 2014-11-04 22:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-02 15:31 - 2014-11-02 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-02 15:31 - 2014-11-02 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-02 15:31 - 2014-11-02 15:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-02 15:31 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-02 15:31 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-02 15:31 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-02 14:37 - 2014-11-02 14:37 - 00688992 ____R (Swearware) C:\Users\josh\Desktop\dds.com
2014-11-02 13:55 - 2014-11-08 11:52 - 02115584 _____ (Farbar) C:\Users\josh\Desktop\FRST64.exe
2014-11-02 00:14 - 2014-11-02 00:14 - 00000604 _____ () C:\Windows\wininit.ini
2014-10-25 17:54 - 2014-10-25 17:54 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-25 17:54 - 2014-10-25 17:54 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-25 17:54 - 2014-10-25 17:54 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-25 17:54 - 2014-10-25 17:54 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-25 17:54 - 2014-10-25 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-25 17:54 - 2014-10-25 17:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-19 23:15 - 2014-10-19 23:15 - 00000807 _____ () C:\Users\josh\Desktop\Sunday 26th seattle resteraunt trip.txt
2014-10-16 16:44 - 2014-10-16 16:44 - 00000000 ____D () C:\Users\josh\AppData\Local\SWCharGenLauncher
2014-10-16 16:12 - 2014-10-16 16:12 - 00000000 ____D () C:\Users\josh\AppData\Local\SWCharGen
2014-10-16 16:11 - 2014-10-16 16:11 - 00000118 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-10-16 16:11 - 2014-10-16 16:11 - 00000000 ____D () C:\Users\josh\AppData\Roaming\SWCharGen
2014-10-15 17:22 - 2014-10-09 18:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 17:22 - 2014-10-09 18:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 17:22 - 2014-10-09 18:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 17:22 - 2014-10-06 18:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 17:22 - 2014-10-06 18:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 17:22 - 2014-09-28 16:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 17:22 - 2014-09-25 14:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 17:22 - 2014-09-25 14:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 17:22 - 2014-09-25 14:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 17:22 - 2014-09-25 14:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 17:22 - 2014-09-25 14:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 17:22 - 2014-09-25 14:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 17:22 - 2014-09-25 14:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 17:22 - 2014-09-18 18:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 17:22 - 2014-09-18 17:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 17:22 - 2014-09-18 17:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 17:22 - 2014-09-18 17:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 17:22 - 2014-09-18 17:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 17:22 - 2014-09-18 17:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 17:22 - 2014-09-18 17:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 17:22 - 2014-09-18 17:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 17:22 - 2014-09-18 17:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 17:22 - 2014-09-18 17:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 17:22 - 2014-09-18 17:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 17:22 - 2014-09-18 17:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 17:22 - 2014-09-18 17:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 17:22 - 2014-09-18 17:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 17:22 - 2014-09-18 17:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 17:22 - 2014-09-18 17:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 17:22 - 2014-09-18 17:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 17:22 - 2014-09-18 17:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 17:22 - 2014-09-18 17:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 17:22 - 2014-09-18 17:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 17:22 - 2014-09-18 17:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 17:22 - 2014-09-18 17:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 17:22 - 2014-09-18 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 17:22 - 2014-09-18 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 17:22 - 2014-09-18 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 17:22 - 2014-09-18 17:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 17:22 - 2014-09-18 16:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 17:22 - 2014-09-18 16:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 17:22 - 2014-09-18 16:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 17:22 - 2014-09-18 16:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 17:22 - 2014-09-18 16:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 17:22 - 2014-09-18 16:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 17:22 - 2014-09-18 16:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 17:22 - 2014-09-18 16:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 17:22 - 2014-09-18 16:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 17:22 - 2014-09-18 16:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 17:22 - 2014-09-18 16:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 17:22 - 2014-09-18 16:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 17:22 - 2014-09-18 16:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 17:22 - 2014-09-18 16:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 17:22 - 2014-09-18 16:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 17:22 - 2014-09-18 16:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 17:22 - 2014-09-18 16:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 17:22 - 2014-09-18 15:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 17:22 - 2014-09-18 15:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 17:22 - 2014-09-18 15:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 17:22 - 2014-09-18 15:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 17:22 - 2014-09-17 18:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 17:22 - 2014-09-17 17:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 17:22 - 2014-09-03 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 17:22 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 17:22 - 2014-07-16 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 17:22 - 2014-07-16 18:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 17:22 - 2014-07-16 18:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 17:22 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 17:22 - 2014-07-16 17:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 17:22 - 2014-07-16 17:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 17:22 - 2014-07-16 17:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 17:22 - 2014-07-16 17:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 17:22 - 2014-07-16 17:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 17:22 - 2014-07-16 17:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 17:22 - 2014-07-16 17:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 17:22 - 2014-06-18 14:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 17:22 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 17:22 - 2014-06-18 14:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 17:22 - 2014-06-18 14:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 17:22 - 2014-06-18 14:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 17:22 - 2014-06-18 14:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 17:21 - 2014-09-12 17:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 17:21 - 2014-09-12 17:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-13 22:17 - 2014-10-13 22:17 - 00000000 ____D () C:\Users\josh\AppData\Local\DDMSettings
2014-10-11 22:51 - 2014-10-11 22:52 - 04115757 _____ () C:\Users\josh\Downloads\MotioninJoy_070000_signed.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-08 11:53 - 2013-01-04 19:44 - 00232362 _____ () C:\ceProcesses.txt
2014-11-08 11:51 - 2013-01-02 19:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-08 11:51 - 2013-01-02 19:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 11:51 - 2013-01-02 16:36 - 01512434 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 23:27 - 2013-01-02 20:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-07 22:59 - 2013-01-02 19:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-07 22:50 - 2013-01-02 19:07 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-07 17:51 - 2013-01-07 14:58 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2499D03F-6D67-4AD8-8848-2AEA152F5C64}
2014-11-07 16:08 - 2009-07-13 21:13 - 00798430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 16:08 - 2009-07-13 20:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-07 16:08 - 2009-07-13 20:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-07 16:01 - 2013-01-02 19:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-07 16:01 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 15:57 - 2013-01-02 19:41 - 00000000 ____D () C:\Users\josh\Desktop\security
2014-11-04 22:12 - 2013-01-02 18:27 - 00394086 _____ () C:\Windows\PFRO.log
2014-11-02 15:37 - 2013-01-02 19:16 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-02 00:13 - 2013-01-02 19:37 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-02 00:12 - 2013-01-02 19:37 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-10-25 17:54 - 2014-05-03 21:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-24 16:02 - 2013-09-25 15:21 - 00000000 ____D () C:\ProgramData\AVG2014
2014-10-21 21:45 - 2009-07-13 21:08 - 00032598 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-20 00:01 - 2014-08-30 23:16 - 00000102 _____ () C:\Users\josh\Desktop\New Text Document.txt
2014-10-18 18:45 - 2013-01-02 19:54 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 18:45 - 2013-01-02 19:54 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 15:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 02:21 - 2009-07-13 20:45 - 00278344 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 02:18 - 2014-05-06 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 02:01 - 2013-08-15 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 02:00 - 2013-01-05 16:14 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 18:07 - 2013-01-02 23:33 - 00000000 ____D () C:\Users\josh\Desktop\games
2014-10-15 00:04 - 2014-04-17 16:26 - 00000000 ____D () C:\Users\josh\Desktop\New folder
2014-10-13 01:15 - 2013-05-26 17:50 - 00000000 ____D () C:\Windows\System32\Tasks\Games
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-05 00:14
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-11-2014 01
Ran by josh at 2014-11-08 11:53:34
Running from C:\Users\josh\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\Steam App 228400) (Version:  - Namco )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - )
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
Artemis Artemis DEMO (HKLM-x32\...\Artemis DEMO) (Version: 1.66.0 - Thom Robertson)
Assassin's Creed® III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4189 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
Binary Domain (HKLM-x32\...\Steam App 203750) (Version:  - Devil's Details)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Cargo Commander (HKLM-x32\...\Steam App 220460) (Version:  - Serious Brew)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - )
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - )
Choplifter HD (HKLM-x32\...\Steam App 202070) (Version:  - )
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Covenant Eyes (HKLM-x32\...\{5AC5ED2E-2936-4B54-A429-703F9034938E}) (Version: 4.5.3 - Covenant Eyes, Inc.)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
DEFCON (HKLM-x32\...\Steam App 1520) (Version:  - Introversion Software)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dungeon Siege (HKLM-x32\...\Steam App 39190) (Version:  - )
E.Y.E: Divine Cybermancy (HKLM-x32\...\Steam App 91700) (Version:  - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Galaxy on Fire 2™ Full HD (HKLM-x32\...\Steam App 212010) (Version:  - Fishlabs Entertainment GmbH)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version:  - Eidos)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
Infinite Space III: Sea of Stars (HKLM-x32\...\Steam App 269990) (Version:  - Digital Eel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.21.1134 - Intel Corporation)
Intel® Network Connections 17.0.200.2 (HKLM\...\PROSetDX) (Version: 17.0.200.2 - Intel)
Intel® Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 3.1.0.1068 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Rockstar)
Legendary (HKLM-x32\...\Steam App 16730) (Version:  - Spark Unlimited)
Leviathan: Warships (HKLM-x32\...\Steam App 202270) (Version:  - Pieces Interactive)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios AB)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Miner Wars 2081 (HKLM-x32\...\Steam App 223430) (Version:  - Keen Software House)
Mount & Blade (HKLM-x32\...\Steam App 22100) (Version:  - Paradox Interactive)
My Game Long Name (HKLM\...\UDK-4c92c5ce-ce7c-4c80-9b34-774d4e2fe254) (Version:  - Epic Games, Inc.)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version:  - CyberConnect 2)
No Time to Explain (HKLM-x32\...\Steam App 227280) (Version:  - tinyBuild)
NVIDIA 3D Vision Controller Driver 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Organ Trail: Director's Cut (HKLM-x32\...\Steam App 233740) (Version:  - The Men Who Wear Many Hats)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap Games, Inc.)
Prototype (HKLM-x32\...\Steam App 10150) (Version:  - Radical Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Game Booster (HKLM-x32\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)
Retro City Rampage™ (HKLM-x32\...\Steam App 204630) (Version:  - Vblank Entertainment, Inc.)
Rise of Flight (HKLM-x32\...\{1101370E-0BBC-4939-8037-2AED92A5C15C}_is1) (Version:  - 777)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
Rome: Total War - Alexander (HKLM-x32\...\Steam App 4770) (Version:  - The Creative Assembly)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
Sequence (HKLM-x32\...\Steam App 200910) (Version:  - )
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
Shank (HKLM-x32\...\Steam App 6120) (Version:  - Electronic Arts)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - )
Solar 2 (HKLM-x32\...\Steam App 97000) (Version:  - Murudai)
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - MinMax Games Ltd.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
SpywareBlaster 4.6 (HKLM-x32\...\SpywareBlaster_is1) (Version: 4.6.1 - BrightFort LLC)
Star Wars Jedi Knight: Dark Forces II (HKLM-x32\...\Steam App 32380) (Version:  - LucasArts)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
StarCitizen (HKLM-x32\...\StarCitizen) (Version: 1.0 - Cloud Imperium Games)
StarForge Alpha (HKLM-x32\...\Steam App 227680) (Version:  - CodeHatch)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strike Suit Infinity (HKLM-x32\...\Steam App 234160) (Version:  - Born Ready Games Ltd.)
Strike Suit Zero (HKLM-x32\...\Steam App 209540) (Version:  - Born Ready Games Ltd.)
Super House of Dead Ninjas (HKLM-x32\...\Steam App 224820) (Version:  - Megadev)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
Sword of the Stars: The Pit (HKLM-x32\...\Steam App 233700) (Version:  - Kerberos Productions)
Tactical Expansion Mod V1.1 (HKCU\...\Tactical Expansion Mod V1.1) (Version:  - )
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Elder Scrolls IV: Oblivion  (HKLM-x32\...\Steam App 22330) (Version:  - Bethesda Game Studios)
They Bleed Pixels (HKLM-x32\...\Steam App 211260) (Version:  - )
Tom Clancy's Rainbow Six: Vegas 2 (HKLM-x32\...\Steam App 15120) (Version:  - Ubisoft Montreal)
Tom Clancy's Splinter Cell: Conviction (HKLM-x32\...\Steam App 33220) (Version:  - Ubisoft)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wargame: European Escalation (HKLM-x32\...\Steam App 58610) (Version:  - Focus,Eugen Systems)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wizorb (HKLM-x32\...\Steam App 207420) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
23-10-2014 10:09:13 Scheduled Checkpoint
26-10-2014 01:53:49 Installed Java 7 Update 71
02-11-2014 19:14:28 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2014-11-07 15:59 - 2014-11-07 15:59 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {04CAF1E6-D167-4AD8-B40B-618FA731D938} - System32\Tasks\{85D49950-3433-467F-B328-BDE065DB650C} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {07C98709-BA84-4A99-9F16-A3BB87ACBF65} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {07FF802D-DD0C-4FB2-8D4E-461A8D20F555} - System32\Tasks\{A1088B6F-F4E8-4865-B374-74F8024CECB9} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {287A604E-2B73-4BE0-9946-04E882B97C12} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {30F81A87-8D0B-4BE4-B206-0ED03204F534} - System32\Tasks\{85C469B7-197D-4A37-BA39-6351BB123AD8} => C:\Users\josh\Desktop\games\Xpadder.exe [2008-08-29] ()
Task: {33170443-891D-4FE0-84D1-C73198CA1425} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {39B4A3BD-FD7C-4FE2-9941-B9C147A9F4CB} - System32\Tasks\{9ACEBA01-060E-492A-B79F-296F64E5BA3D} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {3F1B0A20-1532-4E39-986F-2A5719E587BB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-27] (Adobe Systems Incorporated)
Task: {3F274F2A-F991-410F-BA5A-37E3EE4761B5} - System32\Tasks\{3D1700CA-000A-4271-8259-B896BA59CB31} => G:\Games\Xpadder5-3\Xpadder.exe
Task: {424504E3-EDE6-4774-93FB-484737706B9C} - System32\Tasks\{B825A075-E0B2-4EE2-ABA5-205FE21415A0} => E:\Assassin's Creed III\AC3SP.exe [2013-05-23] ()
Task: {51EF7246-0401-44E0-A984-F138F8D2A949} - System32\Tasks\{8C48E063-7495-41CD-A15C-7A5BFEF499A0} => C:\Users\josh\Desktop\Xpadder.exe
Task: {53DE7FBB-820C-4332-A9DE-99874512FB7D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {67C2C464-4DE1-48FB-A873-76C312395C04} - System32\Tasks\{96F6FA81-0AB1-46B3-9FAF-23D679F5B8AD} => I:\Universal-USB-Installer-1.9.5.5.exe [2014-09-08] ()
Task: {82B2DD73-ECD5-4B26-85C2-89E5857B8C3B} - System32\Tasks\{833B8124-0A85-4036-B576-313754FA61C9} => E:\Assassin's Creed III\AC3SP.exe [2013-05-23] ()
Task: {84DDF47F-5DB8-4EDF-8187-AB57C28DD529} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {919511FC-99F6-41A3-A7F4-A198C42D97C8} - System32\Tasks\{3DB23434-ABE7-4764-8B49-DF8D34832E4C} => G:\Games\Xpadder5-3\Xpadder.exe
Task: {ABD58125-168F-4ED3-912E-8FBF9BEB8012} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {B7439065-1028-4878-BBC2-BB524F671FAF} - System32\Tasks\{AE3FE97A-7EE0-4633-843C-6AEADC67EE13} => I:\Universal-USB-Installer-1.9.5.5.exe [2014-09-08] ()
Task: {BC135016-66A8-42E5-BA90-6C2D93B0B07F} - System32\Tasks\{CCCA6DC6-BBF4-4862-BD6F-2E777AAFEBFF} => E:\Assassin's Creed III\AC3SP.exe [2013-05-23] ()
Task: {C1C6B58B-DAE8-4211-B8AA-6637117BC720} - System32\Tasks\{5C8A5181-1F2E-4893-8598-B243F27631D9} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {C58A98DF-1473-41CF-ACFD-4DAE8BD5DBE7} - System32\Tasks\{9F9A2F28-3280-42A8-8B88-2E626EF45817} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {DD93FF42-9F34-4A92-8292-EC0F2BAFCC43} - System32\Tasks\{73659D5C-54F5-4D65-A017-C9B9C8693F8B} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: {F0E9ECE7-830A-4A22-B046-C5BCC62EBD6D} - System32\Tasks\{3C833A73-BC1E-47D7-8105-26C6BAFD7CF5} => G:\Media\Games\utilities\Xpadder5-3\Xpadder.exe [2013-02-11] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-01-04 19:44 - 2012-10-22 16:01 - 00206336 _____ () C:\Windows\system32\CESpy.dll
2013-01-04 19:44 - 2012-10-22 16:01 - 02203648 _____ () C:\Windows\System32\nmNsp.dll
2013-01-02 19:03 - 2013-01-18 07:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-01-04 19:44 - 2012-10-22 16:01 - 00206336 _____ () C:\Windows\System32\CESpy.dll
2013-01-04 19:44 - 2012-10-22 15:59 - 02220544 _____ () C:\Windows\SysWOW64\authServer.exe
2013-12-03 03:52 - 2013-12-03 03:52 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-11 17:48 - 2014-08-11 17:48 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2013-01-22 16:36 - 2014-08-28 15:13 - 02640408 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-01-04 19:44 - 2012-10-22 16:02 - 02433832 _____ () C:\Program Files (x86)\CE\CovenantEyes.exe
2013-02-12 18:37 - 2013-02-12 18:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-01-04 19:44 - 2012-10-22 16:02 - 01533240 _____ () C:\Program Files (x86)\CE\CovenantEyesHelper.exe
2013-01-04 19:44 - 2012-10-22 16:00 - 00577024 _____ () C:\Program Files\CE\nmsvc64.dll
2013-01-04 19:44 - 2012-10-22 16:00 - 00079872 _____ () C:\Program Files\CE\nmsvTree64.dll
2013-01-04 19:44 - 2012-10-22 16:00 - 00130048 _____ () C:\Program Files\CE\zlib64.dll
2013-01-04 19:44 - 2012-10-22 16:02 - 01623320 _____ () C:\Windows\SysWOW64\nmNsp.dll
2013-01-04 19:44 - 2012-10-22 16:02 - 00177944 _____ () C:\Windows\SysWOW64\CESpy.dll
2013-01-02 19:16 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-01-02 19:16 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-01-02 19:16 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-01-02 19:16 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-01-02 19:16 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2014-08-11 17:48 - 2014-08-11 17:48 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2013-01-04 19:44 - 2012-10-22 16:02 - 02021144 _____ () C:\Program Files (x86)\CE\nmsvc.dll
2013-01-04 19:44 - 2012-10-22 16:02 - 00072992 _____ () C:\Program Files (x86)\CE\nmsvTree.dll
2013-01-04 19:44 - 2012-10-22 15:47 - 00112128 _____ () C:\Program Files (x86)\CE\zlib.dll
2013-01-02 19:16 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2013-02-12 18:38 - 2013-02-12 18:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-12-08 21:22 - 2014-08-28 03:17 - 01654296 ____N () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
2014-10-16 02:25 - 2014-10-16 02:25 - 00019968 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\PSIClient\3d540ad543f40ac2fc1107b17a8fef40\PSIClient.ni.dll
2014-10-29 21:02 - 2014-10-21 20:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-29 21:02 - 2014-10-21 20:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-29 21:02 - 2014-10-21 20:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-29 21:02 - 2014-10-21 20:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3254576318-3639862535-4154343160-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3254576318-3639862535-4154343160-1003 - Limited - Enabled)
Guest (S-1-5-21-3254576318-3639862535-4154343160-501 - Limited - Enabled) => C:\Users\Guest
josh (S-1-5-21-3254576318-3639862535-4154343160-1000 - Administrator - Enabled) => C:\Users\josh
UpdatusUser (S-1-5-21-3254576318-3639862535-4154343160-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/06/2014 01:17:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FalloutNV.exe, version: 1.4.0.525, time stamp: 0x4e0d50ed
Faulting module name: FalloutNV.exe, version: 1.4.0.525, time stamp: 0x4e0d50ed
Exception code: 0xc0000005
Fault offset: 0x0025893a
Faulting process id: 0xcb8
Faulting application start time: 0xFalloutNV.exe0
Faulting application path: FalloutNV.exe1
Faulting module path: FalloutNV.exe2
Report Id: FalloutNV.exe3
 
Error: (11/04/2014 08:24:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FalloutNV.exe, version: 1.4.0.525, time stamp: 0x4e0d50ed
Faulting module name: FalloutNV.exe, version: 1.4.0.525, time stamp: 0x4e0d50ed
Exception code: 0xc0000005
Fault offset: 0x0015a509
Faulting process id: 0x1548
Faulting application start time: 0xFalloutNV.exe0
Faulting application path: FalloutNV.exe1
Faulting module path: FalloutNV.exe2
Report Id: FalloutNV.exe3
 
Error: (11/03/2014 00:20:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x2698
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (11/02/2014 10:56:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x4e0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (11/02/2014 09:47:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x157c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (11/02/2014 09:29:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x2b14
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (11/02/2014 08:06:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6c
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000223e0
Faulting process id: 0x1920
Faulting application start time: 0xGoogleUpdate.exe0
Faulting application path: GoogleUpdate.exe1
Faulting module path: GoogleUpdate.exe2
Report Id: GoogleUpdate.exe3
 
Error: (11/02/2014 04:33:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x2020
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (11/02/2014 01:46:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x001f01e2
Faulting process id: 0x9c4
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
 
Error: (11/02/2014 11:55:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x001d01e2
Faulting process id: 0x1d44
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
 
 
System errors:
=============
Error: (11/07/2014 05:54:08 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition.  Please check for updated firmware for your system.
 
Error: (11/07/2014 04:03:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (11/07/2014 04:03:12 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (11/07/2014 03:56:13 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/07/2014 03:56:13 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/07/2014 03:56:13 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/07/2014 03:56:13 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/07/2014 03:56:04 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/07/2014 03:56:03 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (11/07/2014 03:56:03 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
 
Microsoft Office Sessions:
=========================
Error: (11/06/2014 01:17:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FalloutNV.exe1.4.0.5254e0d50edFalloutNV.exe1.4.0.5254e0d50edc00000050025893acb801cff99938d8ac68E:\SteamLibrary\steamapps\common\Fallout New Vegas\FalloutNV.exeE:\SteamLibrary\steamapps\common\Fallout New Vegas\FalloutNV.execbc3584b-6595-11e4-8c6b-902b3459ddb8
 
Error: (11/04/2014 08:24:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FalloutNV.exe1.4.0.5254e0d50edFalloutNV.exe1.4.0.5254e0d50edc00000050015a509154801cff8ac467e408cE:\SteamLibrary\steamapps\common\Fallout New Vegas\FalloutNV.exeE:\SteamLibrary\steamapps\common\Fallout New Vegas\FalloutNV.exe9fc99be8-64a3-11e4-a96d-902b3459ddb8
 
Error: (11/03/2014 00:20:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753269801cff73eff3be378C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll4422a474-6332-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 10:56:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7ntdll.dll6.1.7601.18247521ea8e7c0000374000ce7534e001cff73343094c37C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll90681935-6326-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 09:47:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753157c01cff729a36829edC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dlleb952832-631c-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 09:29:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7ntdll.dll6.1.7601.18247521ea8e7c0000374000ce7532b1401cff727264bed3cC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll6f0d29e7-631a-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 08:06:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c0000005000223e0192001cff71a9c5c808cC:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\ntdll.dllda44f5db-630e-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 04:33:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753202001cff6fda9d0e826C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll0b1a9fd2-62f1-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 01:46:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.1.7600.163854a5bc6b7unknown0.0.0.000000000c0000005001f01e29c401cff6e67eac26a0C:\Windows\syswow64\dllhost.exeunknownbecf7e29-62d9-11e4-82eb-902b3459ddb8
 
Error: (11/02/2014 11:55:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.1.7600.163854a5bc6b7unknown0.0.0.000000000c0000005001d01e21d4401cff6d6e4f52b08C:\Windows\syswow64\dllhost.exeunknown23c41dca-62ca-11e4-82eb-902b3459ddb8
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3820 CPU @ 3.60GHz
Percentage of memory in use: 16%
Total physical RAM: 8141 MB
Available physical RAM: 6792.67 MB
Total Pagefile: 16280.19 MB
Available Pagefile: 13342.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:119.24 GB) (Free:24.86 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:931.41 GB) (Free:624.02 GB) NTFS
Drive f: (WD SmartWare) (CDROM) (Total:0.43 GB) (Free:0 GB) UDF
Drive g: (My Book) (Fixed) (Total:930.86 GB) (Free:505.18 GB) NTFS
Drive i: () (Removable) (Total:14.91 GB) (Free:12.71 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C339D386)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: C339D3FE)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 14.9 GB) (Disk ID: 169A5D28)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)
 
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 0002AE3F)
Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Edited by vallen_chance, 08 November 2014 - 03:02 PM.


#8 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:56 PM

Posted 08 November 2014 - 04:45 PM

 

I was much more concerned of the security breach than any drop in performance, lol. So am I free to run my usual antiviral software?

 

Hi,

 

Yes, that was my goal as well - removing the malware from your computer. :)

 

Yes, feel free to run your antivirus software.

 

The infection seems to be removed.

 

However if you don't mind, I want to make sure there is nothing lurking on the system so just in case I want you to go through these steps:

 

 

STEP 1

 

 

Please download Malwarebytes Anti-Malware 2.0.3.1025 Final to your desktop.
 

  • Double-click mbam-setup-2.0.3.1025.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may see this message box.
    • 'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

STEP 2

 

 

Also I'd like us to scan your machine with ESET OnlineScan

 

  • Please download and the run exe from the link below:
    ESET OnlineScan
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check the option beside: Enable detection of potentially unwanted applications
  • Now click on Advanced Settings and make sure that the option Remove found threats is NOT checked, and select the following:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
    • Click on the Change button and select only Operating memory and drive C:\

aJ6m33V.png

 

  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png

 

Let me know for any remaining issues.

 

 

Also, is there anything I should start doing to make sure this doesn't happen again? (Obviously I won't be trying to watch "The Walking Dead" online again, haha, I think thats how I got the virus. I'll have to see if I can barrow a copy of the series from someone).

 

Well, you can read more about Poweliks here. Since Poweliks is well known to spread via exploits for MS Office make sure to keep your installed software up-to-date and avoid downloading e-mail attachments from unknown senders. I'll give you more recommendations at the end of the cleaning process. :)

 

 

Regards,

Georgi


cXfZ4wS.png


#9 vallen_chance

vallen_chance
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:01:56 PM

Posted 09 November 2014 - 12:12 AM

I've noticed in the task manager that there is one dlhostexe. com surrogate that blinks in and out of existance, is that normal?

 

Malwarebytes didn't find anything, and there was only one potential threat found by eset, here is the log:

 

C:\Users\josh\Desktop\security\ccsetup404.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application


#10 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:56 PM

Posted 09 November 2014 - 06:25 AM

Hello,

 

Thanks for the logs. Both logs are clean. :)

Having instances of dllhost.exe is completely normal (if the system is not infected with Poweliks of course). :)

However to be on the safe side I want you to go through these steps as well

 

 

STEP 1

 

logo.png
Please download Powelikscleaner (by ESET) and save it to your Desktop.

  • Double-click ESETPoweliksCleaner.exe to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

1.png
2.png

 

 

 

STEP 2

 

 

  • Please download RogueKillerX64.exe and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt
  • Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 3

 

 

1.Please download HitmanPro.

  • For 32-bit Operating System - dEMD6.gif.
  • This is the mirror - dEMD6.gif
  • For 64-bit Operating System - dEMD6.gif
  • This is the mirror - dEMD6.gif

2.Launch the program by double clicking on the 5vo5F.jpg icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

Note: If the program won't run please then open the program while holding down the left CTRL key until the program is loaded.

3.Click on the next button. You must agree with the terms of EULA. (if asked)

4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

5.Click on the next button.

6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
 
8.Click on the next button.

9.Click on the "Save Log" button.

10.Save that file to your desktop and post the content of that file in your next reply.
 
Note: if there isn't a dropdown menu when the scan is done then please don't delete anything and close HitmanPro

Navigate to C:\ProgramData\HitmanPro\Logs open the report and copy and paste it to your next reply.

 

 

 

Regards,

Georgi


cXfZ4wS.png


#11 vallen_chance

vallen_chance
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:01:56 PM

Posted 09 November 2014 - 06:56 PM

[2014.11.09 15:13:57.061] - Begin
[2014.11.09 15:13:57.061] - 
[2014.11.09 15:13:57.061] -     ....................................
[2014.11.09 15:13:57.061] -   ..::::::::::::::::::....................
[2014.11.09 15:13:57.061] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2014.11.09 15:13:57.061] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.1
[2014.11.09 15:13:57.061] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Oct 15 2014
[2014.11.09 15:13:57.061] -  .::EE:::::::::::::SS:.EE..........TT......
[2014.11.09 15:13:57.061] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2014.11.09 15:13:57.061] -   ..::::::::::::::::::....................    1992-2013. All rights reserved.
[2014.11.09 15:13:57.061] -     ....................................
[2014.11.09 15:13:57.061] - 
[2014.11.09 15:13:57.061] - --------------------------------------------------------------------------------
[2014.11.09 15:13:57.061] - 
[2014.11.09 15:13:57.061] - INFO: OS: 6.1.7601 SP1
[2014.11.09 15:13:57.061] - INFO: Product Type: Workstation
[2014.11.09 15:13:57.061] - INFO: WoW64: True
[2014.11.09 15:13:57.061] - INFO: Machine guid: 8ECFD822-6000-4791-AD0F-5BA6793F911C 
[2014.11.09 15:13:57.061] - 
[2014.11.09 15:13:58.761] - INFO: Scanning for system infection...
[2014.11.09 15:13:58.761] - --------------------------------------------------------------------------------
[2014.11.09 15:13:58.761] - 
[2014.11.09 15:13:58.761] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.09 15:13:58.761] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.09 15:13:58.761] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.09 15:13:58.761] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.09 15:13:58.761] - INFO: Processing classes...
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0000002F-0000-0000-C000-000000000046}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{00020420-0000-0000-C000-000000000046}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{00020421-0000-0000-C000-000000000046}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{00020422-0000-0000-C000-000000000046}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{00020423-0000-0000-C000-000000000046}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{00020424-0000-0000-C000-000000000046}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{00020425-0000-0000-C000-000000000046}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0002E005-0000-0000-C000-000000000046}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.761] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.771] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.781] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.791] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBC}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.11.09 15:13:58.801] - INFO: Processing clsid [\Registry\User\S-1-5-21-3254576318-3639862535-4154343160-1000\SOFTWARE\Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}]
[2014.11.09 15:13:58.801] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.09 15:13:58.801] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.09 15:13:58.801] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.09 15:13:58.801] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.09 15:13:58.801] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.09 15:13:58.801] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.09 15:13:58.801] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.09 15:13:58.801] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.09 15:13:58.801] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.09 15:13:58.801] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.09 15:13:58.801] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.09 15:13:58.801] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.09 15:13:58.801] - INFO: Win32/Poweliks not found
[2014.11.09 15:14:31.043] - End


#12 vallen_chance

vallen_chance
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:01:56 PM

Posted 09 November 2014 - 06:59 PM

http://pastebin.com/Wcc702NV


HitmanPro 3.7.9.232
www.hitmanpro.com
 
   Computer name . . . . : JOSH-PC
   Windows . . . . . . . : 6.1.1.7601.X64/8
   User name . . . . . . : josh-PC\josh
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2014-11-09 15:54:06
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 8s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 50
 
   Objects scanned . . . : 1,686,613
   Files scanned . . . . : 44,002
   Remnants scanned  . . : 638,657 files / 1,003,954 keys
 
Suspicious files ____________________________________________________________
 
   C:\Users\josh\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2,114,560 bytes
      Age  . . . . . . . : 7.1 days (2014-11-02 13:55:38)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : C3D38BE8C0CEE5862472EC7449D3457C46591C186BC1B1426DE3A41F3B8BDDAE
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -19.7s C:\Users\josh\AppData\Local\Temp\2a80\
         -19.7s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Local\Microsoft\Windows\Temporary Internet Files\
         -19.7s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Local\
         -19.7s C:\Users\josh\AppData\Local\Temp\2a80\AppData\
         -19.7s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Local\Microsoft\
         -19.7s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Local\Microsoft\Windows\
         -19.4s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
         -19.4s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\
         -19.4s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Microsoft\Windows\
         -19.4s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Microsoft\
         -19.4s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Microsoft\Windows\Cookies\
         -19.4s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Local\Microsoft\Windows\History\
         -19.4s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Local\Microsoft\Windows\History\History.IE5\
         -19.4s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Microsoft\Windows\IECompatCache\
         -19.4s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Microsoft\Windows\DNTException\
         -15.4s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3D57G3FQ\
          0.0s C:\Users\josh\Desktop\FRST-OlderVersion\FRST64.exe
          1.0s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Adobe\
          1.0s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Adobe\Flash Player\
          1.0s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Adobe\Flash Player\AssetCache\KUY3JBCU\
          1.0s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Adobe\Flash Player\AssetCache\
          4.3s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Macromedia\Flash Player\
          4.3s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Macromedia\
          4.3s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\
          4.3s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\S8JJ8YR3\
          4.3s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\
          4.3s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\
          4.3s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Macromedia\Flash Player\macromedia.com\
          4.3s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\
         21.3s C:\Users\josh\AppData\Local\Temp\289c\
         21.4s C:\Users\josh\AppData\Local\Temp\289c\AppData\Local\
         21.4s C:\Users\josh\AppData\Local\Temp\289c\AppData\
         21.4s C:\Users\josh\AppData\Local\Temp\289c\AppData\Local\Microsoft\Windows\
         21.4s C:\Users\josh\AppData\Local\Temp\289c\AppData\Local\Microsoft\Windows\Temporary Internet Files\
         21.4s C:\Users\josh\AppData\Local\Temp\289c\AppData\Local\Microsoft\
         21.7s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\
         21.7s C:\Users\josh\AppData\Local\Temp\289c\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
         21.7s C:\Users\josh\AppData\Local\Temp\289c\AppData\Local\Microsoft\Windows\History\
         21.7s C:\Users\josh\AppData\Local\Temp\289c\AppData\Local\Microsoft\Windows\History\History.IE5\
         21.7s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\Microsoft\Windows\
         21.7s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\Microsoft\
         21.7s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\Microsoft\Windows\Cookies\
         21.7s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\Microsoft\Windows\IECompatCache\
         21.7s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\Microsoft\Windows\DNTException\
         26.4s C:\Users\josh\AppData\Local\Temp\289c\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3D57G3FQ\
         30.3s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\Adobe\
         30.3s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\Adobe\Flash Player\AssetCache\
         30.3s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\Adobe\Flash Player\
         30.3s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\Adobe\Flash Player\
         30.3s C:\Users\josh\AppData\Local\Temp\289c\AppData\Roaming\Adobe\Flash Player\AssetCache\3WX5KW4S\
         45.6s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Local\Microsoft\Internet Explorer\
         45.6s C:\Users\josh\AppData\Local\Temp\2a80\AppData\Local\Microsoft\Internet Explorer\DOMStore\
         45.8s C:\Users\josh\AppData\Local\Temp\210c\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#software.hiro.tv\
         45.8s C:\Users\josh\AppData\Local\Temp\210c\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SQKLPCRU\software.hiro.tv\
         59.4s C:\Users\josh\AppData\Local\Temp\2b54\
         59.4s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Local\Microsoft\Windows\Temporary Internet Files\
         59.4s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Local\
         59.4s C:\Users\josh\AppData\Local\Temp\2b54\AppData\
         59.4s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Local\Microsoft\
         59.4s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Local\Microsoft\Windows\
         59.8s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Roaming\Microsoft\Windows\
         59.8s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Roaming\Microsoft\Windows\Cookies\
         59.8s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
         59.8s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Roaming\
         59.8s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Roaming\Microsoft\
         59.8s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Local\Microsoft\Windows\History\
         59.8s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Local\Microsoft\Windows\History\History.IE5\
         59.8s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Local\Microsoft\Windows\History\History.IE5\
         59.8s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Roaming\Microsoft\Windows\IECompatCache\
         59.8s C:\Users\josh\AppData\Local\Temp\2b54\AppData\Roaming\Microsoft\Windows\DNTException\
 
   C:\Users\josh\Desktop\FRST64.exe
      Size . . . . . . . : 2,115,584 bytes
      Age  . . . . . . . : 1.2 days (2014-11-08 11:52:23)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 104A90822CA658A55379DCCBDC9CDBD6C9AC8AEDF4C0045A2C87086CA0B60B19
      Needs elevation  . : Yes
      Source URL . . . . : hxxp://download.bleepingcomputer.com/dl/6f908717e3aa6fa9598a71f4023ac170/545e7482/windows/security/security-utilities/f/farbar-recovery-scan-tool/64/FRST64.exe
      Fuzzy  . . . . . . : 27.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         The file is downloaded from the Internet to this computer.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -0.6s C:\Users\josh\AppData\Roaming\Microsoft\Windows\Cookies\EI65QNRP.txt
         -0.6s C:\Users\josh\AppData\Roaming\Microsoft\Windows\Cookies\A6X4GJ31.txt
         -0.6s C:\Users\josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3D57G3FQ\82[1].htm
          0.0s C:\Users\josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4CG3KWSC\FRST64[1].exe
          0.0s C:\Users\josh\Desktop\FRST64.exe
 
 
Potential Unwanted Programs _________________________________________________
 
   ask.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Web Data
 
   HKLM\SOFTWARE\Classes\s\ (Softonic)
   HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\Software\Conduit\ (Conduit)
   HKU\S-1-5-21-3254576318-3639862535-4154343160-1001\Software\Conduit\ (Conduit)
 
Cookies _____________________________________________________________________
 
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:247realmedia.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:adlegend.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ad-center.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adk2.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.servebom.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserve.scubaboard.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleadservices.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:network.realmedia.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:pointroll.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.cpmstar.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.adotube.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:superpagesdexknowsprod.122.2o7.net
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
 
 


#13 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:56 PM

Posted 10 November 2014 - 05:08 AM

Hi,

 

The logs are clean. We can remove 3 orphaned keys of Potentially Unwanted Applications:

 

 

STEP 1

 

 

Please download the following file => and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

 

STEP 2

 

Although the logs are clean to be on the safe side I want you go through the steps below:

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
     
  • Put a checkmark beside loaded modules.
    Sbf88.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
     
  • Click the Start Scan button.
     
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
     
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 3

 

 

emsisoft_emergency_kit.pnglogo.png

  • Download EmsisoftEmergencyKit, run the exe and extract the content in a folder of your choice like (C:\EEK) by clicking the Extract button.
  • Double-click the desktop-shortcut called Start Emsisoft Emergency Kit to start the tool.
  • Click on the "Yes" button when asked to obtain the latest malware definitions.
  • Once the update is complete click "Scan".
  • Click on the "Yes" button when asked to enable the scan for Potentially Unwanted Applications.
  • Next click on the Full Scan. When the scan complete, click on the View Report button. (and don't quarantine anything yet, until the log is reviewed)!!!
  • Please copy and paste the content of the report in your next reply. :)

 

Also let me know how are things now.

 

 

Regards,

Georgi


cXfZ4wS.png


#14 vallen_chance

vallen_chance
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:01:56 PM

Posted 11 November 2014 - 07:51 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2014
Ran by josh at 2014-11-11 16:50:03 Run:2
Running from C:\Users\josh\Desktop
Loaded Profiles: josh & UpdatusUser & Guest (Available profiles: josh & UpdatusUser & Guest)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
DeleteKey: HKLM\SOFTWARE\Classes\s
DeleteKey: HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\Software\Conduit
DeleteKey: HKU\S-1-5-21-3254576318-3639862535-4154343160-1001\Software\Conduit
end
*****************
 
HKLM\SOFTWARE\Classes\s => Key Deleted successfully.
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\Software\Conduit => Failed to delete key at first attempt (Error: C0000121), see next line.
HKU\S-1-5-21-3254576318-3639862535-4154343160-1000\Software\Conduit => Key Deleted Successfully.
HKU\S-1-5-21-3254576318-3639862535-4154343160-1001\Software\Conduit => Failed to delete key at first attempt (Error: C0000121), see next line.
HKU\S-1-5-21-3254576318-3639862535-4154343160-1001\Software\Conduit => Key Deleted Successfully.
 
==== End of Fixlog ====


#15 vallen_chance

vallen_chance
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:01:56 PM

Posted 11 November 2014 - 08:02 PM

http://pastebin.com/f9ERGuHi

 

http://pastebin.com/XJrEKANN






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users