Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I have " dllhost.exe*32 Com Surrogate "


  • This topic is locked This topic is locked
24 replies to this topic

#1 bfogg

bfogg

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 15 November 2014 - 12:58 PM

I was referred here by Norton community thread.

I have Norton 360, running Windows Vista 64bit

High CPU useage messages from Norton, multiple dllhost.exe*32 processes running currently

Thank you in advance for any help you can offer!

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16592
Run by jill at 9:44:34 on 2014-11-15
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.4094.1241 [GMT -8:00]
.
AV: Norton 360 *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton 360 *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\WINDOWS\RAVCpl64.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\syswow64\dllhost.exe
C:\hp\kbd\kbd.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
mStart Page = hxxp://search.privitize.com/?aff=7
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
mWinlogon: Userinit = C:\Windows\System32\userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] C:\HP\KBD\KbdStub.EXE
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mExplorerRun: [{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}] "C:\ProgramData\Microsoft\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3CEC88DF-43EC-4DA2-85B5-181FC1F03D89} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{7ACBCF8F-CE7D-46A9-9FCC-052619B4D584} : DHCPNameServer = 192.168.254.254
AppInit_DLLs=   
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
x64-mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide
x64-Run: [RtHDVCpl] RAVCpl64.exe
x64-Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
x64-Run: [IAAnotif] "C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-ExplorerRun: [{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}] "C:\ProgramData\Microsoft\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}.exe"
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\jill\AppData\Roaming\Mozilla\Firefox\Profiles\u5whs6y5.default\
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2014-3-16 56208]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2013-5-15 25312]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1506000.020\symds64.sys [2014-11-11 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1506000.020\symefa64.sys [2014-11-11 1148120]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\BASHDefs\20141107.001\BHDrvx64.sys [2014-11-7 1587416]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1506000.020\ccsetx64.sys [2014-11-11 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\IPSDefs\20141114.001\IDSviA64.sys [2014-11-14 633560]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1506000.020\ironx64.sys [2014-11-11 266968]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\System32\drivers\N360x64\1506000.020\symtdiv.sys [2014-11-11 510168]
R1 tStLibG64;tStLibG64;C:\Windows\System32\drivers\tStLibG64.sys [2014-4-7 60096]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe [2014-11-11 265040]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]
R2 WSWNA3100;WSWNA3100;C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [2013-5-15 307928]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2013-5-15 1229568]
R3 CAXHWBS3;CAXHWBS3;C:\Windows\System32\drivers\CAXHWBS3.sys [2008-5-25 286208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-11-11 142640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-5 1038088]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-6-10 31744]
S3 HtcVCom32;HTC Diagnostic Port;C:\Windows\System32\drivers\HtcVComV64.sys [2010-3-8 121800]
S3 Httpmd;Httpmd;C:\Windows\System32\drivers\adfs.sys [2008-6-27 88632]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
S3 NPF;Netgroup Packet Filter;C:\Windows\System32\drivers\npf.sys [2013-5-15 47632]
S3 PerfHost;Performance Counter DLL Host;C:\WINDOWS\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-9-11 1012344]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2014-8-14 90776]
.
=============== File Associations ===============
.
FileExt: .js: jsfile=C:\Windows\SysWOW64\WScript.exe "%1" %*
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
2014-11-14 07:17:48    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-14 07:17:48    701104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-13 02:27:29    103374192    ----a-w-    C:\Windows\System32\mrt.exe
2014-11-12 02:28:55    177752    ----a-w-    C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2014-11-09 18:35:25    205312    ----a-w-    C:\Users\jill\AppData\Roaming\72fb226.exe
2014-10-28 13:34:58    275080    ------w-    C:\Windows\System32\MpSigStub.exe
2014-10-27 20:32:45    17870336    ----a-w-    C:\Windows\System32\mshtml.dll
2014-10-27 20:13:57    2339840    ----a-w-    C:\Windows\System32\jscript9.dll
2014-10-27 20:12:24    10921472    ----a-w-    C:\Windows\System32\ieframe.dll
2014-10-27 20:07:15    1388032    ----a-w-    C:\Windows\System32\urlmon.dll
2014-10-27 20:06:55    1392128    ----a-w-    C:\Windows\System32\wininet.dll
2014-10-27 20:05:41    1494016    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-10-27 20:05:26    237056    ----a-w-    C:\Windows\System32\url.dll
2014-10-27 20:05:13    86016    ----a-w-    C:\Windows\System32\jsproxy.dll
2014-10-27 20:04:52    173056    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-10-27 20:04:38    2157056    ----a-w-    C:\Windows\System32\iertutil.dll
2014-10-27 20:04:37    599040    ----a-w-    C:\Windows\System32\vbscript.dll
2014-10-27 20:04:29    816640    ----a-w-    C:\Windows\System32\jscript.dll
2014-10-27 20:04:26    729088    ----a-w-    C:\Windows\System32\msfeeds.dll
2014-10-27 20:04:09    453120    ----a-w-    C:\Windows\System32\dxtmsft.dll
2014-10-27 20:03:59    282112    ----a-w-    C:\Windows\System32\dxtrans.dll
2014-10-27 20:03:57    55296    ----a-w-    C:\Windows\System32\msfeedsbs.dll
2014-10-27 20:03:54    11264    ----a-w-    C:\Windows\System32\msfeedssync.exe
2014-10-27 20:03:41    96768    ----a-w-    C:\Windows\System32\mshtmled.dll
2014-10-27 20:03:30    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-10-27 20:03:21    12800    ----a-w-    C:\Windows\System32\mshta.exe
2014-10-27 20:03:05    248320    ----a-w-    C:\Windows\System32\ieui.dll
2014-10-27 19:10:22    12366848    ----a-w-    C:\Windows\SysWow64\mshtml.dll
2014-10-27 19:05:44    1810944    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-10-27 19:02:37    9739776    ----a-w-    C:\Windows\SysWow64\ieframe.dll
2014-10-27 18:59:41    1139712    ----a-w-    C:\Windows\SysWow64\urlmon.dll
2014-10-27 18:59:06    1129472    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-10-27 18:58:19    1427968    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-10-27 18:57:36    231936    ----a-w-    C:\Windows\SysWow64\url.dll
2014-10-27 18:57:18    65536    ----a-w-    C:\Windows\SysWow64\jsproxy.dll
2014-10-27 18:56:58    142848    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-10-27 18:56:40    421376    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-10-27 18:56:15    717824    ----a-w-    C:\Windows\SysWow64\jscript.dll
2014-10-27 18:56:10    607744    ----a-w-    C:\Windows\SysWow64\msfeeds.dll
2014-10-27 18:56:08    1802752    ----a-w-    C:\Windows\SysWow64\iertutil.dll
2014-10-27 18:55:50    41472    ----a-w-    C:\Windows\SysWow64\msfeedsbs.dll
2014-10-27 18:55:44    353792    ----a-w-    C:\Windows\SysWow64\dxtmsft.dll
2014-10-27 18:55:39    223232    ----a-w-    C:\Windows\SysWow64\dxtrans.dll
2014-10-27 18:55:32    10752    ----a-w-    C:\Windows\SysWow64\msfeedssync.exe
2014-10-27 18:55:28    73216    ----a-w-    C:\Windows\SysWow64\mshtmled.dll
2014-10-27 18:55:20    2382848    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-10-27 18:55:17    11776    ----a-w-    C:\Windows\SysWow64\mshta.exe
2014-10-27 18:54:43    176640    ----a-w-    C:\Windows\SysWow64\ieui.dll
2014-10-24 01:04:29    67072    ----a-w-    C:\Windows\SysWow64\packager.dll
2014-10-24 00:39:49    77312    ----a-w-    C:\Windows\System32\packager.dll
2014-10-18 01:08:10    564224    ----a-w-    C:\Windows\SysWow64\oleaut32.dll
2014-10-18 00:46:22    847360    ----a-w-    C:\Windows\System32\oleaut32.dll
2014-10-12 23:52:40    2782208    ----a-w-    C:\Windows\System32\win32k.sys
2014-10-10 01:10:24    548352    ----a-w-    C:\Windows\System32\termsrv.dll
2014-10-10 01:09:30    146432    ----a-w-    C:\Windows\System32\msaudite.dll
2014-10-10 01:09:23    1689600    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-10-10 01:01:46    77312    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-10-10 01:00:34    146432    ----a-w-    C:\Windows\SysWow64\msaudite.dll
2014-10-09 23:53:20    619520    ----a-w-    C:\Windows\System32\adtschema.dll
2014-10-09 23:22:16    619520    ----a-w-    C:\Windows\SysWow64\adtschema.dll
2014-10-03 01:18:20    274432    ----a-w-    C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:17:16    396800    ----a-w-    C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:17:16    115712    ----a-w-    C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:03:12    313344    ----a-w-    C:\Windows\System32\AUDIOKSE.dll
2014-10-03 01:02:20    201728    ----a-w-    C:\Windows\System32\EncDump.dll
2014-10-03 01:01:59    474624    ----a-w-    C:\Windows\System32\AudioEng.dll
2014-10-03 01:01:59    446976    ----a-w-    C:\Windows\System32\audiosrv.dll
2014-10-02 23:49:01    88576    ----a-w-    C:\Windows\SysWow64\audiodg.exe
2014-09-19 00:50:45    278528    ----a-w-    C:\Windows\SysWow64\schannel.dll
2014-09-19 00:45:00    347136    ----a-w-    C:\Windows\System32\schannel.dll
2014-09-09 06:40:37    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-09-09 06:24:46    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-09-04 23:38:10    198656    ----a-w-    C:\Windows\System32\drivers\fastfat.sys
2014-08-27 00:55:39    2048    ----a-w-    C:\Windows\SysWow64\msxml3r.dll
2014-08-27 00:55:39    1249280    ----a-w-    C:\Windows\SysWow64\msxml3.dll
2014-08-27 00:41:56    2048    ----a-w-    C:\Windows\System32\msxml3r.dll
2014-08-27 00:41:56    1869824    ----a-w-    C:\Windows\System32\msxml3.dll
2014-08-26 02:20:22    876248    ----a-w-    C:\Windows\System32\drivers\N360x64\1506000.020\srtsp64.sys
2014-08-26 02:20:22    37592    ----a-w-    C:\Windows\System32\drivers\N360x64\1506000.020\srtspx64.sys
2014-08-23 01:05:12    304128    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:42:45    390144    ----a-w-    C:\Windows\System32\gdi32.dll
.
============= FINISH:  9:46:03.93 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:20 AM

Posted 15 November 2014 - 01:22 PM

Hello bfogg,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

1.

[color=#0000ff][u][b]Step 1[/b][/u][/color]
[img=http://deeprybka.trojaner-board.de/tools/poweliks/logo.png]
Please download [url=http://download.eset.com/special/ESETPoweliksCleaner.exe]Powelikscleaner[/url] (by ESET) and save it to your Desktop.
[LIST]
[*]Double-click [b]ESETPoweliksCleaner.exe[/b] to start the tool.[/*]
[*]Read the terms of the End-user license agreement and click Agree if you agree to them.[/*]
[*]The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.[/*]
[*]If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.[/*]
[*]The tool will produce a log in the same directory the tool was run from.[/*]
[*]Please copy and paste the log in your next reply.[/*]
[/LIST]
1.png
2.png

 

2.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 

 

3.

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 bfogg

bfogg
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 15 November 2014 - 02:23 PM

Unable to download Powelikscleaner,  can you re-send the link?

Downloaded Farbar, scan completed, txt documents attached.

   Thanks!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by jill (administrator) on JILL-PC on 15-11-2014 11:14:12
Running from C:\Users\jill\Downloads
Loaded Profiles: jill & UpdatusUser (Available profiles: jill & UpdatusUser)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio64.exe
(Realtek Semiconductor) C:\WINDOWS\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\LogonUI.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6150656 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [HP Health Check Scheduler] => [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\...\Run: [IAAnotif] => C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-07-12] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Symantec <====== ATTENTION
HKLM\...\Policies\Explorer\Run: [{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}] => "C:\ProgramData\Microsoft\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}.exe" No File
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [HPAdvisor] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972128 2008-04-14] (Hewlett-Packard)
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\MountPoints2: {6fec9f02-342e-11e2-b28d-001fc6dbc23b} - "K:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
HKU\S-1-5-21-990177128-1127024516-1010214106-1002\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-990177128-1127024516-1010214106-1002\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972128 2008-04-14] (Hewlett-Packard)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com/?aff=7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM - {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM-x32 - DefaultScope {4FC7068D-63FD-4485-B214-F9463490ED73} URL =
SearchScopes: HKLM-x32 - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 - {B2591459-7128-4750-98C7-399EF2F2A079} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKCU - BA2E9DBDB38E46799F5CF7A52C5A9116 URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.privitize.com/?aff=7&q={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\jill\AppData\Roaming\Mozilla\Firefox\Profiles\u5whs6y5.default
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-990177128-1127024516-1010214106-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF Extension: MPEG Video Encoder Property Page: MPEG2 settings - C:\Users\jill\AppData\Roaming\Mozilla\Firefox\Profiles\u5whs6y5.default\Extensions\{89799DF6-A4B7-D19B-6513-B6325A76D7EA} [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-26]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.5.0.19\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.5.0.19\coFFPlgn [2014-11-15]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (MPEG Video Encoder Property Page: MPEG2 settings) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-11-07]
CHR Extension: (Zoomex) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\anlobjdjpgngnphahhmgdjgdlldhmalm [2012-12-05]
CHR Extension: (YouTube) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-05]
CHR Extension: (Google Search) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-05]
CHR Extension: (Google Wallet) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Gmail) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [anlobjdjpgngnphahhmgdjgdlldhmalm] - C:\ProgramData\Zoomex\anlobjdjpgngnphahhmgdjgdlldhmalm.crx [2012-12-04]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-12-03] () [File not signed]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-03-14] (Hewlett-Packard) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\BASHDefs\20141107.001\BHDrvx64.sys [1587416 2014-11-07] (Symantec Corporation)
R3 CAXHWBS3; C:\Windows\System32\DRIVERS\CAXHWBS3.sys [286208 2008-02-12] (Conexant Systems, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-08-26] (Symantec Corporation)
R3 HSF_DP; C:\Windows\System32\DRIVERS\CAX_DP.sys [1481216 2008-02-12] (Conexant Systems, Inc.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
S3 Httpmd; C:\Windows\system32\drivers\adfs.sys [88632 2008-06-27] (Adobe Systems, Inc.)
S3 Httpmd; C:\Windows\SysWOW64\drivers\adfs.sys [74720 2008-08-14] (Adobe Systems, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\IPSDefs\20141114.001\IDSvia64.sys [633560 2014-11-11] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\VirusDefs\20141114.017\ENG64.SYS [129752 2014-08-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\VirusDefs\20141114.017\EX64.SYS [2137304 2014-08-11] (Symantec Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2014-07-22] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-07-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMTDIV.SYS [510168 2014-07-22] (Symantec Corporation)
R1 tStLibG64; C:\Windows\System32\drivers\tStLibG64.sys [60096 2014-04-07] (StdLib)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 11:14 - 2014-11-15 11:14 - 00024223 _____ () C:\Users\jill\Downloads\FRST.txt
2014-11-15 11:13 - 2014-11-15 11:14 - 00000000 ____D () C:\FRST
2014-11-15 11:13 - 2014-11-15 11:13 - 02116608 _____ (Farbar) C:\Users\jill\Downloads\frst64.exe
2014-11-15 09:46 - 2014-11-15 09:49 - 00021189 _____ () C:\Users\jill\Desktop\dds.txt
2014-11-15 09:46 - 2014-11-15 09:46 - 00007967 _____ () C:\Users\jill\Desktop\attach.txt
2014-11-15 09:41 - 2014-11-15 09:42 - 00688992 ____R (Swearware) C:\Users\jill\Desktop\dds.com
2014-11-14 15:12 - 2014-11-14 15:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-12 19:19 - 2014-10-12 15:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 19:17 - 2014-09-18 16:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 19:17 - 2014-09-18 16:45 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 19:11 - 2014-08-11 18:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 19:11 - 2014-08-11 18:11 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 19:09 - 2014-10-09 17:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 19:09 - 2014-10-09 17:09 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 19:09 - 2014-10-09 17:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 19:09 - 2014-10-09 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 19:09 - 2014-10-09 17:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 19:09 - 2014-10-09 15:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 19:09 - 2014-10-09 15:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 19:08 - 2014-10-17 17:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 19:08 - 2014-10-17 16:46 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 19:07 - 2014-10-02 17:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 19:07 - 2014-10-02 17:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 19:07 - 2014-10-02 17:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 19:07 - 2014-10-02 17:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 19:07 - 2014-10-02 17:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 19:07 - 2014-10-02 17:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 19:07 - 2014-10-02 17:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 19:07 - 2014-10-02 15:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2014-11-12 18:26 - 2014-10-23 17:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 18:26 - 2014-10-23 16:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 18:24 - 2014-08-26 16:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 18:24 - 2014-08-26 16:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 18:24 - 2014-08-26 16:41 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 18:24 - 2014-08-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 22:27 - 2014-11-11 22:27 - 00000000 ____D () C:\NPE
2014-11-11 22:23 - 2014-11-11 22:42 - 00000000 ____D () C:\Users\jill\AppData\Local\NPE
2014-11-11 19:18 - 2014-10-27 12:32 - 17870336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:18 - 2014-10-27 12:13 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:18 - 2014-10-27 12:12 - 10921472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:18 - 2014-10-27 12:07 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:18 - 2014-10-27 12:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:18 - 2014-10-27 12:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:18 - 2014-10-27 12:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-11 19:18 - 2014-10-27 12:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:18 - 2014-10-27 12:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:18 - 2014-10-27 12:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-11 19:18 - 2014-10-27 12:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-11 19:18 - 2014-10-27 11:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:18 - 2014-10-27 11:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:18 - 2014-10-27 11:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:18 - 2014-10-27 10:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:18 - 2014-10-27 10:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:18 - 2014-10-27 10:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:18 - 2014-10-27 10:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-11 19:18 - 2014-10-27 10:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:18 - 2014-10-27 10:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:18 - 2014-10-27 10:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-11 19:18 - 2014-10-27 10:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-11 19:18 - 2014-10-27 10:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:07 - 2014-11-11 19:07 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-11-11 18:28 - 2014-11-11 19:01 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-11-11 18:28 - 2014-11-11 19:01 - 00002139 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-11-11 18:28 - 2014-11-11 18:28 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-11-11 18:28 - 2014-11-11 18:28 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-11-11 18:27 - 2014-11-11 19:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-11-11 18:27 - 2014-11-11 19:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-11-11 18:27 - 2014-11-11 18:27 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-11-10 20:43 - 2014-11-10 20:43 - 00000000 ____D () C:\ProgramData\KakxEbiro
2014-11-10 20:43 - 2014-11-10 20:43 - 00000000 ____D () C:\ProgramData\GaraXuhsu
2014-11-09 21:08 - 2014-11-09 21:08 - 00000000 ____D () C:\ProgramData\LiceFdux
2014-11-09 21:07 - 2014-11-09 21:07 - 00023552 _____ () C:\Users\jill\AppData\Local\ucilluo.dll
2014-11-09 14:26 - 2014-11-09 14:26 - 00000000 ____D () C:\ProgramData\PCSettings
2014-11-09 12:09 - 2014-11-11 22:23 - 00000000 ____D () C:\ProgramData\Norton
2014-11-09 12:09 - 2014-11-11 18:35 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-11-09 12:09 - 2014-11-10 19:17 - 00000836 _____ () C:\Users\jill\Desktop\Norton Installation Files.lnk
2014-11-09 12:09 - 2014-11-09 12:09 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-11-09 12:06 - 2014-11-09 12:07 - 01021856 _____ (Symantec Corporation) C:\Users\jill\Downloads\NortonN360Downloader.exe
2014-11-09 10:43 - 2014-11-11 18:58 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Ruwicuz
2014-11-09 10:39 - 2014-11-11 18:58 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Uqguiply
2014-11-09 10:36 - 2014-11-09 10:36 - 00008516 _____ () C:\Users\jill\AppData\Roaming\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:36 - 2014-11-09 10:36 - 00008516 _____ () C:\Users\jill\AppData\Local\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:36 - 2014-11-09 10:36 - 00008516 _____ () C:\Users\jill\AppData\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:36 - 2014-11-09 10:36 - 00004198 _____ () C:\Users\jill\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:36 - 2014-11-09 10:36 - 00004198 _____ () C:\Users\jill\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:36 - 2014-11-09 10:36 - 00004198 _____ () C:\Users\jill\AppData\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:36 - 2014-11-09 10:36 - 00000268 _____ () C:\Users\jill\AppData\Roaming\DECRYPT_INSTRUCTION.URL
2014-11-09 10:36 - 2014-11-09 10:36 - 00000268 _____ () C:\Users\jill\AppData\Local\DECRYPT_INSTRUCTION.URL
2014-11-09 10:36 - 2014-11-09 10:36 - 00000268 _____ () C:\Users\jill\AppData\DECRYPT_INSTRUCTION.URL
2014-11-09 10:35 - 2014-11-09 10:35 - 00205312 _____ () C:\Users\jill\AppData\Roaming\72fb226.exe
2014-11-09 10:35 - 2014-11-09 10:35 - 00008516 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:35 - 2014-11-09 10:35 - 00004198 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:35 - 2014-11-09 10:35 - 00000268 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.URL
2014-11-09 10:35 - 2014-11-09 10:35 - 00000000 ___HD () C:\72fb226
2014-11-08 18:10 - 2014-11-11 18:08 - 00000408 _____ () C:\ProgramData\@system.temp
2014-11-08 18:10 - 2014-11-11 18:08 - 00000144 ____H () C:\ProgramData\@system3.att
2014-11-08 18:10 - 2014-11-08 18:10 - 00000448 ____H () C:\Users\jill\AppData\Roaming\麽鎒駓覜
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\Users\jill\AppData\Roaming\FrameworkUpdate7
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\ProgramData\SarrUzewn
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\ProgramData\KovdiVvibs
2014-11-07 20:55 - 2014-11-09 10:36 - 00000000 ____D () C:\Users\jill\AppData\Local\Uckmedia
2014-11-07 20:54 - 2014-11-07 20:54 - 00000000 ____D () C:\Users\jill\AppData\Local\Ozddics
2014-11-07 20:54 - 2014-11-07 20:54 - 00000000 ____D () C:\ProgramData\WizaWapli
2014-11-06 20:44 - 2014-11-06 20:44 - 00000000 ____D () C:\ProgramData\JupaHzayh
2014-11-06 20:43 - 2014-11-06 20:43 - 00000000 ____D () C:\ProgramData\QukapEthat
2014-11-06 20:13 - 2014-11-13 21:42 - 00000000 ____D () C:\ProgramData\YigiBepam
2014-11-06 20:13 - 2014-11-13 21:42 - 00000000 ____D () C:\ProgramData\PakuQowxe
2014-11-06 20:13 - 2014-11-11 11:53 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-10-16 02:08 - 2014-06-15 14:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 02:08 - 2014-06-15 14:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 02:08 - 2014-06-13 10:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 02:08 - 2014-06-13 10:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 02:08 - 2014-06-13 09:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 02:08 - 2014-06-13 09:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 02:06 - 2014-09-04 15:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 11:15 - 2014-03-25 12:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-15 11:00 - 2012-12-05 22:46 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-15 10:14 - 2006-11-02 04:46 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-15 10:11 - 2012-11-21 14:56 - 01467228 _____ () C:\Windows\WindowsUpdate.log
2014-11-15 10:07 - 2012-12-05 22:46 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 10:07 - 2008-05-25 15:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-15 10:07 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-15 10:07 - 2006-11-02 07:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-15 10:07 - 2006-11-02 07:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-15 10:05 - 2006-11-02 07:42 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-15 07:39 - 2014-03-25 00:20 - 00107048 _____ () C:\Users\jill\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-15 07:38 - 2006-11-02 07:21 - 05021000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-15 07:37 - 2014-04-08 13:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-15 02:00 - 2012-11-21 15:02 - 00000000 ____D () C:\Users\jill\AppData\Local\Adobe
2014-11-13 23:17 - 2014-03-25 12:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-13 23:17 - 2014-03-25 12:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-13 23:17 - 2014-03-25 12:11 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 20:37 - 2006-11-02 05:33 - 00000000 ____D () C:\Windows\rescache
2014-11-12 19:36 - 2008-01-20 19:26 - 00562474 _____ () C:\Windows\PFRO.log
2014-11-12 19:03 - 2013-08-14 02:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 18:27 - 2006-11-02 04:35 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-11 18:28 - 2008-05-25 15:47 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-11-11 09:23 - 2013-02-24 19:42 - 00000000 ____D () C:\Users\jill\Desktop\2012 unedited Spider Meadows
2014-11-11 09:23 - 2013-02-24 19:39 - 00000000 ____D () C:\Users\jill\Desktop\2012 unedited Rainier
2014-11-11 09:12 - 2012-11-21 14:59 - 00000000 ____D () C:\Users\jill
2014-11-11 00:09 - 2013-01-30 20:54 - 00001460 _____ () C:\Users\jill\AppData\Local\d3d9caps64.dat
2014-11-10 07:46 - 2013-01-30 20:56 - 00001356 _____ () C:\Users\jill\AppData\Local\d3d9caps.dat
2014-11-09 14:30 - 2008-05-25 15:47 - 00000000 ____D () C:\ProgramData\Symantec
2014-11-09 10:46 - 2013-10-16 14:16 - 00000000 ____D () C:\Users\jill\Desktop\2012 unedited Ice Lakes 2
2014-11-09 10:43 - 2012-12-30 18:43 - 00000000 ____D () C:\Users\jill\Desktop\2012 Unedited Hikes
2014-11-09 10:38 - 2012-12-30 18:48 - 00000000 ____D () C:\Users\jill\Desktop\2012 Snow Lake Unedited
2014-11-09 10:36 - 2014-04-08 13:44 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Mozilla
2014-11-09 10:36 - 2014-04-08 13:44 - 00000000 ____D () C:\Users\jill\AppData\Local\Mozilla
2014-11-09 10:36 - 2014-02-10 18:48 - 00000000 ____D () C:\Users\jill\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-11-09 10:36 - 2013-06-08 19:38 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Skype
2014-11-09 10:36 - 2013-02-24 20:33 - 00000000 ____D () C:\Users\jill\Desktop\2012 June Hikes
2014-11-09 10:36 - 2013-02-24 19:33 - 00000000 ____D () C:\Users\jill\Desktop\2012 Big Heart Lake
2014-11-09 10:36 - 2013-01-27 19:31 - 00000000 ____D () C:\Users\jill\AppData\Local\PunkBuster
2014-11-09 10:36 - 2012-12-06 23:22 - 00000000 ____D () C:\Users\jill\Desktop\2012 Skyline Divide
2014-11-09 10:36 - 2012-12-05 23:04 - 00000000 ____D () C:\Users\jill\Desktop\2012 Ice Lakes
2014-11-09 10:36 - 2012-12-05 22:46 - 00000000 ____D () C:\Users\jill\AppData\Local\Google
2014-11-09 10:36 - 2012-12-03 09:03 - 00000000 ____D () C:\Users\jill\AppData\Local\Apple Computer
2014-11-09 10:36 - 2012-11-21 16:03 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Adobe
2014-11-09 10:36 - 2012-11-21 15:59 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Hewlett-Packard
2014-11-09 10:35 - 2012-12-06 14:55 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-11-09 10:35 - 2012-12-05 13:26 - 00000000 ____D () C:\ProgramData\Battle.net
2014-11-09 10:35 - 2012-11-21 15:02 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-09 10:35 - 2008-05-25 15:42 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-09 10:35 - 2008-05-25 15:42 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-11-05 15:28 - 2014-08-23 18:12 - 00000000 ____D () C:\Users\jill\Desktop\camera phone
2014-11-02 14:04 - 2006-11-02 07:07 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-28 05:34 - 2012-11-21 15:33 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-20 22:55 - 2012-12-05 22:46 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 22:55 - 2012-12-05 22:46 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-15 10:13

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by jill at 2014-11-15 11:15:15
Running from C:\Users\jill\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.6.0.12 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.2.7 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.1.0.31 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.5 (HKLM-x32\...\DPP) (Version: 3.5.2.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.12.0.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.0.0.3 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.4.2.0 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3/E4 Utility (HKLM-x32\...\WFTK) (Version: 3.3.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.2.1.31 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.0.9 - Canon Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1329 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2726 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.6.13644 - Blizzard Entertainment)
Enhanced Multimedia Keyboard Solution (HKLM-x32\...\KBD) (Version:  - Hewlett-Packard)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HP Customer Experience Enhancements (HKLM-x32\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
HP Demo (HKLM\...\{A7D48BF6-8ED8-4B91-8267-34CDE7807D05}_is1) (Version: HP Demo - Hewlett-Packard)
HP Total Care Advisor (HKLM-x32\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.1.3329.2629 - Hewlett-Packard)
HP Update (HKLM-x32\...\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}) (Version: 4.000.007.003 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.1.0 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM-x32\...\{FA3B34BE-4246-4062-90A3-34CBBEA12B72}) (Version: 1.0.964.2626 - Hewlett-Packard Company)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java™ 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216037FF}) (Version: 6.0.370 - Oracle)
Java™ SE Runtime Environment 6 Update 1 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2529 - CyberLink Corp.)
LightScribe System Software  1.12.37.1 (HKLM-x32\...\{004C5DA2-2051-4D25-94BA-51CF810C91EB}) (Version: 1.12.37.1 - LightScribe)
LightScribeTemplateLabeler (HKLM-x32\...\{305D4B08-5807-4475-B1C8-D54685534864}) (Version: 1.10.23.1 - LightScribe)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
muvee autoProducer 6.1 (HKLM-x32\...\{FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.43 - WildTangent)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PCIe Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.71.00.50 - Conexant Systems)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3917 - CyberLink Corp.)
Python 2.5 (HKLM-x32\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-990177128-1127024516-1010214106-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?

==================== Restore Points  =========================

11-11-2014 09:36:07 Windows Update
13-11-2014 02:20:00 Windows Update
14-11-2014 09:43:31 Scheduled Checkpoint
15-11-2014 05:43:15 Norton 360 Registry Clean

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02D305C1-0F71-44D4-881B-B24C8655820C} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3196A657-3918-4376-B776-2F92C13982C4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-20] (Symantec Corporation)
Task: {376A4AE1-B305-4BB1-86BC-E8ED13F4E770} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2008-04-11] ()
Task: {5842B5AA-A0F4-4383-8838-F493460BC9F5} - System32\Tasks\AdobeAAMUpdater-1.0-jill-PC-jill => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {7D2C764D-E336-467A-AA41-3083D6B679D2} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2008-04-11] ()
Task: {8B41A0DA-2BBA-4918-B842-2FFFA5AD1364} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9141D859-A760-4B5A-9C8A-8BE81F271382} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13] (Adobe Systems Incorporated)
Task: {B683752F-0C64-415B-8367-F0DC08835FB6} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {B8D5AB65-4122-4BD8-88CB-7A6C41AC6EB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {DF6E8D8D-B814-4BE6-850E-53510D30E90A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-15 20:50 - 2013-11-11 14:10 - 00307928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2013-05-15 20:50 - 2013-11-22 18:34 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-15 20:50 - 2013-10-30 18:06 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2013-05-15 20:50 - 2013-11-01 16:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2014-11-14 15:12 - 2014-11-14 15:12 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\jill\AppData\Local\Temporary Internet Files:OBPvVYJg2Ch6XNBu9Z7hX

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-990177128-1127024516-1010214106-500 - Administrator - Disabled)
Guest (S-1-5-21-990177128-1127024516-1010214106-501 - Limited - Disabled)
jill (S-1-5-21-990177128-1127024516-1010214106-1000 - Administrator - Enabled) => C:\Users\jill
UpdatusUser (S-1-5-21-990177128-1127024516-1010214106-1002 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: USB CF Reader   
Description: USB CF Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: USB MS Reader   
Description: USB MS Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: USB SD Reader   
Description: USB SD Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: USB SM Reader   
Description: USB SM Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2014 10:08:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 09:09:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 07:39:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 02:27:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 10:53:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 01:48:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16592, time stamp 0x4549b14e, faulting module MSHTML.dll, version 9.0.8112.16592, time stamp 0x544e985a, exception code 0xc0000005, fault offset 0x00260a7e,
process id 0x7bdc, application start time 0xiexplore.exe0.

Error: (11/13/2014 03:38:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 09:57:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 07:38:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 06:16:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/15/2014 10:08:51 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/15/2014 09:09:40 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/15/2014 07:39:03 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/14/2014 02:28:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/14/2014 10:54:05 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/13/2014 03:39:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/12/2014 09:58:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/12/2014 07:40:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/12/2014 06:17:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/11/2014 10:34:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update


Microsoft Office Sessions:
=========================
Error: (11/15/2014 10:08:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 09:09:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 07:39:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 02:27:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 10:53:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 01:48:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.165924549b14eMSHTML.dll9.0.8112.16592544e985ac000000500260a7e7bdc01cfffefb10c64c7

Error: (11/13/2014 03:38:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 09:57:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 07:38:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 06:16:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-11-15 11:15:06.531
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:15:06.394
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:15:06.249
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:15:06.113
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:47.505
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:47.374
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:47.233
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:47.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:35.488
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\BASHDefs\20141107.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:35.356
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\BASHDefs\20141107.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 66%
Total physical RAM: 4094.39 MB
Available physical RAM: 1351.46 MB
Total Pagefile: 8380.06 MB
Available Pagefile: 4861.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:584.95 GB) (Free:94.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.21 GB) (Free:1.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=585 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#4 bfogg

bfogg
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 15 November 2014 - 02:45 PM

Ok I managed to download Powelikscleaner,  scanned, removed Win32/Poweliks



#5 bfogg

bfogg
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 15 November 2014 - 02:48 PM

Restarted computer, re-scanned with Powelikscleaner, no infections/threats found.

Here is the copy of the log from the original scan

 

[2014.11.15 11:33:19.119] - Begin
[2014.11.15 11:33:19.120] -
[2014.11.15 11:33:19.175] -     ....................................
[2014.11.15 11:33:19.176] -   ..::::::::::::::::::....................
[2014.11.15 11:33:19.177] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2014.11.15 11:33:19.180] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.1
[2014.11.15 11:33:19.181] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Oct 15 2014
[2014.11.15 11:33:19.182] -  .::EE:::::::::::::SS:.EE..........TT......
[2014.11.15 11:33:19.183] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2014.11.15 11:33:19.184] -   ..::::::::::::::::::....................    1992-2013. All rights reserved.
[2014.11.15 11:33:19.184] -     ....................................
[2014.11.15 11:33:19.184] -
[2014.11.15 11:33:19.184] - --------------------------------------------------------------------------------
[2014.11.15 11:33:19.184] -
[2014.11.15 11:33:19.185] - INFO: OS: 6.0.6002 SP2
[2014.11.15 11:33:19.185] - INFO: Product Type: Workstation
[2014.11.15 11:33:19.186] - INFO: WoW64: True
[2014.11.15 11:33:19.186] - INFO: Machine guid: 193BE106-C120-47D6-966A-F4C3B000937F
[2014.11.15 11:33:19.186] -
[2014.11.15 11:33:22.095] - INFO: Scanning for system infection...
[2014.11.15 11:33:22.096] - --------------------------------------------------------------------------------
[2014.11.15 11:33:22.096] -
[2014.11.15 11:33:22.096] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.15 11:33:22.097] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.15 11:33:22.098] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.15 11:33:22.098] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.15 11:33:22.098] - INFO: Processing classes...
[2014.11.15 11:33:22.099] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:22.100] - WARNING: Found suspicous classid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:22.134] - WARNING: Found suspicous classid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:22.134] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:22.134] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:22.135] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:22.135] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.15 11:33:22.154] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.15 11:33:22.159] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.15 11:33:22.159] - INFO: Win32/Poweliks found
[2014.11.15 11:33:31.639] - INFO: process: dllhost.exe, pid 3472, parent 3304
[2014.11.15 11:33:31.639] - INFO: Terminated process pid = 3472
[2014.11.15 11:33:31.640] - INFO: process: dllhost.exe, pid 1228, parent 892
[2014.11.15 11:33:31.641] - INFO: process: dllhost.exe, pid 6564, parent 3472
[2014.11.15 11:33:31.641] - INFO: Terminated process pid = 6564
[2014.11.15 11:33:31.642] - INFO: process: dllhost.exe, pid 7816, parent 6564
[2014.11.15 11:33:31.643] - INFO: Terminated process pid = 7816
[2014.11.15 11:33:31.644] - INFO: process: dllhost.exe, pid 3416, parent 6564
[2014.11.15 11:33:31.644] - INFO: Terminated process pid = 3416
[2014.11.15 11:33:31.645] - INFO: process: dllhost.exe, pid 7192, parent 6564
[2014.11.15 11:33:31.645] - INFO: Terminated process pid = 7192
[2014.11.15 11:33:31.646] - INFO: process: dllhost.exe, pid 6868, parent 6564
[2014.11.15 11:33:31.647] - INFO: Terminated process pid = 6868
[2014.11.15 11:33:31.648] - INFO: process: dllhost.exe, pid 3424, parent 6564
[2014.11.15 11:33:31.652] - INFO: Terminated process pid = 3424
[2014.11.15 11:33:31.652] - INFO: process: dllhost.exe, pid 4644, parent 6564
[2014.11.15 11:33:31.663] - INFO: Terminated process pid = 4644
[2014.11.15 11:33:31.665] - INFO: process: dllhost.exe, pid 7920, parent 6564
[2014.11.15 11:33:31.679] - INFO: Terminated process pid = 7920
[2014.11.15 11:33:31.680] - INFO: process: dllhost.exe, pid 5092, parent 6564
[2014.11.15 11:33:31.688] - INFO: Terminated process pid = 5092
[2014.11.15 11:33:31.689] - INFO: process: dllhost.exe, pid 5020, parent 6564
[2014.11.15 11:33:31.690] - INFO: Terminated process pid = 5020
[2014.11.15 11:33:31.690] - INFO: process: dllhost.exe, pid 6052, parent 6564
[2014.11.15 11:33:31.691] - INFO: Terminated process pid = 6052
[2014.11.15 11:33:31.692] - INFO: process: dllhost.exe, pid 6840, parent 6564
[2014.11.15 11:33:31.693] - INFO: Terminated process pid = 6840
[2014.11.15 11:33:31.694] - INFO: process: dllhost.exe, pid 6064, parent 6564
[2014.11.15 11:33:31.695] - INFO: Terminated process pid = 6064
[2014.11.15 11:33:31.696] - INFO: process: dllhost.exe, pid 7984, parent 6564
[2014.11.15 11:33:31.696] - INFO: Terminated process pid = 7984
[2014.11.15 11:33:31.698] - INFO: process: dllhost.exe, pid 5560, parent 6564
[2014.11.15 11:33:31.698] - INFO: Terminated process pid = 5560
[2014.11.15 11:33:31.699] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.15 11:33:31.700] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.15 11:33:31.701] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.15 11:33:31.701] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.15 11:33:31.701] - INFO: Processing classes...
[2014.11.15 11:33:31.703] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}]
[2014.11.15 11:33:31.703] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[2014.11.15 11:33:31.703] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:31.703] - INFO: Deleted classid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:31.704] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.704] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.704] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.743] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.743] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.744] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.11.15 11:33:31.748] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}]
[2014.11.15 11:33:31.748] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:31.748] - INFO: Deleted classid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:31.749] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:31.749] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.749] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.749] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:31.749] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.749] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.750] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.750] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.750] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:31.750] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.15 11:33:31.750] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.15 11:33:31.750] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.15 11:33:31.750] - INFO: Cleaning status: 0
[2014.11.15 11:33:42.295] - End

 



#6 bfogg

bfogg
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 15 November 2014 - 02:52 PM

Here are copies of the Farbar scan

 

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by jill (administrator) on JILL-PC on 15-11-2014 11:49:26
Running from C:\Users\jill\Desktop
Loaded Profiles: jill & UpdatusUser (Available profiles: jill & UpdatusUser)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Realtek Semiconductor) C:\WINDOWS\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio64.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\taskmgr.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6150656 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [HP Health Check Scheduler] => [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\...\Run: [IAAnotif] => C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-07-12] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Symantec <====== ATTENTION
HKLM\...\Policies\Explorer\Run: [{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}] => "C:\ProgramData\Microsoft\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}.exe" No File
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [HPAdvisor] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972128 2008-04-14] (Hewlett-Packard)
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\MountPoints2: {6fec9f02-342e-11e2-b28d-001fc6dbc23b} - "K:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-990177128-1127024516-1010214106-1002\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-990177128-1127024516-1010214106-1002\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972128 2008-04-14] (Hewlett-Packard)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com/?aff=7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM - {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM-x32 - DefaultScope {4FC7068D-63FD-4485-B214-F9463490ED73} URL =
SearchScopes: HKLM-x32 - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 - {B2591459-7128-4750-98C7-399EF2F2A079} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKCU - BA2E9DBDB38E46799F5CF7A52C5A9116 URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.privitize.com/?aff=7&q={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\jill\AppData\Roaming\Mozilla\Firefox\Profiles\u5whs6y5.default
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-990177128-1127024516-1010214106-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF Extension: MPEG Video Encoder Property Page: MPEG2 settings - C:\Users\jill\AppData\Roaming\Mozilla\Firefox\Profiles\u5whs6y5.default\Extensions\{89799DF6-A4B7-D19B-6513-B6325A76D7EA} [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-26]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.5.0.19\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.5.0.19\coFFPlgn [2014-11-15]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (MPEG Video Encoder Property Page: MPEG2 settings) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-11-07]
CHR Extension: (Zoomex) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\anlobjdjpgngnphahhmgdjgdlldhmalm [2012-12-05]
CHR Extension: (YouTube) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-05]
CHR Extension: (Google Search) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-05]
CHR Extension: (Google Wallet) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Gmail) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [anlobjdjpgngnphahhmgdjgdlldhmalm] - C:\ProgramData\Zoomex\anlobjdjpgngnphahhmgdjgdlldhmalm.crx [2012-12-04]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-12-03] () [File not signed]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-03-14] (Hewlett-Packard) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\BASHDefs\20141107.001\BHDrvx64.sys [1587416 2014-11-07] (Symantec Corporation)
R3 CAXHWBS3; C:\Windows\System32\DRIVERS\CAXHWBS3.sys [286208 2008-02-12] (Conexant Systems, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-08-26] (Symantec Corporation)
R3 HSF_DP; C:\Windows\System32\DRIVERS\CAX_DP.sys [1481216 2008-02-12] (Conexant Systems, Inc.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
S3 Httpmd; C:\Windows\system32\drivers\adfs.sys [88632 2008-06-27] (Adobe Systems, Inc.)
S3 Httpmd; C:\Windows\SysWOW64\drivers\adfs.sys [74720 2008-08-14] (Adobe Systems, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\IPSDefs\20141114.001\IDSvia64.sys [633560 2014-11-11] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\VirusDefs\20141114.017\ENG64.SYS [129752 2014-08-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\VirusDefs\20141114.017\EX64.SYS [2137304 2014-08-11] (Symantec Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2014-07-22] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-07-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMTDIV.SYS [510168 2014-07-22] (Symantec Corporation)
R1 tStLibG64; C:\Windows\System32\drivers\tStLibG64.sys [60096 2014-04-07] (StdLib)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 11:49 - 2014-11-15 11:49 - 00024278 _____ () C:\Users\jill\Desktop\FRST.txt
2014-11-15 11:45 - 2014-11-15 11:45 - 00145832 _____ () C:\Users\jill\Desktop\ESETPoweliksCleaner.exe_20141115.114504.1040.log
2014-11-15 11:44 - 2014-11-15 11:44 - 00145832 _____ () C:\Users\jill\Desktop\ESETPoweliksCleaner.exe_20141115.114402.4724.log
2014-11-15 11:30 - 2014-11-15 11:32 - 00186568 _____ (ESET) C:\Users\jill\Desktop\ESETPoweliksCleaner.exe
2014-11-15 11:15 - 2014-11-15 11:17 - 00031819 _____ () C:\Users\jill\Downloads\Addition.txt
2014-11-15 11:14 - 2014-11-15 11:17 - 00044853 _____ () C:\Users\jill\Downloads\FRST.txt
2014-11-15 11:13 - 2014-11-15 11:49 - 00000000 ____D () C:\FRST
2014-11-15 11:13 - 2014-11-15 11:13 - 02116608 _____ (Farbar) C:\Users\jill\Desktop\frst64.exe
2014-11-15 09:46 - 2014-11-15 09:49 - 00021189 _____ () C:\Users\jill\Desktop\dds.txt
2014-11-15 09:46 - 2014-11-15 09:46 - 00007967 _____ () C:\Users\jill\Desktop\attach.txt
2014-11-15 09:41 - 2014-11-15 09:42 - 00688992 ____R (Swearware) C:\Users\jill\Desktop\dds.com
2014-11-14 15:12 - 2014-11-14 15:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-12 19:19 - 2014-10-12 15:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 19:17 - 2014-09-18 16:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 19:17 - 2014-09-18 16:45 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 19:11 - 2014-08-11 18:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 19:11 - 2014-08-11 18:11 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 19:09 - 2014-10-09 17:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 19:09 - 2014-10-09 17:09 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 19:09 - 2014-10-09 17:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 19:09 - 2014-10-09 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 19:09 - 2014-10-09 17:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 19:09 - 2014-10-09 15:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 19:09 - 2014-10-09 15:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 19:08 - 2014-10-17 17:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 19:08 - 2014-10-17 16:46 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 19:07 - 2014-10-02 17:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 19:07 - 2014-10-02 17:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 19:07 - 2014-10-02 17:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 19:07 - 2014-10-02 17:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 19:07 - 2014-10-02 17:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 19:07 - 2014-10-02 17:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 19:07 - 2014-10-02 17:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 19:07 - 2014-10-02 15:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2014-11-12 18:26 - 2014-10-23 17:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 18:26 - 2014-10-23 16:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 18:24 - 2014-08-26 16:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 18:24 - 2014-08-26 16:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 18:24 - 2014-08-26 16:41 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 18:24 - 2014-08-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 22:27 - 2014-11-11 22:27 - 00000000 ____D () C:\NPE
2014-11-11 22:23 - 2014-11-11 22:42 - 00000000 ____D () C:\Users\jill\AppData\Local\NPE
2014-11-11 19:18 - 2014-10-27 12:32 - 17870336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:18 - 2014-10-27 12:13 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:18 - 2014-10-27 12:12 - 10921472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:18 - 2014-10-27 12:07 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:18 - 2014-10-27 12:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:18 - 2014-10-27 12:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:18 - 2014-10-27 12:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-11 19:18 - 2014-10-27 12:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:18 - 2014-10-27 12:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:18 - 2014-10-27 12:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-11 19:18 - 2014-10-27 12:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-11 19:18 - 2014-10-27 11:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:18 - 2014-10-27 11:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:18 - 2014-10-27 11:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:18 - 2014-10-27 10:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:18 - 2014-10-27 10:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:18 - 2014-10-27 10:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:18 - 2014-10-27 10:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-11 19:18 - 2014-10-27 10:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:18 - 2014-10-27 10:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:18 - 2014-10-27 10:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-11 19:18 - 2014-10-27 10:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-11 19:18 - 2014-10-27 10:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:07 - 2014-11-11 19:07 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-11-11 18:28 - 2014-11-11 19:01 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-11-11 18:28 - 2014-11-11 19:01 - 00002139 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-11-11 18:28 - 2014-11-11 18:28 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-11-11 18:28 - 2014-11-11 18:28 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-11-11 18:27 - 2014-11-11 19:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-11-11 18:27 - 2014-11-11 19:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-11-11 18:27 - 2014-11-11 18:27 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-11-10 20:43 - 2014-11-10 20:43 - 00000000 ____D () C:\ProgramData\KakxEbiro
2014-11-10 20:43 - 2014-11-10 20:43 - 00000000 ____D () C:\ProgramData\GaraXuhsu
2014-11-09 21:08 - 2014-11-09 21:08 - 00000000 ____D () C:\ProgramData\LiceFdux
2014-11-09 14:26 - 2014-11-09 14:26 - 00000000 ____D () C:\ProgramData\PCSettings
2014-11-09 12:09 - 2014-11-11 22:23 - 00000000 ____D () C:\ProgramData\Norton
2014-11-09 12:09 - 2014-11-11 18:35 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-11-09 12:09 - 2014-11-10 19:17 - 00000836 _____ () C:\Users\jill\Desktop\Norton Installation Files.lnk
2014-11-09 12:09 - 2014-11-09 12:09 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-11-09 12:06 - 2014-11-09 12:07 - 01021856 _____ (Symantec Corporation) C:\Users\jill\Downloads\NortonN360Downloader.exe
2014-11-09 10:43 - 2014-11-11 18:58 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Ruwicuz
2014-11-09 10:39 - 2014-11-11 18:58 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Uqguiply
2014-11-09 10:36 - 2014-11-09 10:36 - 00008516 _____ () C:\Users\jill\AppData\Roaming\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:36 - 2014-11-09 10:36 - 00008516 _____ () C:\Users\jill\AppData\Local\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:36 - 2014-11-09 10:36 - 00008516 _____ () C:\Users\jill\AppData\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:36 - 2014-11-09 10:36 - 00004198 _____ () C:\Users\jill\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:36 - 2014-11-09 10:36 - 00004198 _____ () C:\Users\jill\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:36 - 2014-11-09 10:36 - 00004198 _____ () C:\Users\jill\AppData\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:36 - 2014-11-09 10:36 - 00000268 _____ () C:\Users\jill\AppData\Roaming\DECRYPT_INSTRUCTION.URL
2014-11-09 10:36 - 2014-11-09 10:36 - 00000268 _____ () C:\Users\jill\AppData\Local\DECRYPT_INSTRUCTION.URL
2014-11-09 10:36 - 2014-11-09 10:36 - 00000268 _____ () C:\Users\jill\AppData\DECRYPT_INSTRUCTION.URL
2014-11-09 10:35 - 2014-11-09 10:35 - 00205312 _____ () C:\Users\jill\AppData\Roaming\72fb226.exe
2014-11-09 10:35 - 2014-11-09 10:35 - 00008516 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:35 - 2014-11-09 10:35 - 00004198 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:35 - 2014-11-09 10:35 - 00000268 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.URL
2014-11-09 10:35 - 2014-11-09 10:35 - 00000000 ___HD () C:\72fb226
2014-11-08 18:10 - 2014-11-11 18:08 - 00000408 _____ () C:\ProgramData\@system.temp
2014-11-08 18:10 - 2014-11-11 18:08 - 00000144 ____H () C:\ProgramData\@system3.att
2014-11-08 18:10 - 2014-11-08 18:10 - 00000448 ____H () C:\Users\jill\AppData\Roaming\麽鎒駓覜
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\Users\jill\AppData\Roaming\FrameworkUpdate7
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\ProgramData\SarrUzewn
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\ProgramData\KovdiVvibs
2014-11-07 20:55 - 2014-11-09 10:36 - 00000000 ____D () C:\Users\jill\AppData\Local\Uckmedia
2014-11-07 20:54 - 2014-11-07 20:54 - 00000000 ____D () C:\Users\jill\AppData\Local\Ozddics
2014-11-07 20:54 - 2014-11-07 20:54 - 00000000 ____D () C:\ProgramData\WizaWapli
2014-11-06 20:44 - 2014-11-06 20:44 - 00000000 ____D () C:\ProgramData\JupaHzayh
2014-11-06 20:43 - 2014-11-06 20:43 - 00000000 ____D () C:\ProgramData\QukapEthat
2014-11-06 20:13 - 2014-11-13 21:42 - 00000000 ____D () C:\ProgramData\YigiBepam
2014-11-06 20:13 - 2014-11-13 21:42 - 00000000 ____D () C:\ProgramData\PakuQowxe
2014-11-06 20:13 - 2014-11-11 11:53 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-10-16 02:08 - 2014-06-15 14:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 02:08 - 2014-06-15 14:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 02:08 - 2014-06-13 10:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 02:08 - 2014-06-13 10:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 02:08 - 2014-06-13 09:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 02:08 - 2014-06-13 09:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 02:06 - 2014-09-04 15:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 11:43 - 2006-11-02 04:46 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-15 11:40 - 2012-11-21 14:56 - 01470687 _____ () C:\Windows\WindowsUpdate.log
2014-11-15 11:37 - 2012-12-05 22:46 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 11:36 - 2008-05-25 15:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-15 11:36 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-15 11:36 - 2006-11-02 07:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-15 11:36 - 2006-11-02 07:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-15 11:34 - 2006-11-02 07:42 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-15 11:15 - 2014-03-25 12:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-15 11:00 - 2012-12-05 22:46 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-15 07:39 - 2014-03-25 00:20 - 00107048 _____ () C:\Users\jill\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-15 07:38 - 2006-11-02 07:21 - 05021000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-15 07:37 - 2014-04-08 13:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-15 02:00 - 2012-11-21 15:02 - 00000000 ____D () C:\Users\jill\AppData\Local\Adobe
2014-11-13 23:17 - 2014-03-25 12:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-13 23:17 - 2014-03-25 12:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-13 23:17 - 2014-03-25 12:11 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 20:37 - 2006-11-02 05:33 - 00000000 ____D () C:\Windows\rescache
2014-11-12 19:36 - 2008-01-20 19:26 - 00562474 _____ () C:\Windows\PFRO.log
2014-11-12 19:03 - 2013-08-14 02:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 18:27 - 2006-11-02 04:35 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-11 18:28 - 2008-05-25 15:47 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-11-11 09:23 - 2013-02-24 19:42 - 00000000 ____D () C:\Users\jill\Desktop\2012 unedited Spider Meadows
2014-11-11 09:23 - 2013-02-24 19:39 - 00000000 ____D () C:\Users\jill\Desktop\2012 unedited Rainier
2014-11-11 09:12 - 2012-11-21 14:59 - 00000000 ____D () C:\Users\jill
2014-11-11 00:09 - 2013-01-30 20:54 - 00001460 _____ () C:\Users\jill\AppData\Local\d3d9caps64.dat
2014-11-10 07:46 - 2013-01-30 20:56 - 00001356 _____ () C:\Users\jill\AppData\Local\d3d9caps.dat
2014-11-09 14:30 - 2008-05-25 15:47 - 00000000 ____D () C:\ProgramData\Symantec
2014-11-09 10:46 - 2013-10-16 14:16 - 00000000 ____D () C:\Users\jill\Desktop\2012 unedited Ice Lakes 2
2014-11-09 10:43 - 2012-12-30 18:43 - 00000000 ____D () C:\Users\jill\Desktop\2012 Unedited Hikes
2014-11-09 10:38 - 2012-12-30 18:48 - 00000000 ____D () C:\Users\jill\Desktop\2012 Snow Lake Unedited
2014-11-09 10:36 - 2014-04-08 13:44 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Mozilla
2014-11-09 10:36 - 2014-04-08 13:44 - 00000000 ____D () C:\Users\jill\AppData\Local\Mozilla
2014-11-09 10:36 - 2014-02-10 18:48 - 00000000 ____D () C:\Users\jill\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-11-09 10:36 - 2013-06-08 19:38 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Skype
2014-11-09 10:36 - 2013-02-24 20:33 - 00000000 ____D () C:\Users\jill\Desktop\2012 June Hikes
2014-11-09 10:36 - 2013-02-24 19:33 - 00000000 ____D () C:\Users\jill\Desktop\2012 Big Heart Lake
2014-11-09 10:36 - 2013-01-27 19:31 - 00000000 ____D () C:\Users\jill\AppData\Local\PunkBuster
2014-11-09 10:36 - 2012-12-06 23:22 - 00000000 ____D () C:\Users\jill\Desktop\2012 Skyline Divide
2014-11-09 10:36 - 2012-12-05 23:04 - 00000000 ____D () C:\Users\jill\Desktop\2012 Ice Lakes
2014-11-09 10:36 - 2012-12-05 22:46 - 00000000 ____D () C:\Users\jill\AppData\Local\Google
2014-11-09 10:36 - 2012-12-03 09:03 - 00000000 ____D () C:\Users\jill\AppData\Local\Apple Computer
2014-11-09 10:36 - 2012-11-21 16:03 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Adobe
2014-11-09 10:36 - 2012-11-21 15:59 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Hewlett-Packard
2014-11-09 10:35 - 2012-12-06 14:55 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-11-09 10:35 - 2012-12-05 13:26 - 00000000 ____D () C:\ProgramData\Battle.net
2014-11-09 10:35 - 2012-11-21 15:02 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-09 10:35 - 2008-05-25 15:42 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-09 10:35 - 2008-05-25 15:42 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-11-05 15:28 - 2014-08-23 18:12 - 00000000 ____D () C:\Users\jill\Desktop\camera phone
2014-11-02 14:04 - 2006-11-02 07:07 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-28 05:34 - 2012-11-21 15:33 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-20 22:55 - 2012-12-05 22:46 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 22:55 - 2012-12-05 22:46 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-15 11:43

==================== End Of Log ============================

 

 

 

 

Addition

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by jill at 2014-11-15 11:50:09
Running from C:\Users\jill\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.6.0.12 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.2.7 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.1.0.31 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.5 (HKLM-x32\...\DPP) (Version: 3.5.2.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.12.0.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.0.0.3 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.4.2.0 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3/E4 Utility (HKLM-x32\...\WFTK) (Version: 3.3.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.2.1.31 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.0.9 - Canon Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1329 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2726 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.6.13644 - Blizzard Entertainment)
Enhanced Multimedia Keyboard Solution (HKLM-x32\...\KBD) (Version:  - Hewlett-Packard)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HP Customer Experience Enhancements (HKLM-x32\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
HP Demo (HKLM\...\{A7D48BF6-8ED8-4B91-8267-34CDE7807D05}_is1) (Version: HP Demo - Hewlett-Packard)
HP Total Care Advisor (HKLM-x32\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.1.3329.2629 - Hewlett-Packard)
HP Update (HKLM-x32\...\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}) (Version: 4.000.007.003 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.1.0 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM-x32\...\{FA3B34BE-4246-4062-90A3-34CBBEA12B72}) (Version: 1.0.964.2626 - Hewlett-Packard Company)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java™ 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216037FF}) (Version: 6.0.370 - Oracle)
Java™ SE Runtime Environment 6 Update 1 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2529 - CyberLink Corp.)
LightScribe System Software  1.12.37.1 (HKLM-x32\...\{004C5DA2-2051-4D25-94BA-51CF810C91EB}) (Version: 1.12.37.1 - LightScribe)
LightScribeTemplateLabeler (HKLM-x32\...\{305D4B08-5807-4475-B1C8-D54685534864}) (Version: 1.10.23.1 - LightScribe)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
muvee autoProducer 6.1 (HKLM-x32\...\{FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.43 - WildTangent)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PCIe Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.71.00.50 - Conexant Systems)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3917 - CyberLink Corp.)
Python 2.5 (HKLM-x32\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

11-11-2014 09:36:07 Windows Update
13-11-2014 02:20:00 Windows Update
14-11-2014 09:43:31 Scheduled Checkpoint
15-11-2014 05:43:15 Norton 360 Registry Clean

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02D305C1-0F71-44D4-881B-B24C8655820C} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3196A657-3918-4376-B776-2F92C13982C4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-20] (Symantec Corporation)
Task: {376A4AE1-B305-4BB1-86BC-E8ED13F4E770} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2008-04-11] ()
Task: {5842B5AA-A0F4-4383-8838-F493460BC9F5} - System32\Tasks\AdobeAAMUpdater-1.0-jill-PC-jill => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {7D2C764D-E336-467A-AA41-3083D6B679D2} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2008-04-11] ()
Task: {8B41A0DA-2BBA-4918-B842-2FFFA5AD1364} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9141D859-A760-4B5A-9C8A-8BE81F271382} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13] (Adobe Systems Incorporated)
Task: {B683752F-0C64-415B-8367-F0DC08835FB6} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {B8D5AB65-4122-4BD8-88CB-7A6C41AC6EB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {DF6E8D8D-B814-4BE6-850E-53510D30E90A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-15 20:50 - 2013-11-22 18:34 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2013-05-15 20:50 - 2013-11-11 14:10 - 00307928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\jill\AppData\Local\Temporary Internet Files:OBPvVYJg2Ch6XNBu9Z7hX

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-990177128-1127024516-1010214106-500 - Administrator - Disabled)
Guest (S-1-5-21-990177128-1127024516-1010214106-501 - Limited - Disabled)
jill (S-1-5-21-990177128-1127024516-1010214106-1000 - Administrator - Enabled) => C:\Users\jill
UpdatusUser (S-1-5-21-990177128-1127024516-1010214106-1002 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: USB CF Reader   
Description: USB CF Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: USB MS Reader   
Description: USB MS Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: USB SD Reader   
Description: USB SD Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: USB SM Reader   
Description: USB SM Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2014 11:37:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 10:08:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 09:09:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 07:39:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 02:27:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 10:53:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 01:48:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16592, time stamp 0x4549b14e, faulting module MSHTML.dll, version 9.0.8112.16592, time stamp 0x544e985a, exception code 0xc0000005, fault offset 0x00260a7e,
process id 0x7bdc, application start time 0xiexplore.exe0.

Error: (11/13/2014 03:38:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 09:57:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 07:38:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/15/2014 10:08:51 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/15/2014 09:09:40 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/15/2014 07:39:03 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/14/2014 02:28:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/14/2014 10:54:05 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/13/2014 03:39:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/12/2014 09:58:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/12/2014 07:40:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/12/2014 06:17:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/11/2014 10:34:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update


Microsoft Office Sessions:
=========================
Error: (11/15/2014 11:37:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 10:08:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 09:09:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 07:39:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 02:27:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 10:53:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 01:48:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.165924549b14eMSHTML.dll9.0.8112.16592544e985ac000000500260a7e7bdc01cfffefb10c64c7

Error: (11/13/2014 03:38:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 09:57:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 07:38:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-11-15 11:15:06.531
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:15:06.394
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:15:06.249
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:15:06.113
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:47.505
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:47.374
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:47.233
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:47.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:35.488
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\BASHDefs\20141107.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-15 11:14:35.356
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\BASHDefs\20141107.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 48%
Total physical RAM: 4094.39 MB
Available physical RAM: 2097.09 MB
Total Pagefile: 8380.06 MB
Available Pagefile: 6022.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:584.95 GB) (Free:94.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.21 GB) (Free:1.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=585 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#7 bfogg

bfogg
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 15 November 2014 - 03:07 PM

Computer seems to be running better but still seems a little sluggish. Thank you for your help thus far! Very much appreciated!!



#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:20 AM

Posted 15 November 2014 - 03:29 PM

logo.png
Please download Powelikscleaner (by ESET) and save it to your Desktop.
  • Double-click ESETPoweliksCleaner.exe to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
1.png
[img=http://deeprybka.trojaner-board.de/tools/poweliks/2.png

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 bfogg

bfogg
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 15 November 2014 - 08:40 PM

Powelikscleaner installed, scanned and removed infections...

Here is a copy of the log

 

 

[2014.11.15 11:33:19.119] - Begin
[2014.11.15 11:33:19.120] -
[2014.11.15 11:33:19.175] -     ....................................
[2014.11.15 11:33:19.176] -   ..::::::::::::::::::....................
[2014.11.15 11:33:19.177] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2014.11.15 11:33:19.180] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.1
[2014.11.15 11:33:19.181] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Oct 15 2014
[2014.11.15 11:33:19.182] -  .::EE:::::::::::::SS:.EE..........TT......
[2014.11.15 11:33:19.183] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2014.11.15 11:33:19.184] -   ..::::::::::::::::::....................    1992-2013. All rights reserved.
[2014.11.15 11:33:19.184] -     ....................................
[2014.11.15 11:33:19.184] -
[2014.11.15 11:33:19.184] - --------------------------------------------------------------------------------
[2014.11.15 11:33:19.184] -
[2014.11.15 11:33:19.185] - INFO: OS: 6.0.6002 SP2
[2014.11.15 11:33:19.185] - INFO: Product Type: Workstation
[2014.11.15 11:33:19.186] - INFO: WoW64: True
[2014.11.15 11:33:19.186] - INFO: Machine guid: 193BE106-C120-47D6-966A-F4C3B000937F
[2014.11.15 11:33:19.186] -
[2014.11.15 11:33:22.095] - INFO: Scanning for system infection...
[2014.11.15 11:33:22.096] - --------------------------------------------------------------------------------
[2014.11.15 11:33:22.096] -
[2014.11.15 11:33:22.096] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.15 11:33:22.097] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.15 11:33:22.098] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.15 11:33:22.098] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.15 11:33:22.098] - INFO: Processing classes...
[2014.11.15 11:33:22.099] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:22.100] - WARNING: Found suspicous classid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.100] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.101] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.102] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.103] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.104] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.105] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.106] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.107] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.108] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.109] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.110] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.111] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.112] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.113] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.114] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.115] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.116] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.117] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.118] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.119] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.120] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.121] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.122] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.123] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.124] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.125] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.126] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.127] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.128] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.129] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.130] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.131] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.132] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.133] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}]
[2014.11.15 11:33:22.134] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:22.134] - WARNING: Found suspicous classid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:22.134] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:22.134] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:22.135] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.15 11:33:22.135] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:22.135] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.15 11:33:22.154] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.15 11:33:22.159] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.15 11:33:22.159] - INFO: Win32/Poweliks found
[2014.11.15 11:33:31.639] - INFO: process: dllhost.exe, pid 3472, parent 3304
[2014.11.15 11:33:31.639] - INFO: Terminated process pid = 3472
[2014.11.15 11:33:31.640] - INFO: process: dllhost.exe, pid 1228, parent 892
[2014.11.15 11:33:31.641] - INFO: process: dllhost.exe, pid 6564, parent 3472
[2014.11.15 11:33:31.641] - INFO: Terminated process pid = 6564
[2014.11.15 11:33:31.642] - INFO: process: dllhost.exe, pid 7816, parent 6564
[2014.11.15 11:33:31.643] - INFO: Terminated process pid = 7816
[2014.11.15 11:33:31.644] - INFO: process: dllhost.exe, pid 3416, parent 6564
[2014.11.15 11:33:31.644] - INFO: Terminated process pid = 3416
[2014.11.15 11:33:31.645] - INFO: process: dllhost.exe, pid 7192, parent 6564
[2014.11.15 11:33:31.645] - INFO: Terminated process pid = 7192
[2014.11.15 11:33:31.646] - INFO: process: dllhost.exe, pid 6868, parent 6564
[2014.11.15 11:33:31.647] - INFO: Terminated process pid = 6868
[2014.11.15 11:33:31.648] - INFO: process: dllhost.exe, pid 3424, parent 6564
[2014.11.15 11:33:31.652] - INFO: Terminated process pid = 3424
[2014.11.15 11:33:31.652] - INFO: process: dllhost.exe, pid 4644, parent 6564
[2014.11.15 11:33:31.663] - INFO: Terminated process pid = 4644
[2014.11.15 11:33:31.665] - INFO: process: dllhost.exe, pid 7920, parent 6564
[2014.11.15 11:33:31.679] - INFO: Terminated process pid = 7920
[2014.11.15 11:33:31.680] - INFO: process: dllhost.exe, pid 5092, parent 6564
[2014.11.15 11:33:31.688] - INFO: Terminated process pid = 5092
[2014.11.15 11:33:31.689] - INFO: process: dllhost.exe, pid 5020, parent 6564
[2014.11.15 11:33:31.690] - INFO: Terminated process pid = 5020
[2014.11.15 11:33:31.690] - INFO: process: dllhost.exe, pid 6052, parent 6564
[2014.11.15 11:33:31.691] - INFO: Terminated process pid = 6052
[2014.11.15 11:33:31.692] - INFO: process: dllhost.exe, pid 6840, parent 6564
[2014.11.15 11:33:31.693] - INFO: Terminated process pid = 6840
[2014.11.15 11:33:31.694] - INFO: process: dllhost.exe, pid 6064, parent 6564
[2014.11.15 11:33:31.695] - INFO: Terminated process pid = 6064
[2014.11.15 11:33:31.696] - INFO: process: dllhost.exe, pid 7984, parent 6564
[2014.11.15 11:33:31.696] - INFO: Terminated process pid = 7984
[2014.11.15 11:33:31.698] - INFO: process: dllhost.exe, pid 5560, parent 6564
[2014.11.15 11:33:31.698] - INFO: Terminated process pid = 5560
[2014.11.15 11:33:31.699] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.15 11:33:31.700] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.15 11:33:31.701] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.15 11:33:31.701] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.15 11:33:31.701] - INFO: Processing classes...
[2014.11.15 11:33:31.703] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}]
[2014.11.15 11:33:31.703] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[2014.11.15 11:33:31.703] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:31.703] - INFO: Deleted classid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:31.704] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.704] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.704] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.705] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.706] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.707] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.708] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.709] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.710] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.711] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.712] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.713] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.714] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.715] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.716] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.717] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.718] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.719] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.720] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.721] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.722] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.723] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.724] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.725] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.726] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.727] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.728] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.729] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.730] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.731] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.732] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.733] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.734] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.735] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.736] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.737] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.738] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.739] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.740] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.741] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.743] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.743] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.744] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.15 11:33:31.747] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.11.15 11:33:31.748] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}]
[2014.11.15 11:33:31.748] - INFO: Processing clsid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:31.748] - INFO: Deleted classid [\Registry\User\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.15 11:33:31.749] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:31.749] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.749] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.749] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:31.749] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.749] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.750] - INFO: Processing value [] = [C:\Windows\SysWOW64\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.750] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.15 11:33:31.750] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.15 11:33:31.750] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.15 11:33:31.750] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.15 11:33:31.750] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.15 11:33:31.750] - INFO: Cleaning status: 0
[2014.11.15 11:33:42.295] - End
 



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:20 AM

Posted 16 November 2014 - 04:26 PM

Can You please run FRST again and post just the FRST.txt this time. How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 bfogg

bfogg
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 16 November 2014 - 04:30 PM

Here is the FRST.txt

Computer is running much better but something still seems to be lagging a bit.

Thank you very much for your help!

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by jill (administrator) on JILL-PC on 16-11-2014 13:27:52
Running from C:\Users\jill\Desktop
Loaded Profiles: jill & UpdatusUser (Available profiles: jill & UpdatusUser)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Realtek Semiconductor) C:\WINDOWS\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6150656 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [HP Health Check Scheduler] => [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\...\Run: [IAAnotif] => C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-07-12] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Symantec <====== ATTENTION
HKLM\...\Policies\Explorer\Run: [{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}] => "C:\ProgramData\Microsoft\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}.exe" No File
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [HPAdvisor] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972128 2008-04-14] (Hewlett-Packard)
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\MountPoints2: {6fec9f02-342e-11e2-b28d-001fc6dbc23b} - "K:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-990177128-1127024516-1010214106-1002\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-990177128-1127024516-1010214106-1002\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972128 2008-04-14] (Hewlett-Packard)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-990177128-1127024516-1010214106-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKU\S-1-5-21-990177128-1127024516-1010214106-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKU\S-1-5-21-990177128-1127024516-1010214106-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com/?aff=7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM - {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM-x32 - DefaultScope {4FC7068D-63FD-4485-B214-F9463490ED73} URL =
SearchScopes: HKLM-x32 - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 - {B2591459-7128-4750-98C7-399EF2F2A079} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKCU - BA2E9DBDB38E46799F5CF7A52C5A9116 URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.privitize.com/?aff=7&q={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\jill\AppData\Roaming\Mozilla\Firefox\Profiles\u5whs6y5.default
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-990177128-1127024516-1010214106-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: MPEG Video Encoder Property Page: MPEG2 settings - C:\Users\jill\AppData\Roaming\Mozilla\Firefox\Profiles\u5whs6y5.default\Extensions\{89799DF6-A4B7-D19B-6513-B6325A76D7EA} [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-26]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.5.0.19\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.5.0.19\coFFPlgn [2014-11-16]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (MPEG Video Encoder Property Page: MPEG2 settings) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-11-07]
CHR Extension: (Zoomex) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\anlobjdjpgngnphahhmgdjgdlldhmalm [2012-12-05]
CHR Extension: (YouTube) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-05]
CHR Extension: (Google Search) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-05]
CHR Extension: (Google Wallet) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Gmail) - C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [anlobjdjpgngnphahhmgdjgdlldhmalm] - C:\ProgramData\Zoomex\anlobjdjpgngnphahhmgdjgdlldhmalm.crx [2012-12-04]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-12-03] () [File not signed]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-03-14] (Hewlett-Packard) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\BASHDefs\20141107.001\BHDrvx64.sys [1587416 2014-11-07] (Symantec Corporation)
R3 CAXHWBS3; C:\Windows\System32\DRIVERS\CAXHWBS3.sys [286208 2008-02-12] (Conexant Systems, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-08-26] (Symantec Corporation)
R3 HSF_DP; C:\Windows\System32\DRIVERS\CAX_DP.sys [1481216 2008-02-12] (Conexant Systems, Inc.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
S3 Httpmd; C:\Windows\system32\drivers\adfs.sys [88632 2008-06-27] (Adobe Systems, Inc.)
S3 Httpmd; C:\Windows\SysWOW64\drivers\adfs.sys [74720 2008-08-14] (Adobe Systems, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\IPSDefs\20141114.001\IDSvia64.sys [633560 2014-11-11] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\VirusDefs\20141115.001\ENG64.SYS [129752 2014-08-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\VirusDefs\20141115.001\EX64.SYS [2137304 2014-08-11] (Symantec Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2014-07-22] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-07-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMTDIV.SYS [510168 2014-07-22] (Symantec Corporation)
R1 tStLibG64; C:\Windows\System32\drivers\tStLibG64.sys [60096 2014-04-07] (StdLib)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 13:27 - 2014-11-16 13:27 - 00000000 ____D () C:\Users\jill\Desktop\FRST-OlderVersion
2014-11-15 17:37 - 2014-11-15 17:37 - 00145832 _____ () C:\Users\jill\Desktop\ESETPoweliksCleaner.exe_20141115.173740.1696.log
2014-11-15 13:06 - 2014-11-16 13:11 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 13:06 - 2014-11-15 13:06 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 11:50 - 2014-11-15 11:50 - 00030926 _____ () C:\Users\jill\Desktop\Addition.txt
2014-11-15 11:49 - 2014-11-16 13:27 - 00024762 _____ () C:\Users\jill\Desktop\FRST.txt
2014-11-15 11:45 - 2014-11-15 11:45 - 00145832 _____ () C:\Users\jill\Desktop\ESETPoweliksCleaner.exe_20141115.114504.1040.log
2014-11-15 11:44 - 2014-11-15 11:44 - 00145832 _____ () C:\Users\jill\Desktop\ESETPoweliksCleaner.exe_20141115.114402.4724.log
2014-11-15 11:30 - 2014-11-15 11:32 - 00186568 _____ (ESET) C:\Users\jill\Desktop\ESETPoweliksCleaner.exe
2014-11-15 11:15 - 2014-11-15 11:17 - 00031819 _____ () C:\Users\jill\Downloads\Addition.txt
2014-11-15 11:14 - 2014-11-15 11:17 - 00044853 _____ () C:\Users\jill\Downloads\FRST.txt
2014-11-15 11:13 - 2014-11-16 13:27 - 02117120 _____ (Farbar) C:\Users\jill\Desktop\FRST64.exe
2014-11-15 11:13 - 2014-11-16 13:27 - 00000000 ____D () C:\FRST
2014-11-15 09:46 - 2014-11-15 09:49 - 00021189 _____ () C:\Users\jill\Desktop\dds.txt
2014-11-15 09:46 - 2014-11-15 09:46 - 00007967 _____ () C:\Users\jill\Desktop\attach.txt
2014-11-15 09:41 - 2014-11-15 09:42 - 00688992 ____R (Swearware) C:\Users\jill\Desktop\dds.com
2014-11-14 15:12 - 2014-11-14 15:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-12 19:19 - 2014-10-12 15:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 19:17 - 2014-09-18 16:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 19:17 - 2014-09-18 16:45 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 19:11 - 2014-08-11 18:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 19:11 - 2014-08-11 18:11 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 19:09 - 2014-10-09 17:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 19:09 - 2014-10-09 17:09 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 19:09 - 2014-10-09 17:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 19:09 - 2014-10-09 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 19:09 - 2014-10-09 17:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 19:09 - 2014-10-09 15:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 19:09 - 2014-10-09 15:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 19:08 - 2014-10-17 17:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 19:08 - 2014-10-17 16:46 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 19:07 - 2014-10-02 17:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 19:07 - 2014-10-02 17:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 19:07 - 2014-10-02 17:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 19:07 - 2014-10-02 17:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 19:07 - 2014-10-02 17:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 19:07 - 2014-10-02 17:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 19:07 - 2014-10-02 17:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 19:07 - 2014-10-02 15:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2014-11-12 18:26 - 2014-10-23 17:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 18:26 - 2014-10-23 16:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 18:24 - 2014-08-26 16:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 18:24 - 2014-08-26 16:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 18:24 - 2014-08-26 16:41 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 18:24 - 2014-08-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 22:27 - 2014-11-11 22:27 - 00000000 ____D () C:\NPE
2014-11-11 22:23 - 2014-11-11 22:42 - 00000000 ____D () C:\Users\jill\AppData\Local\NPE
2014-11-11 19:18 - 2014-10-27 12:32 - 17870336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:18 - 2014-10-27 12:13 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:18 - 2014-10-27 12:12 - 10921472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:18 - 2014-10-27 12:07 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:18 - 2014-10-27 12:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:18 - 2014-10-27 12:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:18 - 2014-10-27 12:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-11 19:18 - 2014-10-27 12:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:18 - 2014-10-27 12:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:18 - 2014-10-27 12:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:18 - 2014-10-27 12:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-11 19:18 - 2014-10-27 12:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-11 19:18 - 2014-10-27 12:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-11 19:18 - 2014-10-27 11:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:18 - 2014-10-27 11:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:18 - 2014-10-27 11:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:18 - 2014-10-27 10:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:18 - 2014-10-27 10:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:18 - 2014-10-27 10:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:18 - 2014-10-27 10:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-11 19:18 - 2014-10-27 10:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:18 - 2014-10-27 10:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:18 - 2014-10-27 10:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:18 - 2014-10-27 10:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-11 19:18 - 2014-10-27 10:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-11 19:18 - 2014-10-27 10:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-11 19:18 - 2014-10-27 10:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:07 - 2014-11-11 19:07 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-11-11 18:28 - 2014-11-11 19:01 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-11-11 18:28 - 2014-11-11 19:01 - 00002139 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-11-11 18:28 - 2014-11-11 18:28 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-11-11 18:28 - 2014-11-11 18:28 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-11-11 18:27 - 2014-11-11 19:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-11-11 18:27 - 2014-11-11 19:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-11-11 18:27 - 2014-11-11 18:27 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-11-10 20:43 - 2014-11-10 20:43 - 00000000 ____D () C:\ProgramData\KakxEbiro
2014-11-10 20:43 - 2014-11-10 20:43 - 00000000 ____D () C:\ProgramData\GaraXuhsu
2014-11-09 21:08 - 2014-11-09 21:08 - 00000000 ____D () C:\ProgramData\LiceFdux
2014-11-09 14:26 - 2014-11-09 14:26 - 00000000 ____D () C:\ProgramData\PCSettings
2014-11-09 12:09 - 2014-11-11 22:23 - 00000000 ____D () C:\ProgramData\Norton
2014-11-09 12:09 - 2014-11-11 18:35 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-11-09 12:09 - 2014-11-10 19:17 - 00000836 _____ () C:\Users\jill\Desktop\Norton Installation Files.lnk
2014-11-09 12:09 - 2014-11-09 12:09 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-11-09 12:06 - 2014-11-09 12:07 - 01021856 _____ (Symantec Corporation) C:\Users\jill\Downloads\NortonN360Downloader.exe
2014-11-09 10:43 - 2014-11-11 18:58 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Ruwicuz
2014-11-09 10:39 - 2014-11-11 18:58 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Uqguiply
2014-11-09 10:36 - 2014-11-09 10:36 - 00008516 _____ () C:\Users\jill\AppData\Roaming\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:36 - 2014-11-09 10:36 - 00008516 _____ () C:\Users\jill\AppData\Local\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:36 - 2014-11-09 10:36 - 00008516 _____ () C:\Users\jill\AppData\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:36 - 2014-11-09 10:36 - 00004198 _____ () C:\Users\jill\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:36 - 2014-11-09 10:36 - 00004198 _____ () C:\Users\jill\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:36 - 2014-11-09 10:36 - 00004198 _____ () C:\Users\jill\AppData\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:36 - 2014-11-09 10:36 - 00000268 _____ () C:\Users\jill\AppData\Roaming\DECRYPT_INSTRUCTION.URL
2014-11-09 10:36 - 2014-11-09 10:36 - 00000268 _____ () C:\Users\jill\AppData\Local\DECRYPT_INSTRUCTION.URL
2014-11-09 10:36 - 2014-11-09 10:36 - 00000268 _____ () C:\Users\jill\AppData\DECRYPT_INSTRUCTION.URL
2014-11-09 10:35 - 2014-11-09 10:35 - 00205312 _____ () C:\Users\jill\AppData\Roaming\72fb226.exe
2014-11-09 10:35 - 2014-11-09 10:35 - 00008516 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.HTML
2014-11-09 10:35 - 2014-11-09 10:35 - 00004198 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.TXT
2014-11-09 10:35 - 2014-11-09 10:35 - 00000268 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.URL
2014-11-09 10:35 - 2014-11-09 10:35 - 00000000 ___HD () C:\72fb226
2014-11-08 18:10 - 2014-11-11 18:08 - 00000408 _____ () C:\ProgramData\@system.temp
2014-11-08 18:10 - 2014-11-11 18:08 - 00000144 ____H () C:\ProgramData\@system3.att
2014-11-08 18:10 - 2014-11-08 18:10 - 00000448 ____H () C:\Users\jill\AppData\Roaming\麽鎒駓覜
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\Users\jill\AppData\Roaming\FrameworkUpdate7
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\ProgramData\SarrUzewn
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\ProgramData\KovdiVvibs
2014-11-07 20:55 - 2014-11-09 10:36 - 00000000 ____D () C:\Users\jill\AppData\Local\Uckmedia
2014-11-07 20:54 - 2014-11-07 20:54 - 00000000 ____D () C:\Users\jill\AppData\Local\Ozddics
2014-11-07 20:54 - 2014-11-07 20:54 - 00000000 ____D () C:\ProgramData\WizaWapli
2014-11-06 20:44 - 2014-11-06 20:44 - 00000000 ____D () C:\ProgramData\JupaHzayh
2014-11-06 20:43 - 2014-11-06 20:43 - 00000000 ____D () C:\ProgramData\QukapEthat
2014-11-06 20:13 - 2014-11-13 21:42 - 00000000 ____D () C:\ProgramData\YigiBepam
2014-11-06 20:13 - 2014-11-13 21:42 - 00000000 ____D () C:\ProgramData\PakuQowxe
2014-11-06 20:13 - 2014-11-11 11:53 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 13:15 - 2014-03-25 12:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-16 13:11 - 2012-12-05 22:46 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-16 11:47 - 2006-11-02 07:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-16 11:47 - 2006-11-02 07:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-16 09:53 - 2006-11-02 04:46 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-16 09:52 - 2012-11-21 14:56 - 01486366 _____ () C:\Windows\WindowsUpdate.log
2014-11-16 09:47 - 2008-05-25 15:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-16 09:47 - 2008-01-20 19:26 - 00562822 _____ () C:\Windows\PFRO.log
2014-11-16 09:47 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 09:20 - 2006-11-02 07:42 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-16 02:00 - 2012-11-21 15:02 - 00000000 ____D () C:\Users\jill\AppData\Local\Adobe
2014-11-15 13:07 - 2012-12-05 22:46 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 07:39 - 2014-03-25 00:20 - 00107048 _____ () C:\Users\jill\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-15 07:38 - 2006-11-02 07:21 - 05021000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-15 07:37 - 2014-04-08 13:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-13 23:17 - 2014-03-25 12:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-13 23:17 - 2014-03-25 12:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-13 23:17 - 2014-03-25 12:11 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 20:37 - 2006-11-02 05:33 - 00000000 ____D () C:\Windows\rescache
2014-11-12 19:03 - 2013-08-14 02:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 18:27 - 2006-11-02 04:35 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-11 18:28 - 2008-05-25 15:47 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-11-11 09:23 - 2013-02-24 19:42 - 00000000 ____D () C:\Users\jill\Desktop\2012 unedited Spider Meadows
2014-11-11 09:23 - 2013-02-24 19:39 - 00000000 ____D () C:\Users\jill\Desktop\2012 unedited Rainier
2014-11-11 09:12 - 2012-11-21 14:59 - 00000000 ____D () C:\Users\jill
2014-11-11 00:09 - 2013-01-30 20:54 - 00001460 _____ () C:\Users\jill\AppData\Local\d3d9caps64.dat
2014-11-10 07:46 - 2013-01-30 20:56 - 00001356 _____ () C:\Users\jill\AppData\Local\d3d9caps.dat
2014-11-09 14:30 - 2008-05-25 15:47 - 00000000 ____D () C:\ProgramData\Symantec
2014-11-09 10:46 - 2013-10-16 14:16 - 00000000 ____D () C:\Users\jill\Desktop\2012 unedited Ice Lakes 2
2014-11-09 10:43 - 2012-12-30 18:43 - 00000000 ____D () C:\Users\jill\Desktop\2012 Unedited Hikes
2014-11-09 10:38 - 2012-12-30 18:48 - 00000000 ____D () C:\Users\jill\Desktop\2012 Snow Lake Unedited
2014-11-09 10:36 - 2014-04-08 13:44 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Mozilla
2014-11-09 10:36 - 2014-04-08 13:44 - 00000000 ____D () C:\Users\jill\AppData\Local\Mozilla
2014-11-09 10:36 - 2014-02-10 18:48 - 00000000 ____D () C:\Users\jill\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-11-09 10:36 - 2013-06-08 19:38 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Skype
2014-11-09 10:36 - 2013-02-24 20:33 - 00000000 ____D () C:\Users\jill\Desktop\2012 June Hikes
2014-11-09 10:36 - 2013-02-24 19:33 - 00000000 ____D () C:\Users\jill\Desktop\2012 Big Heart Lake
2014-11-09 10:36 - 2013-01-27 19:31 - 00000000 ____D () C:\Users\jill\AppData\Local\PunkBuster
2014-11-09 10:36 - 2012-12-06 23:22 - 00000000 ____D () C:\Users\jill\Desktop\2012 Skyline Divide
2014-11-09 10:36 - 2012-12-05 23:04 - 00000000 ____D () C:\Users\jill\Desktop\2012 Ice Lakes
2014-11-09 10:36 - 2012-12-05 22:46 - 00000000 ____D () C:\Users\jill\AppData\Local\Google
2014-11-09 10:36 - 2012-12-03 09:03 - 00000000 ____D () C:\Users\jill\AppData\Local\Apple Computer
2014-11-09 10:36 - 2012-11-21 16:03 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Adobe
2014-11-09 10:36 - 2012-11-21 15:59 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Hewlett-Packard
2014-11-09 10:35 - 2012-12-06 14:55 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-11-09 10:35 - 2012-12-05 13:26 - 00000000 ____D () C:\ProgramData\Battle.net
2014-11-09 10:35 - 2012-11-21 15:02 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-09 10:35 - 2008-05-25 15:42 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-09 10:35 - 2008-05-25 15:42 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-11-05 15:28 - 2014-08-23 18:12 - 00000000 ____D () C:\Users\jill\Desktop\camera phone
2014-11-02 14:04 - 2006-11-02 07:07 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-28 05:34 - 2012-11-21 15:33 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-16 09:53

==================== End Of Log ============================



#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:20 AM

Posted 16 November 2014 - 04:51 PM

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Attached File  fixlist.txt   9.05KB   2 downloads

 

How is the machine running after this fix?

 

 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 bfogg

bfogg
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 16 November 2014 - 05:00 PM

Here is the copy of Fixlog.txt

Seems to be running about the same as before the most recent fix.

Thanks again!

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-11-2014 03
Ran by jill at 2014-11-16 13:54:13 Run:1
Running from C:\Users\jill\Desktop
Loaded Profiles: jill & UpdatusUser (Available profiles: jill & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
2014-11-08 18:10 - 2014-11-08 18:10 - 00000448 ____H () C:\Users\jill\AppData\Roaming\麽鎒駓覜
2014-11-09 10:35 - 2014-11-09 10:35 - 00000000 ___HD () C:\72fb226
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
CHR HKLM-x32\...\Chrome\Extension: [anlobjdjpgngnphahhmgdjgdlldhmalm] - C:\ProgramData\Zoomex\anlobjdjpgngnphahhmgdjgdlldhmalm.crx [2012-12-04]
C:\ProgramData\Zoomex
C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla
C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\anlobjdjpgngnphahhmgdjgdlldhmalm
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF Extension: MPEG Video Encoder Property Page: MPEG2 settings - C:\Users\jill\AppData\Roaming\Mozilla\Firefox\Profiles\u5whs6y5.default\Extensions\{89799DF6-A4B7-D19B-6513-B6325A76D7EA} [2014-11-07]
FF Plugin HKU\S-1-5-21-990177128-1127024516-1010214106-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.privitize.com/?aff=7&q={searchTerms}
SearchScopes: HKLM - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM - {4FC7068D-63FD-4485-B214-F9463490ED73} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM-x32 - DefaultScope {4FC7068D-63FD-4485-B214-F9463490ED73} URL =
SearchScopes: HKLM-x32 - {0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 - {B2591459-7128-4750-98C7-399EF2F2A079} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com/?aff=7
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\MountPoints2: {6fec9f02-342e-11e2-b28d-001fc6dbc23b} - "K:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\...\Run: [AdobeBridge] => [X]
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Symantec <====== ATTENTION
HKLM\...\Policies\Explorer\Run: [{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}] => "C:\ProgramData\Microsoft\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}\{a34332f7-051e-535c-a7c0-d8b97c2c9bb2}.exe" No File
HKLM-x32\...\Run: [] => [X]
2014-11-10 20:43 - 2014-11-10 20:43 - 00000000 ____D () C:\ProgramData\KakxEbiro
2014-11-10 20:43 - 2014-11-10 20:43 - 00000000 ____D () C:\ProgramData\GaraXuhsu
2014-11-09 21:08 - 2014-11-09 21:08 - 00000000 ____D () C:\ProgramData\LiceFdux
2014-11-09 14:26 - 2014-11-09 14:26 - 00000000 ____D () C:\ProgramData\PCSettings
2014-11-09 10:43 - 2014-11-11 18:58 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Ruwicuz
2014-11-09 10:39 - 2014-11-11 18:58 - 00000000 ____D () C:\Users\jill\AppData\Roaming\Uqguiply
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\ProgramData\SarrUzewn
2014-11-08 18:09 - 2014-11-08 18:09 - 00000000 ____D () C:\ProgramData\KovdiVvibs
2014-11-07 20:55 - 2014-11-09 10:36 - 00000000 ____D () C:\Users\jill\AppData\Local\Uckmedia
2014-11-07 20:54 - 2014-11-07 20:54 - 00000000 ____D () C:\Users\jill\AppData\Local\Ozddics
2014-11-07 20:54 - 2014-11-07 20:54 - 00000000 ____D () C:\ProgramData\WizaWapli
2014-11-06 20:44 - 2014-11-06 20:44 - 00000000 ____D () C:\ProgramData\JupaHzayh
2014-11-06 20:43 - 2014-11-06 20:43 - 00000000 ____D () C:\ProgramData\QukapEthat
2014-11-06 20:13 - 2014-11-13 21:42 - 00000000 ____D () C:\ProgramData\YigiBepam
2014-11-06 20:13 - 2014-11-13 21:42 - 00000000 ____D () C:\ProgramData\PakuQowxe
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\jill\AppData\Local\Temporary Internet Files:OBPvVYJg2Ch6XNBu9Z7hX








*****************

C:\Users\jill\AppData\Roaming\麽鎒駓覜 => Moved successfully.
C:\72fb226 => Moved successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\anlobjdjpgngnphahhmgdjgdlldhmalm" => Key deleted successfully.
C:\ProgramData\Zoomex\anlobjdjpgngnphahhmgdjgdlldhmalm.crx => Moved successfully.
C:\ProgramData\Zoomex => Moved successfully.
C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla => Moved successfully.
C:\Users\jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\anlobjdjpgngnphahhmgdjgdlldhmalm => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml => Moved successfully.
C:\Users\jill\AppData\Roaming\Mozilla\Firefox\Profiles\u5whs6y5.default\Extensions\{89799DF6-A4B7-D19B-6513-B6325A76D7EA} => Moved successfully.
FF Plugin HKU\S-1-5-21-990177128-1127024516-1010214106-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () => Error: No automatic fix found for this entry.
"HKCR\PROTOCOLS\Filter\text/xml" => Key deleted successfully.
"HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0}" => Key deleted successfully.
"HKCR\CLSID\{0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4FC7068D-63FD-4485-B214-F9463490ED73}" => Key deleted successfully.
"HKCR\CLSID\{4FC7068D-63FD-4485-B214-F9463490ED73}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0}" => Key deleted successfully.
"HKCR\CLSID\{0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4FC7068D-63FD-4485-B214-F9463490ED73}" => Key deleted successfully.
"HKCR\CLSID\{4FC7068D-63FD-4485-B214-F9463490ED73}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0B25B24A-FDC9-4DA3-B3BC-4E6A52A403E0}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B2591459-7128-4750-98C7-399EF2F2A079}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{B2591459-7128-4750-98C7-399EF2F2A079}" => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKU\S-1-5-21-990177128-1127024516-1010214106-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6fec9f02-342e-11e2-b28d-001fc6dbc23b}" => Key deleted successfully.
"HKCR\CLSID\{6fec9f02-342e-11e2-b28d-001fc6dbc23b}" => Key not found.
HKU\S-1-5-21-990177128-1127024516-1010214106-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\ => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
C:\ProgramData\KakxEbiro => Moved successfully.
C:\ProgramData\GaraXuhsu => Moved successfully.
C:\ProgramData\LiceFdux => Moved successfully.
C:\ProgramData\PCSettings => Moved successfully.
C:\Users\jill\AppData\Roaming\Ruwicuz => Moved successfully.
C:\Users\jill\AppData\Roaming\Uqguiply => Moved successfully.
C:\ProgramData\SarrUzewn => Moved successfully.
C:\ProgramData\KovdiVvibs => Moved successfully.
C:\Users\jill\AppData\Local\Uckmedia => Moved successfully.
C:\Users\jill\AppData\Local\Ozddics => Moved successfully.
C:\ProgramData\WizaWapli => Moved successfully.
C:\ProgramData\JupaHzayh => Moved successfully.
C:\ProgramData\QukapEthat => Moved successfully.
C:\ProgramData\YigiBepam => Moved successfully.
C:\ProgramData\PakuQowxe => Moved successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
"C:\Users\jill\AppData\Local\Temporary Internet Files" => ":OBPvVYJg2Ch6XNBu9Z7hX" ADS not found.

==== End of Fixlog ====



#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:20 AM

Posted 16 November 2014 - 10:49 PM

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:20 AM

Posted 18 November 2014 - 01:50 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users