Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware - sysWOW64 - being blocked by malaware, but not detected


  • This topic is locked This topic is locked
9 replies to this topic

#1 gpf262

gpf262

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 22 November 2014 - 12:53 PM

Greetings.

My PC was having performance issues.  I use Norton for antivirus and no issues were reported.  I downloaded and ran MalawareBytes antimalare and it quarantined one file, then I started getting pop-up notices from Malawarebytes blocking outgoing messages to a "malicious website".  Often the process name is 'sysWOW64'. These websites are changable..I think some repeat, but many are different.  This is occurring every minute or so.

 

dds.txt:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 10.17.2
Run by Gregory France at 11:26:13 on 2014-11-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7935.4609 [GMT -5:00]
.
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
C:\Windows\syswow64\dllhost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\syswow64\dllhost.exe
C:\Program Files (x86)\JunoInternet\exec.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\ProgramData\FLEXnet\Connect\11\agent.exe
C:\Program Files (x86)\JunoInternet\exec.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\syswow64\dvdupgrd.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dpnsvr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.nytimes.com/
uSearch Bar = hxxp://my.juno.com/s/search?r=minisearch
uSearch Page = hxxp://my.juno.com/s/search?r=minisearch
mSearch Page = hxxp://my.juno.com/s/search?r=minisearch
mDefault_Search_URL = hxxp://my.juno.com/s/search?r=minisearch
uSearchURL,(Default) = hxxp://my.juno.com/s/search?r=minisearch
mSearchAssistant = hxxp://my.juno.com/s/search?r=minisearch
uURLSearchHooks: URLSearchHook Class: {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files (x86)\JunoInternet\SearchEnh1.dll
mWinlogon: Userinit = userinit.exe,
BHO: Pop-up Blocker: {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files (x86)\JunoInternet\qsacc\X1IEBHO.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Juno Toolbar Helper: {FE3098B1-04A3-41fd-8CA9-BEA39CB14C87} - C:\Program Files (x86)\JunoInternet\UCReg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Epson Stylus NX510(Network)] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIFIA.EXE /FU "C:\Windows\TEMP\E_S26A3.tmp" /EF "HKCU"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe
uRun: [Google Update] "C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SSDMonitor] C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
mRun: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\GREGOR~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Display All Images with Full Quality - "res://C:\Program Files (x86)\JunoInternet\qsacc\appres.dll/228"
IE: Display Image with Full Quality - "res://C:\Program Files (x86)\JunoInternet\qsacc\appres.dll/227"
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: juno.com
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{FFE90D2E-4A62-463A-B3CF-D6F9D87930E7} : DHCPNameServer = 10.0.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: junomsg - {C4D10830-379D-11d4-9B2D-00C04F1579A5} - C:\Program Files (x86)\Juno\bin\jmsgpph.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: junomsg - {C4D10830-379D-11d4-9B2D-00C04F1579A5} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nytimes.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Gregory France\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\Gregory France\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Users\Gregory France\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Gregory France\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-3-17 55856]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1309010.00E\symds64.sys [2013-2-5 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1309010.00E\symefa64.sys [2013-2-5 1129120]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\BASHDefs\20141118.001\BHDrvx64.sys [2014-11-19 1587416]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\System32\drivers\NAVx64\1309010.00E\ccsetx64.sys [2013-2-5 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\IPSDefs\20141121.001\IDSviA64.sys [2014-11-21 637656]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1309010.00E\ironx64.sys [2013-2-5 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NAVx64\1309010.00E\symnets.sys [2013-2-5 405624]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-20 203776]
R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-11 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-11 968504]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2012-9-17 441344]
R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2010-12-10 25824]
R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccsvchst.exe [2013-2-5 138272]
R2 NU16StartManagerSvc;Norton Utilities 16 Start Manager Service;C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [2013-2-27 792608]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-8 144672]
R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-11-3 8704]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-5-19 266240]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-9-10 142640]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-8-6 320040]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-19 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-11 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-11 63704]
R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2012-9-6 95344]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2012-9-6 21872]
S3 DiskDoctorService;Norton Disk Doctor Service;C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [2013-2-27 1147424]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-1-29 36720]
S3 SpeedDiskService;Norton SpeedDisk Service;C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [2013-2-27 1160224]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-3-12 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-11 1255736]
.
=============== Created Last 30 ================
.
2014-11-19 12:43:10 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-19 12:43:10 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-19 12:43:10 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-19 12:43:10 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-12 14:07:59 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-12 14:06:49 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-11-12 13:59:52 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-11-12 13:59:52 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
.
==================== Find3M  ====================
.
2014-11-22 15:36:29 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-12 12:56:53 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-12 12:56:53 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-05 17:56:54 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-05 17:56:36 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-05 17:52:22 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-01 16:11:26 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-10-01 16:11:16 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 16:11:12 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
.
============= FINISH: 11:27:58.53 ===============
Attached File  attach.txt   6.93KB   0 downloads


BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:26 PM

Posted 22 November 2014 - 05:30 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1
logo.png
Please download Powelikscleaner (by ESET) and save it to your Desktop.
  • Double-click the 3.png to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
1.png
2.png

Step 2

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Step 3

Please download 51a612a8b27e2-Zoek.pngZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    process;
    services-list;
    systemspecs;
    startupall;
    filesrcm;
    
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 gpf262

gpf262
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 23 November 2014 - 09:49 PM

Greetings 

 

Thanks for your response.  I was able to do the first two steps but kept getting blocked on final step (ZOEK).  Attached are the logs from step 1 and 2.  the good news is that the malaware pop up that were showing that they blocked outgoing msgs have stopped. For step 3 I disabled Norton, but the application seems to be getting blocked whenever I try the ZOEK..  Have to stop for the night, so sending what I have so far.

 

Post for all logs was too long, so first log attached

 

 

ESET - Part 1)

 

[2014.11.23 19:51:05.314] - Begin
[2014.11.23 19:51:05.314] - 
[2014.11.23 19:51:05.314] -     ....................................
[2014.11.23 19:51:05.316] -   ..::::::::::::::::::....................
[2014.11.23 19:51:05.316] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2014.11.23 19:51:05.319] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.1
[2014.11.23 19:51:05.319] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Oct 15 2014
[2014.11.23 19:51:05.321] -  .::EE:::::::::::::SS:.EE..........TT......
[2014.11.23 19:51:05.321] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2014.11.23 19:51:05.321] -   ..::::::::::::::::::....................    1992-2013. All rights reserved.
[2014.11.23 19:51:05.321] -     ....................................
[2014.11.23 19:51:05.321] - 
[2014.11.23 19:51:05.321] - --------------------------------------------------------------------------------
[2014.11.23 19:51:05.321] - 
[2014.11.23 19:51:05.324] - INFO: OS: 6.1.7601 SP1
[2014.11.23 19:51:05.324] - INFO: Product Type: Workstation
[2014.11.23 19:51:05.324] - INFO: WoW64: True
[2014.11.23 19:51:05.324] - INFO: Machine guid: 0E2E7199-DFB8-42B3-A548-A00AACD02589 
[2014.11.23 19:51:05.324] - 
[2014.11.23 19:51:06.974] - INFO: Scanning for system infection...
[2014.11.23 19:51:06.974] - --------------------------------------------------------------------------------
[2014.11.23 19:51:06.974] - 
[2014.11.23 19:51:06.974] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.23 19:51:06.975] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.23 19:51:06.975] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.23 19:51:06.976] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.23 19:51:06.976] - INFO: Processing classes...
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}]
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}]
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{08FB66B9-2D2D-4B35-A747-D5D9E9F472E2}]
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{090746F9-9F39-42C0-920A-4852C2EDE704}]
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}]
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{0F9285DF-3511-4FE6-A587-CD8F61A121CA}]
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{21902B91-1E80-4282-AFDE-AB014CB4ED5A}]
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{220DFF67-87CE-4D26-8020-27E0B554A880}]
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}]
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}]
[2014.11.23 19:51:06.977] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{699A646B-C61E-4C36-A253-620E4EBD294C}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{71FDCAEA-B6F2-4B6C-A18C-6C85F0E4662F}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{7E024D23-24D9-425B-B2E3-1BF397408365}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{994E7954-2C4F-4C27-B4BF-1B0492A75494}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{A1436E43-F58F-4D3B-B908-B6DA44563B00}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{A480C024-04D0-4F28-8CF0-ADACE2BD839C}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}]
[2014.11.23 19:51:06.978] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{B41AD4BE-25BA-4A51-A0BB-FC1584E316F1}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{C9E37353-EC76-4A58-B575-BBA8B4BD06D1}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.979] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.980] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.981] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.982] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.983] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.984] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.985] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.986] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.987] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.988] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.989] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.990] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.991] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.992] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.993] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.994] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.995] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.996] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.997] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.998] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.11.23 19:51:06.999] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.000] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.001] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.001] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.001] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.001] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.001] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.001] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.001] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.001] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.002] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.002] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.002] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.002] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.002] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.002] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.002] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.002] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.002] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.003] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.004] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{DBFA3C03-20D5-4EE5-8C06-B8C4C2B71783}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FD10EA6A-0D14-4AA2-A376-0C8D51CA8779}]
[2014.11.23 19:51:07.005] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}]
[2014.11.23 19:51:07.012] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}]
[2014.11.23 19:51:07.012] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}]
[2014.11.23 19:51:07.012] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{0F9285DF-3511-4FE6-A587-CD8F61A121CA}]
[2014.11.23 19:51:07.012] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}]
[2014.11.23 19:51:07.012] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{699A646B-C61E-4C36-A253-620E4EBD294C}]
[2014.11.23 19:51:07.012] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{71FDCAEA-B6F2-4B6C-A18C-6C85F0E4662F}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.23 19:51:07.013] - WARNING: Found suspicous classid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{C9E37353-EC76-4A58-B575-BBA8B4BD06D1}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:07.013] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}]
[2014.11.23 19:51:07.014] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...

ESET - Part 2

 

[2014.11.23 19:51:07.020] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.23 19:51:07.021] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.23 19:51:07.022] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.23 19:51:07.022] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.23 19:51:07.022] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.23 19:51:07.022] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.23 19:51:07.022] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.23 19:51:07.022] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.23 19:51:07.022] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.23 19:51:07.026] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.23 19:51:07.037] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.23 19:51:07.037] - INFO: Win32/Poweliks found
[2014.11.23 19:51:24.852] - INFO: process: dllhost.exe, pid 6096, parent 5028
[2014.11.23 19:51:24.852] - INFO: Terminated process pid = 6096
[2014.11.23 19:51:24.855] - INFO: process: dllhost.exe, pid 7024, parent 672
[2014.11.23 19:51:24.855] - INFO: process: dllhost.exe, pid 3952, parent 6096
[2014.11.23 19:51:24.862] - INFO: Terminated process pid = 3952
[2014.11.23 19:51:24.865] - INFO: process: dllhost.exe, pid 7532, parent 672
[2014.11.23 19:51:24.867] - INFO: Terminated process pid = 7532
[2014.11.23 19:51:24.870] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.23 19:51:24.870] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.23 19:51:24.870] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.23 19:51:24.870] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.23 19:51:24.870] - INFO: Processing classes...
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{08FB66B9-2D2D-4B35-A747-D5D9E9F472E2}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{090746F9-9F39-42C0-920A-4852C2EDE704}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{0F9285DF-3511-4FE6-A587-CD8F61A121CA}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{21902B91-1E80-4282-AFDE-AB014CB4ED5A}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{220DFF67-87CE-4D26-8020-27E0B554A880}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{699A646B-C61E-4C36-A253-620E4EBD294C}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{71FDCAEA-B6F2-4B6C-A18C-6C85F0E4662F}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{7E024D23-24D9-425B-B2E3-1BF397408365}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{994E7954-2C4F-4C27-B4BF-1B0492A75494}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{A1436E43-F58F-4D3B-B908-B6DA44563B00}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{A480C024-04D0-4F28-8CF0-ADACE2BD839C}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{B41AD4BE-25BA-4A51-A0BB-FC1584E316F1}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{C9E37353-EC76-4A58-B575-BBA8B4BD06D1}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.872] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.875] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.876] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.877] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.878] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.879] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.880] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.881] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.882] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.883] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.884] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.885] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.886] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.887] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.888] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.889] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.890] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.891] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.892] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.893] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.894] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.895] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.896] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{DBFA3C03-20D5-4EE5-8C06-B8C4C2B71783}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.897] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FD10EA6A-0D14-4AA2-A376-0C8D51CA8779}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{0F9285DF-3511-4FE6-A587-CD8F61A121CA}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{699A646B-C61E-4C36-A253-620E4EBD294C}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{71FDCAEA-B6F2-4B6C-A18C-6C85F0E4662F}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}]
[2014.11.23 19:51:24.898] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.23 19:51:24.899] - INFO: Deleted classid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{C9E37353-EC76-4A58-B575-BBA8B4BD06D1}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
[2014.11.23 19:51:24.899] - INFO: Processing clsid [\Registry\User\S-1-5-21-775536879-1927795302-3616123917-1000\SOFTWARE\Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}]
[2014.11.23 19:51:24.899] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.23 19:51:24.899] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.23 19:51:24.900] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.23 19:51:24.900] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.23 19:51:24.900] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.23 19:51:24.900] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.23 19:51:24.900] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.23 19:51:24.900] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.23 19:51:24.900] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.23 19:51:24.900] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.23 19:51:24.900] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.23 19:51:24.900] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.23 19:51:24.900] - INFO: Cleaning status: 0
[2014.11.23 19:51:57.503] - End

FRST Log

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Gregory France (administrator) on GREGORYFRANCE on 23-11-2014 20:04:32
Running from C:\Users\Gregory France\Desktop
Loaded Profile: Gregory France (Available profiles: Gregory France)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
() C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
() C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccsvchst.exe
(Symantec) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccsvchst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe
(Google Inc.) C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Dropbox, Inc.) C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
() C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
(Axentra Corporation) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Memeo Instant Backup] => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2010-12-10] (Memeo Inc.)
HKLM-x32\...\Run: [Seagate Dashboard] => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [73728 2011-11-03] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106112 2014-01-21] (Symantec Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\...\Run: [Epson Stylus NX510(Network)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIA.EXE [223232 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-03-19] (Google Inc.)
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\...\Run: [PhotoshopElements8SyncAgent] => C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe [1954456 2011-09-01] (Adobe Systems Incorporated)
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\...\Run: [Google Update] => C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-05] (Google Inc.)
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\...\Policies\Explorer: [NoInstrumentation] 1
Startup: C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.juno.com/s/search?r=minisearch
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x72DB69216700CD01
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKU\S-1-5-21-775536879-1927795302-3616123917-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.juno.com/s/search?r=minisearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.juno.com/s/search?r=minisearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://my.juno.com/s/search?r=minisearch
URLSearchHook: HKU\S-1-5-21-775536879-1927795302-3616123917-1000 - URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files (x86)\JunoInternet\SearchEnh1.dll (Juno, Inc.)
SearchScopes: HKU\S-1-5-21-775536879-1927795302-3616123917-1000 -> {3CCA4B1C-FEE3-4ABF-9CFB-3B14A8691F1B} URL = http://search.juno.com/search?action=search&source=browserbox&query={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Pop-up Blocker -> {52706EF7-D7A2-49AD-A615-E903858CF284} -> C:\Program Files (x86)\JunoInternet\qsacc\X1IEBHO.dll (Juno, Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Juno Toolbar Helper -> {FE3098B1-04A3-41fd-8CA9-BEA39CB14C87} -> C:\Program Files (x86)\JunoInternet\ucreg.dll (Juno, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-775536879-1927795302-3616123917-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: junomsg - {C4D10830-379D-11d4-9B2D-00C04F1579A5} - C:\Program Files (x86)\Juno\bin\jmsgpph.dll (Juno Online Services, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default
FF Homepage: hxxp://www.nytimes.com/
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-775536879-1927795302-3616123917-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Gregory France\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-775536879-1927795302-3616123917-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Gregory France\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-775536879-1927795302-3616123917-1000: @talk.google.com/O1DPlugin -> C:\Users\Gregory France\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-775536879-1927795302-3616123917-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Gregory France\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-775536879-1927795302-3616123917-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Gregory France\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Gregory France\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Gregory France\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Printing Helper - C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\Extensions\hvkefshdhv@hvkefshdhv.org.xpi [1661-08-27]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://nytimes.com/
CHR StartupUrls: Default -> "hxxp://nytimes.com/"
CHR Profile: C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-21]
CHR Extension: (Google Drive) - C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-21]
CHR Extension: (Google Search) - C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-21]
CHR Extension: (Google Wallet) - C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 DiskDoctorService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1147424 2012-09-29] (Symantec Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [460144 2011-05-06] ()
R2 FlipShareServer; C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2011-05-06] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [361472 2011-08-20] (Alcatel-Lucent) [File not signed]
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [441344 2011-08-20] (Alcatel-Lucent) [File not signed]
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)
R2 NU16StartManagerSvc; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [792608 2012-09-29] (Symantec)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
R2 SeagateDashboardService; C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [8704 2011-11-03] (Memeo) [File not signed]
S3 SpeedDiskService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1160224 2012-09-29] (Symantec Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\BASHDefs\20141118.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1309010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\IPSDefs\20141121.001\IDSvia64.sys [637656 2014-11-14] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\VirusDefs\20141122.002\ENG64.SYS [129752 2014-10-28] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\VirusDefs\20141122.002\EX64.SYS [2137304 2014-10-28] (Symantec Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1309010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1309010.00E\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1309010.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1309010.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-23 20:04 - 2014-11-23 20:06 - 00023666 _____ () C:\Users\Gregory France\Desktop\FRST.txt
2014-11-23 20:04 - 2014-11-23 20:04 - 00000000 ____D () C:\FRST
2014-11-23 20:03 - 2014-11-23 20:03 - 02118144 _____ (Farbar) C:\Users\Gregory France\Desktop\frst64.exe
2014-11-23 19:51 - 2014-11-23 19:51 - 00398684 _____ () C:\Users\Gregory France\Desktop\ESETPoweliksCleaner.exe_20141123.195105.9852.log
2014-11-23 19:50 - 2014-11-23 19:50 - 00186568 _____ (ESET) C:\Users\Gregory France\Desktop\ESETPoweliksCleaner.exe
2014-11-22 11:28 - 2014-11-22 11:37 - 00007100 _____ () C:\Users\Gregory France\Desktop\attach.txt
2014-11-22 11:28 - 2014-11-22 11:27 - 00025352 _____ () C:\Users\Gregory France\Desktop\dds.txt
2014-11-22 11:25 - 2014-11-22 11:25 - 00688992 ____R (Swearware) C:\Users\Gregory France\Desktop\dds.com
2014-11-19 16:37 - 2014-11-19 16:37 - 00016917 _____ () C:\Users\Gregory France\Desktop\Juniors & Seniors for Service Hrs..xlsx
2014-11-19 07:43 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 07:43 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 07:43 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 07:43 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-14 20:12 - 2014-11-14 20:12 - 32507072 _____ (Microsoft Corporation) C:\Users\Gregory France\Desktop\Documents\Windows-KB890830-x64-V5.18.exe
2014-11-14 11:00 - 2014-11-14 11:00 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-12 09:08 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 09:08 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 09:08 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 09:08 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 09:08 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 09:08 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 09:08 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 09:08 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 09:08 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:08 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 09:08 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 09:08 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 09:08 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 09:08 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 09:08 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 09:08 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 09:08 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 09:08 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 09:08 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 09:08 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 09:08 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 09:08 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 09:08 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 09:08 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 09:08 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 09:08 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 09:08 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 09:08 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 09:08 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 09:07 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 09:07 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 09:07 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 09:07 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 09:07 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 09:07 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 09:07 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 09:07 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 09:07 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 09:07 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 09:07 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 09:07 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 09:07 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 09:07 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 09:07 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 09:07 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 09:07 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 09:07 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 09:07 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 09:07 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 09:07 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 09:07 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 09:07 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 09:07 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 09:07 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 09:07 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 09:07 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 09:07 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 09:07 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 09:07 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 09:07 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 09:07 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 09:07 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 09:07 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 09:07 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 09:07 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 09:07 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 09:07 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 09:07 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 09:07 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 09:06 - 2014-11-05 12:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 09:06 - 2014-11-05 12:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 09:06 - 2014-11-05 12:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 09:06 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 09:06 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 09:06 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 09:06 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 09:06 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 09:06 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 09:06 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 09:06 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 09:06 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 09:06 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 09:06 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 09:06 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 09:06 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 09:06 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 09:06 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 09:06 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 09:06 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 09:06 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 09:06 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 09:06 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 09:06 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 09:06 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 09:06 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 09:06 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 09:06 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 09:06 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 09:06 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 08:59 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 08:59 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-10 10:14 - 2014-11-10 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-08 17:37 - 2014-11-23 15:24 - 00000336 _____ () C:\Windows\SysWOW64\Engines.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-23 20:02 - 2009-07-13 23:45 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-23 20:02 - 2009-07-13 23:45 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-23 19:59 - 2012-03-10 05:49 - 01152647 _____ () C:\Windows\WindowsUpdate.log
2014-11-23 19:56 - 2014-08-10 09:33 - 00000000 ___RD () C:\Users\Gregory France\Dropbox
2014-11-23 19:55 - 2014-08-10 09:30 - 00000000 ____D () C:\Users\Gregory France\AppData\Roaming\Dropbox
2014-11-23 19:55 - 2014-07-11 17:23 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-23 19:55 - 2013-02-27 11:53 - 00000306 _____ () C:\Windows\Tasks\NUAutoUpdate.job
2014-11-23 19:55 - 2013-02-27 11:48 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-23 19:55 - 2012-03-19 09:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-23 19:53 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-23 19:52 - 2009-07-13 23:51 - 00073699 _____ () C:\Windows\setupact.log
2014-11-23 19:42 - 2012-03-19 09:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-23 19:41 - 2013-03-08 17:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-23 19:41 - 2013-02-27 11:53 - 00000298 _____ () C:\Windows\Tasks\NUSchedule.job
2014-11-23 19:41 - 2012-12-06 18:58 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000UA.job
2014-11-23 15:24 - 2013-02-27 19:00 - 00008058 _____ () C:\Windows\SysWOW64\AppLog.log
2014-11-23 14:52 - 2012-08-21 09:20 - 00000000 ____D () C:\Users\Gregory France\AppData\Roaming\Skype
2014-11-23 10:50 - 2012-04-28 14:49 - 00000000 ____D () C:\Users\Gregory France\AppData\Local\CrashDumps
2014-11-23 09:48 - 2012-12-06 18:58 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000Core.job
2014-11-22 18:48 - 2014-10-11 10:39 - 00000000 ____D () C:\Users\Gregory France\Desktop\SPONS. & MEMBERS
2014-11-22 10:54 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 10:16 - 2005-11-13 08:46 - 08575488 ___SH () C:\Users\Gregory France\Desktop\Thumbs.db
2014-11-22 08:20 - 2014-08-05 11:47 - 00000000 ____D () C:\Users\Gregory France\Desktop\RSA 2014-15
2014-11-18 14:22 - 2014-10-16 15:06 - 00000000 ____D () C:\Users\Gregory France\Desktop\HC Issues
2014-11-18 14:22 - 2012-03-13 15:20 - 00000000 ____D () C:\Users\Gregory France\Desktop\Mo's Docs
2014-11-18 14:02 - 2014-08-05 11:45 - 00000000 ____D () C:\Users\Gregory France\Desktop\O COLLEGE
2014-11-18 02:06 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-11-17 15:39 - 2014-08-22 12:09 - 00000000 ____D () C:\Users\Gregory France\Desktop\OPG web
2014-11-15 20:07 - 2012-03-13 15:21 - 00000000 ____D () C:\Users\Gregory France\Desktop\Pix
2014-11-15 03:03 - 2012-12-06 18:58 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000UA
2014-11-15 03:03 - 2012-12-06 18:58 - 00003536 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000Core
2014-11-14 19:33 - 2014-08-10 09:33 - 00001065 _____ () C:\Users\Gregory France\Desktop\Dropbox.lnk
2014-11-14 19:33 - 2014-08-10 09:32 - 00000000 ____D () C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-14 11:00 - 2014-07-11 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-14 11:00 - 2014-07-11 17:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-13 10:23 - 2012-03-12 18:12 - 00100056 _____ () C:\Users\Gregory France\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 04:29 - 2012-03-19 09:04 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 04:29 - 2012-03-19 09:04 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 04:22 - 2009-07-13 23:45 - 00366928 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 04:20 - 2012-03-13 12:31 - 00000000 ____D () C:\ProgramData\Norton
2014-11-13 04:19 - 2014-05-07 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 04:03 - 2012-03-13 21:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:40 - 2013-08-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 08:53 - 2012-05-05 09:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 07:57 - 2013-03-08 17:30 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 07:56 - 2012-12-29 10:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 07:56 - 2012-03-12 23:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-11 18:29 - 2012-03-13 15:20 - 00000000 ____D () C:\Users\Gregory France\Desktop\BPA web
2014-11-11 01:03 - 2012-03-14 19:56 - 00000000 ____D () C:\Users\Gregory France\AppData\Roaming\Mozilla
2014-11-02 13:45 - 2013-08-08 17:52 - 00000000 ____D () C:\Users\Gregory France\Desktop\3637 RSA
2014-10-31 23:26 - 2012-03-10 15:10 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-30 18:47 - 2014-03-31 18:58 - 00000000 ____D () C:\Users\Gregory France\Desktop\MENTORS 2014
2014-10-27 09:01 - 2009-07-14 00:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
 
Some content of TEMP:
====================
C:\Users\Gregory France\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp01osog.dll
C:\Users\Melissa\AppData\Local\Temp\drm_dyndata_7320010.dll
C:\Users\Melissa\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-18 01:50
 
==================== End Of Log ============================
 
Additions:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by Gregory France at 2014-11-23 20:06:46
Running from C:\Users\Gregory France\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version:  - ArcSoft)
ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version:  - ArcSoft)
ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version:  - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version:  - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version:  - ArcSoft)
ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version:  - ArcSoft)
ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version:  - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}) (Version: 2.8.255.384 - ArcSoft)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.02 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J825DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
CCScore (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.2.10218.1 - Cisco Consumer Products LLC)
Citrix Online Launcher (HKLM-x32\...\{F82C81F9-ADB5-42BD-AFE9-DD5DFDD215E3}) (Version: 1.0.135 - Citrix)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-775536879-1927795302-3616123917-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON NX510 Series Printer Uninstall (HKLM\...\EPSON NX510 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
ESSBrwr (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSgui (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPDock (x32 Version: 6.03.0001.0004 - EASTMAN KODAK Company) Hidden
ESSTOOLS (x32 Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (x32 Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
Family Tree Maker 2012 (HKLM-x32\...\Family Tree Maker 2012) (Version: 21.0.388 - Ancestry.com, Inc.)
Family Tree Maker 2012 (x32 Version: 21.0.388 - Ancestry.com, Inc.) Hidden
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
FlipShare (HKLM-x32\...\{97C658D2-61FB-027F-0D76-E9CDC84AFEC7}) (Version: 5.12.3.0 - Flip Video)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 5.9.0.1216 (HKU\S-1-5-21-775536879-1927795302-3616123917-1000\...\GoToMeeting) (Version: 5.9.0.1216 - CitrixOnline)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Juno Internet (HKLM-x32\...\{a0296e52-6e9b-11d6-ace4-00105a0cf83f}) (Version: Juno QuickStart - United Online)
Kodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version:  - Eastman Kodak Company)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7876 - Memeo Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
netbrdg (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 19.9.1.14 - Symantec Corporation)
Norton Utilities 16 (HKLM-x32\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
OfotoXMI (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1548 - Memeo Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SFR (x32 Version: 8.01.0000.0001 - Eastman Kodak Company) Hidden
SHASTA (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
skin0001 (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
staticcr (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
TreeSize 1.7 (HKLM-x32\...\TreeSize_is1) (Version:  - JAM Software)
VPRINTOL (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WIRELESS (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Gregory France\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1216\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gregory France\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-775536879-1927795302-3616123917-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> No File Path
 
==================== Restore Points  =========================
 
18-11-2014 16:50:14 Scheduled Checkpoint
20-11-2014 02:06:04 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {2C6FBC6B-B0E3-4F3F-BE02-07A8517CD0BE} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation)
Task: {368A01E8-C238-44CE-ABCB-FF4175450426} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000UA => C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-05] (Google Inc.)
Task: {48CF53B2-DC7E-47D1-A9A8-3722905B1138} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {62266262-6050-4D58-B162-BF89FA92B41A} - System32\Tasks\AdobeAAMUpdater-1.0-GregoryFrance-Gregory France => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {741FEF21-2E00-4AB3-8C62-6018E4D6F46E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000Core => C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-05] (Google Inc.)
Task: {7AA616BE-B74B-41EA-A724-B613C19ED941} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {7E66EB93-3550-4A70-9DB7-B6DBCDAFEB01} - System32\Tasks\NUSchedule => C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe [2014-01-21] (Symantec)
Task: {7F64ACE5-B530-4BF1-8DFF-E98D25B1EEA0} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation)
Task: {9B8165EE-EC51-4241-8357-1FBB7341F162} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C08E36A1-0BBB-43F9-8EB9-3B2786CAAC45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {C3A7DC95-3AC6-4A69-87DC-8656F822B639} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\WSCStub.exe [2013-02-01] (Symantec Corporation)
Task: {D7264BB2-D0E1-4F0D-9957-0A823D2EE5BC} - System32\Tasks\NUAutoUpdate => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [2013-11-08] (Symantec)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000Core.job => C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000UA.job => C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\NUAutoUpdate.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe
Task: C:\Windows\Tasks\NUSchedule.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-05-06 12:07 - 2011-05-06 12:07 - 00460144 _____ () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
2011-05-06 11:58 - 2011-05-06 11:58 - 01085440 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
2013-05-19 09:02 - 2005-04-21 23:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2010-12-10 20:49 - 2010-12-10 20:49 - 00324320 _____ () C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll
2011-05-06 12:07 - 2011-05-06 12:07 - 04317184 _____ () C:\Program Files (x86)\Flip Video\FlipShare\Core.dll
2011-05-06 12:02 - 2011-05-06 12:02 - 00737280 _____ () C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 08351744 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll
2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtNetwork4.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll
2010-10-25 23:06 - 2010-10-25 23:06 - 00364544 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll
2010-10-26 07:34 - 2010-10-26 07:34 - 11853824 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtWebKit4.dll
2010-10-25 23:37 - 2010-10-25 23:37 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\phonon4.dll
2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoFoundation.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoNet.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoXML.dll
2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtCore4.dll
2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtNetwork4.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtSql4.dll
2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoFoundation.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNet.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00175616 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNetSSL.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00291840 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoUtil.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoXML.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00110592 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoCrypto.dll
2011-09-01 01:22 - 2011-09-01 01:22 - 03040920 _____ () C:\Program Files (x86)\Adobe\Elements 10 Organizer\QtCore4.dll
2011-09-01 01:22 - 2011-09-01 01:22 - 10729624 _____ () C:\Program Files (x86)\Adobe\Elements 10 Organizer\QtGui4.dll
2011-09-01 01:27 - 2011-09-01 01:27 - 00286360 _____ () C:\Program Files (x86)\Adobe\Elements 10 Organizer\QtPlugins\imageformats\qjpeg4.dll
2014-11-23 19:55 - 2014-11-23 19:55 - 00043008 _____ () c:\Users\Gregory France\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp01osog.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\libcef.dll
2012-03-13 20:39 - 2009-03-12 14:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2012-03-13 20:39 - 2008-11-21 12:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2013-05-19 09:01 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2011-11-03 13:09 - 2011-11-03 13:09 - 00102912 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
2011-11-03 13:10 - 2011-11-03 13:10 - 00025600 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
2011-11-03 13:10 - 2011-11-03 13:10 - 00015360 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.TroubleshootingPlugin.dll
2011-11-03 13:10 - 2011-11-03 13:10 - 00014848 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.VideoTutorialsPlugin.dll
2010-12-10 20:50 - 2010-12-10 20:50 - 02896608 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
2010-12-10 20:50 - 2010-12-10 20:50 - 00026848 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2010-03-22 17:59 - 2010-03-22 17:59 - 00504293 _____ () C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.DLL
2010-04-20 12:22 - 2010-04-20 12:22 - 00241664 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
2010-04-20 12:22 - 2010-04-20 12:22 - 00971776 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
2014-11-22 13:37 - 2014-11-14 16:15 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libglesv2.dll
2014-11-22 13:37 - 2014-11-14 16:15 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libegl.dll
2014-11-22 13:37 - 2014-11-14 16:15 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\pdf.dll
2014-11-22 13:37 - 2014-11-14 16:15 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll
2014-11-10 10:14 - 2014-11-10 10:14 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk => C:\Windows\pss\Kodak EasyShare software.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-775536879-1927795302-3616123917-500 - Administrator - Disabled)
Gregory France (S-1-5-21-775536879-1927795302-3616123917-1000 - Administrator - Enabled) => C:\Users\Gregory France
Guest (S-1-5-21-775536879-1927795302-3616123917-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-775536879-1927795302-3616123917-1004 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/23/2014 08:05:50 PM) (Source: ESENT) (EventID: 104) (User: )
Description: taskhost (2248) WebCacheLocal: The database engine stopped the instance (0) with error (-510).
 
Error: (11/23/2014 08:05:47 PM) (Source: ESENT) (EventID: 492) (User: )
Description: taskhost (2248) WebCacheLocal: The logfile sequence in "C:\Users\Gregory France\AppData\Local\Microsoft\Windows\WebCache\" has been halted due to a fatal error.  No further updates are possible for the databases that use this logfile sequence.  Please correct the problem and restart or restore from backup.
 
Error: (11/23/2014 08:05:47 PM) (Source: ESENT) (EventID: 413) (User: )
Description: taskhost (2248) WebCacheLocal: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1811.
 
Error: (11/23/2014 08:05:47 PM) (Source: ESENT) (EventID: 486) (User: )
Description: taskhost (2248) WebCacheLocal: An attempt to move the file "C:\Users\Gregory France\AppData\Local\Microsoft\Windows\WebCache\V0105933.log" to "C:\Users\Gregory France\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log" failed with system error 2 (0x00000002): "The system cannot find the file specified. ".  The move file operation will fail with error -1811 (0xfffff8ed).
 
Error: (11/23/2014 07:55:38 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/23 19:55:38.845]: [00003096]: Initialize TwdsMain Class failed!
 
Error: (11/23/2014 07:55:38 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/23 19:55:38.845]: [00003096]: ##### Fatal ERROR!! Create STI-device failed! #####
 
Error: (11/23/2014 07:55:30 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/23 19:55:30.671]: [00003096]: Initialize TwdsMain Class failed!
 
Error: (11/23/2014 07:55:30 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/23 19:55:30.671]: [00003096]: ##### Fatal ERROR!! Create STI-device failed! #####
 
Error: (11/23/2014 07:42:06 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/23 19:42:06.279]: [00004476]: Initialize TwdsMain Class failed!
 
Error: (11/23/2014 07:42:06 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/23 19:42:06.279]: [00004476]: ##### Fatal ERROR!! Create STI-device failed! #####
 
 
System errors:
=============
Error: (11/23/2014 07:56:00 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
 
Error: (11/23/2014 07:54:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (11/23/2014 07:54:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (11/23/2014 07:52:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (11/23/2014 07:42:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (11/23/2014 03:27:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (11/23/2014 03:27:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (11/23/2014 03:26:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:24:02 PM on ‎11/‎23/‎2014 was unexpected.
 
Error: (11/23/2014 03:23:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (120000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
 
Error: (11/22/2014 10:19:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (120000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
 
 
Microsoft Office Sessions:
=========================
Error: (11/23/2014 08:05:50 PM) (Source: ESENT) (EventID: 104) (User: )
Description: taskhost2248WebCacheLocal: 0-510
 
Error: (11/23/2014 08:05:47 PM) (Source: ESENT) (EventID: 492) (User: )
Description: taskhost2248WebCacheLocal: C:\Users\Gregory France\AppData\Local\Microsoft\Windows\WebCache\
 
Error: (11/23/2014 08:05:47 PM) (Source: ESENT) (EventID: 413) (User: )
Description: taskhost2248WebCacheLocal: -1811
 
Error: (11/23/2014 08:05:47 PM) (Source: ESENT) (EventID: 486) (User: )
Description: taskhost2248WebCacheLocal: C:\Users\Gregory France\AppData\Local\Microsoft\Windows\WebCache\V0105933.logC:\Users\Gregory France\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log-1811 (0xfffff8ed)2 (0x00000002)The system cannot find the file specified.
 
Error: (11/23/2014 07:55:38 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/11/23 19:55:38.845]: [00003096]: Initialize TwdsMain Class failed!
 
Error: (11/23/2014 07:55:38 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/11/23 19:55:38.845]: [00003096]: ##### Fatal ERROR!! Create STI-device failed! #####
 
Error: (11/23/2014 07:55:30 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/11/23 19:55:30.671]: [00003096]: Initialize TwdsMain Class failed!
 
Error: (11/23/2014 07:55:30 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/11/23 19:55:30.671]: [00003096]: ##### Fatal ERROR!! Create STI-device failed! #####
 
Error: (11/23/2014 07:42:06 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/11/23 19:42:06.279]: [00004476]: Initialize TwdsMain Class failed!
 
Error: (11/23/2014 07:42:06 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/11/23 19:42:06.279]: [00004476]: ##### Fatal ERROR!! Create STI-device failed! #####
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X2 240 Processor
Percentage of memory in use: 32%
Total physical RAM: 7934.98 MB
Available physical RAM: 5348.48 MB
Total Pagefile: 15868.13 MB
Available Pagefile: 13177.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (Melissa 500 GB) (Fixed) (Total:465.66 GB) (Free:206.75 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 259D4594)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 gpf262

gpf262
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 23 November 2014 - 10:09 PM

Yea!  ZOEK finally ran! here is the log:

 

 
Zoek.exe v5.0.0.0 Updated 23-11-2014
Tool run by Gregory France on Sun 11/23/2014 at 21:40:14.87.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gregory France\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
11/23/2014 9:54:25 PM Zoek.exe System Restore Point Created Succesfully.
 
==== Running Processes ======================
 
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Users\Gregory France\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
 
==== System Specs ======================
 
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 7935 MB
CPU Info: AMD Athlon™ II X2 240 Processor
CPU Speed: 2758.7 MHz
Sound Card: Speakers (3- Dell AC511 USB Sou | 
Digital Audio (HDMI) (High Defi | 
Speakers (High Definition Audio | 
Display Adapters: ATI Radeon HD 4200 | ATI Radeon HD 4200 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Broadcom NetLink ™ Gigabit Ethernet
CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GH22NS90
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C:  465.7GB
Hard Disks - Free: C:  212.0GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE | 08/16/32 | DELL   - 20100930
Time Zone: Eastern Standard Time
Motherboard *: Dell Inc. 04GJJT
Country: United States 
Language: ENU 
 
==== System Specs (Software) ======================
 
Anti-Virus: Norton AntiVirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Norton AntiVirus disabled (Outdated)
Internet Explorer Version: 11.0.9600.17420 
Mozilla Firefox version: 33.1 (x86 en-US)
Google Chrome version: 39.0.2171.65
Adobe Reader version: 11.0.9.29
Sun Java version: 1.7.0_17 (32-bit) 
Flash Player version: 15.0.0.223
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
====== C:\Users\GREGOR~1\AppData\Local\Temp ====
2014-11-24 01:56:49 EB4686F6F4BE2B00AA40978D551F66C4 43008 ----a-w- C:\Users\Gregory France\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm9ovll.dll
2014-11-22 23:22:43 E325A1ABF2253CC1D992258DC7C5340E 5541 ----a-w- C:\Users\Gregory France\AppData\Local\Temp\1460\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TAS3MOPA\Setup v2 1[1].exe
2014-11-14 03:17:28 0AEB3ECCBEAB74A863F82B8D61E42925 23095 ----a-w- C:\Users\Gregory France\AppData\Local\Temp\10ec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NAS6XI4K\aol_oneclick[1].exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-11-19 12:43:10 ADFB31FA72AFE0298A60BF4AC1045A42 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2014-11-19 12:43:10 98B3C919C6B9C5F810FF2CAFA339822B 186880 ----a-w- C:\Windows\SysWOW64\pku2u.dll
2014-11-12 14:08:06 8FE6AB488ECDC60930CE973A7051B0D4 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 14:08:06 8CFAEFCD7F1E004950FCAE870A501B3E 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll
2014-11-12 14:08:05 B580A6B9932669DE703001AEE66D5BB1 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 14:08:05 9CEA80FFC617E6B6DD7B52E6225C0D38 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 14:08:05 8205E55DFB11809E5F2AAD1C48840535 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2014-11-12 14:08:05 37BC079204BF9B087D6DE6B728908B4B 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2014-11-12 14:08:01 FB56C76FEA44693752BD99D7D9930ABA 341168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 14:08:01 B6273619A3DF28F03B64E911E45A6AB2 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-11-12 14:08:01 A6E51BDCB8F4B84E874F918F0452763D 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 14:08:01 93074C4FA92A8399404D032F6AF72C1B 19781632 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-11-12 14:08:01 843BD9DAF03ABB6761DEE6D155301F28 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 14:08:01 66F4FFDBCD501260ABC198317D2B0D10 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 14:08:01 5D5640C34C4A97467F77489DBB157568 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 14:08:01 4772DB007FFBD4BBE3F526704BCA67FE 1310208 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-11-12 14:08:01 26EE6C9780A8FC872C60F9E35D7EBD4B 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 14:08:00 5972510EF1C6097D9C14C17387A5EDB2 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 14:07:59 FA310BD4A5DE904445DDDE54C5A654F2 2277376 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-11-12 14:07:59 8A46404AC1AEB22AA2D4C906D0FC86C2 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 14:07:59 7748B3DDDC92C7FC11F7462DB872E8E7 2051072 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 14:07:59 6DDC0F44A70976C492CB1666BA9A7912 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 14:07:59 5E01004CBC35A78FE2AB4016CCAD4760 708096 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 14:07:59 4F8CD74CD69A94ED1A5D7E837A356F4E 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 14:07:59 19D68FDEE62519C5A0387EB4E88A01EF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-11-12 14:07:58 A1A2EE55A2C69F79AED00973E604B9C4 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 14:07:58 8585BC27224F97458C186AA085B754A7 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-11-12 14:07:58 36EE0A2A981617610F921BCBB997DB06 12819456 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-11-12 14:07:57 AE39939F1E25401B9A4952A7A8D372AC 4298240 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2014-11-12 14:07:57 4169C6A6613856D69224498620F0C2B5 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 14:07:56 9ED3132B7F0D36FA9911721E8B2CB968 501248 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-11-12 14:07:56 755D0A90CFC4BCB178D7070B0351F0AE 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 14:07:56 6DD7D61A8EF3DFEC4FAEFEB395E77424 1892864 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-11-12 14:07:56 139E85C4E5DF322AE1BF6544D8C32B0A 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-11-12 14:06:48 537184E7306E06BB22C5B93D2AFA4DF8 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll
2014-11-12 14:06:48 09FA271EE1F9AD68B2D1C1C210F4B71F 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 14:06:39 9AB39ADD28C7C1A685B1EA8C6A25CF08 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll
2014-11-12 14:06:39 980EEEE8815DA7593708774D1225BD35 681984 ----a-w- C:\Windows\SysWOW64\adtschema.dll
2014-11-12 14:06:39 9216ABFD53F5EC1F35C3554AD1A175DE 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2014-11-12 14:06:39 13E5B1CD503A4B21E9F0A2D55A00198B 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2014-11-12 14:06:32 CB55B9AAB060C803BE4AD229AA0FEC28 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll
2014-11-12 14:06:29 5FDBDEECA34E73325D87C5ACD16A3EEC 701440 ----a-w- C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 14:06:26 8D338464B851DDD76E2B876A3E09EB70 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 14:06:25 FD79B005E849DF3D7E9B5EB7A637C528 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 14:06:25 AA7325057A1E1CC401798C0B1238E182 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 14:06:21 0F39AC3274312EFFD03928291E8BA7CA 67584 ----a-w- C:\Windows\SysWOW64\packager.dll
2014-11-12 13:59:52 EDA54D2E17C0271D2CDA946ABE344110 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-11-19 12:43:10 8A8CB073A4B9F9D97CFA8CA9C1C851CE 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll
2014-11-19 12:43:10 1306E6A1BF4D506CD687DF9F947270F2 241152 ----a-w- C:\Windows\Sysnative\pku2u.dll
2014-11-12 14:08:08 93C055B6AAD76360A60CB7E59A491531 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys
2014-11-12 14:08:06 A71B81AC2C14ABA013CCF1225D9E3E36 342016 ----a-w- C:\Windows\Sysnative\schannel.dll
2014-11-12 14:08:06 109CC0DF72CC07A6CB59D2995255A1DA 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2014-11-12 14:08:05 DF30FC54FFF79BC744B22A4850A3CF92 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2014-11-12 14:08:05 55F0CF40479A1FC89CFA578909A540F2 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2014-11-12 14:08:05 47C48C705F4F1EFC99B50B43AE4301FE 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2014-11-12 14:08:05 336BA030AB7B05300CB0B5C6AFB27176 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2014-11-12 14:08:01 854B230F5D77486B67D809FFB8A10C7E 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-11-12 14:08:01 7293701905DF1F40760C851F20DDC9EC 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-11-12 14:08:01 4E47ABA3C6C5032446A2AF7EFD026037 716800 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-11-12 14:08:01 33098C85B789630865CD3F5D22FB0DFC 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-11-12 14:08:01 26BC4EC95E363DD59171710E22108F15 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-11-12 14:08:01 1F3794CE1AEA5DA12ACF90210EAE4ECB 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-11-12 14:07:59 E17C34BECCD1388E9B386A9F82F01222 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-11-12 14:07:59 C6A719FD0B07B2DD0ADACD07636F4BAD 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-11-12 14:07:59 56651A76C63DAF2C593F1F767FC8A856 1550336 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-11-12 14:07:59 1C216980E7D21100A357B52B3C45F78D 388272 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2014-11-12 14:07:58 BD708EBEDB35E474F1A19747154ACC47 799232 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-11-12 14:07:58 6507CA9349500A535AF70670F248E525 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-11-12 14:07:58 2A1A7F17C906941334C6A67E935F214B 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-11-12 14:07:58 1E30BECF0DB35481588FB72C9CF97CA2 800768 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-11-12 14:07:57 BA4EC6139B8830BBA9CC5D065CA5796C 2884096 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-11-12 14:07:57 5C9D58591D0091630452B04F35527240 2124288 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-11-12 14:07:56 69602F6259598A7837CB83D3608FE293 633856 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-11-12 14:07:56 31F2A5ECFD2C75F970A3007ACD5627C7 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-11-12 14:07:56 277A4735954F1BF29EE3D138A5251BFE 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-11-12 14:07:56 154B8555A118BCFD95F358390E418B00 14390272 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-11-12 14:07:56 08BCDD6C9E23D00309F359620461DFE8 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-11-12 14:07:55 F208D7FB40FD80EA9F123BABF687359C 6040064 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-11-12 14:07:55 98088A13F65BE35DA3693F264740CEEC 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2014-11-12 14:07:55 7EE5FBD190BF5B27F7977EA6CBF0DCAC 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2014-11-12 14:07:55 7EC80DB959695D4F927D2D601DA59F35 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-11-12 14:07:54 EE3592B010E3F69D141323E592C01A1A 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-11-12 14:07:54 BBD6A636AAA65D874F3863280CD8373D 25110016 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-11-12 14:07:54 B6DC4597FF946B0C8B29650A71F52D4E 580096 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-11-12 14:07:54 6FC2819A4F80AAB2DADEDFC1EFEE3C3F 2365440 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-11-12 14:07:54 4B6D9AB2ECD11AF5F6B1C42D938E0A85 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2014-11-12 14:06:49 364ECFF4ABD9D575F4F7CF7EB7928EF3 1882624 ----a-w- C:\Windows\Sysnative\msxml3.dll
2014-11-12 14:06:48 D005697F0467BBDDAB7638496DA5DB52 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll
2014-11-12 14:06:39 C4C1B73FC2FF151BA08E1EAFDE2A2FAF 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2014-11-12 14:06:39 7184AEACDA13E64B10F84E9DD79C8A01 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll
2014-11-12 14:06:39 58F87BF5659C8EBC61EB439C916F2F9A 681984 ----a-w- C:\Windows\Sysnative\adtschema.dll
2014-11-12 14:06:39 008CD4EBFABCF78D0F19B3778492648C 683520 ----a-w- C:\Windows\Sysnative\termsrv.dll
2014-11-12 14:06:35 F992AAE3F2DF1D7D2A75B681B0C5280E 304640 ----a-w- C:\Windows\Sysnative\generaltel.dll
2014-11-12 14:06:34 9F1FA4F36406693C77CC5779AA7E532D 228864 ----a-w- C:\Windows\Sysnative\aepdu.dll
2014-11-12 14:06:34 6021CF6A11DE9B5FC1BD210B6855C497 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll
2014-11-12 14:06:33 2720C94ADCC1727A66365CCB1CE456C4 3241984 ----a-w- C:\Windows\Sysnative\msi.dll
2014-11-12 14:06:29 1FEBD408F32DFC523882E7DA5AC57819 878080 ----a-w- C:\Windows\Sysnative\IMJP10K.DLL
2014-11-12 14:06:27 9383B21A4B77C130940262DDC5F3F49B 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll
2014-11-12 14:06:26 DE3E38431B00C2EA247C53675DCF01A0 680960 ----a-w- C:\Windows\Sysnative\audiosrv.dll
2014-11-12 14:06:26 B1BB7B91C3C878FDB2874138CE81C4EF 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll
2014-11-12 14:06:26 A2C9E45F4069A002E985D1563D16813B 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll
2014-11-12 14:06:25 FAFCB80D42A65964B6F4945283B8C10F 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll
2014-11-12 14:06:21 934735F508E297504460935B71E99F0B 77824 ----a-w- C:\Windows\Sysnative\packager.dll
2014-11-12 13:59:52 B938AF16A521C913791C6F7AFF032757 861696 ----a-w- C:\Windows\Sysnative\oleaut32.dll
====== C:\Windows\Sysnative\drivers =====
2014-11-12 14:06:39 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Gregory France\AppData\Roaming ======
====== C:\Users\Gregory France ======
2014-11-24 01:03:49 7AEDDC1A55682B74EA03E81C1527D8F7 2118144 ----a-w- C:\Users\Gregory France\Desktop\frst64.exe
2014-11-24 00:50:18 7650EF7FFE338A50ADE28288FB601B7A 186568 ----a-w- C:\Users\Gregory France\Desktop\ESETPoweliksCleaner.exe
2014-11-22 16:25:40 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Gregory France\Desktop\dds.com
 
====== C: exe-files ==
2014-11-24 02:16:44 D5D30E7AB9E244A2FB601F1E9C5F6A2C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$IOPJXKX.exe
2014-11-24 02:10:02 A3645625B0842C8D9222D7B8348103D8 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$ISI1PTM.exe
2014-11-24 01:59:27 BEDB5DA3735FF0E6578A8CA2FC305A60 1294848 ----a-w- C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$RSI1PTM.exe
2014-11-24 01:02:32 AEF339424F933D9C605FE58B55B427F4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$IQQ0YBV.exe
2014-11-24 01:01:44 8E33AD0CBF8DCA875D691B4BC4BE8BC8 1110016 ----a-w- C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$RQQ0YBV.exe
2014-11-22 23:22:43 E325A1ABF2253CC1D992258DC7C5340E 5541 ----a-w- C:\Users\Gregory France\AppData\Local\Temp\1460\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TAS3MOPA\Setup v2 1[1].exe
2014-11-22 18:36:22 DBDC93187B17D055F0B17838C7D264BE 6838864 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.65\39.0.2171.65_38.0.2125.111_chrome_updater.exe
=== C: other files ==
2014-11-24 02:16:54 0C875E59814A3896F81B1E202CC75A6C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$IYQ4WMY.com
2014-11-24 02:16:32 78958836F0C391749D7C9616ECDF2A09 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$INKGXYS.zip
2014-11-24 02:09:58 FE5B3A3225F610B7220AFDC118613ED8 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$I2A4ATF.com
2014-11-24 01:23:29 6917E2E2CD960859D679A54F796D9DC9 4124640 ----a-w- C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$RNKGXYS.zip
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-21-775536879-1927795302-3616123917-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Epson Stylus NX510(Network)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIA.EXE /FU C:\Windows\TEMP\E_S26A3.tmp /EF HKCU"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"PhotoshopElements8SyncAgent"="C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe"
"Google Update"="C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"EEventManager"="C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe"
"LifeCam"="C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
"ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"Memeo Instant Backup"="C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui"
"Seagate Dashboard"="C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SSDMonitor"="C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"IndexSearch"="C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
"PaperPort PTD"="C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
"PPort12reminder"="C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe -r C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
"PDFHook"="C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe"
"PDF5 Registry Controller"="C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe"
"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun"
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Epson Stylus NX510(Network)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIA.EXE /FU C:\Windows\TEMP\E_S26A3.tmp /EF HKCU"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"PhotoshopElements8SyncAgent"="C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe"
"Google Update"="C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
 
==== Startup Registry Disabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Kodak EasyShare software.lnk"
"backup"="C:\\Windows\\pss\\Kodak EasyShare software.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\Kodak\\KODAKE~1\\bin\\EASYSH~1.EXE -hx"
"item"="Kodak EasyShare software"
 
 
==== Startup Folders ======================
 
2014-08-10 14:32:57 1079 ----a-w- C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/12/2014 07:56 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/18/2014 12:22 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/18/2014 12:22 AM]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000Core.job --a------ C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe [09/05/2012 05:24 PM]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000UA.job --a------ C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe [09/05/2012 05:24 PM]
C:\Windows\tasks\NUAutoUpdate.job --a------ C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [11/08/2013 08:53 AM]
C:\Windows\tasks\NUSchedule.job --a------ C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe [01/21/2014 07:57 AM]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-GregoryFrance-Gregory France" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000Core" [C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-775536879-1927795302-3616123917-1000UA" [C:\Users\Gregory France\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\WSCStub.exe"]
"C:\Windows\SysNative\tasks\NUAutoUpdate" [C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe]
"C:\Windows\SysNative\tasks\NUSchedule" [C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe]
"C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\SymErr.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=0 folders=0 0 bytes)
 
==== EOF on Sun 11/23/2014 at 22:03:44.95 ======================


#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:26 PM

Posted 24 November 2014 - 12:28 PM

:thumbup2:

warning.gif Malware Warning

All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums from a CLEAN COMPUTER.

Let's do a final check up:

Step 1


Don't remove on your own anything that Hitman Pro detects!
This scanner, as it is a really good for checking, has been known for deleting files instead of curing them, which in some cases may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!


Please download hitmanpro_32.pngHitmanPro 32-bit / HitmanPro 64-bit by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click onhitmanpro.pngicon and select admin.PNGRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button (1). You must agree with the terms of EULA (2 - if asked).
  • Check the box beside "No, I only want to perform a one-time scan to check this computer" and click on the Next button. (3)
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on Save Log (4) and close HitmanPro! (5)
  • Copy and paste the content of the log file in your next reply.
hitman.gif


Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

lesestoff.png

Can you please tell me which problems still persist now?
How is the computer running?

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 gpf262

gpf262
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 24 November 2014 - 09:58 PM

Greetings,

 

So far  the symptoms of the malware popups has disappeared.  The results of the first scan were good,but there were a couple (4) items flagged in the ESET scan.  Logs follow:

 

Hitman:

HitmanPro 3.7.9.232
www.hitmanpro.com
 
   Computer name . . . . : GREGORYFRANCE
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : GregoryFrance\Gregory France
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2014-11-24 13:58:13
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 14m 34s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 72
 
   Objects scanned . . . : 5,476,529
   Files scanned . . . . : 712,537
   Remnants scanned  . . : 3,659,335 files / 1,104,657 keys
 
Suspicious files ____________________________________________________________
 
   C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$RQQ0YBV.exe
      Size . . . . . . . : 1,110,016 bytes
      Age  . . . . . . . : 0.7 days (2014-11-23 20:01:44)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : AC70822A352AEDB164FB7BE5C46C9D4AA73F2C81C600CFF7382A4943A34F9117
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
 
   C:\Users\Gregory France\Desktop\frst64.exe
      Size . . . . . . . : 2,118,144 bytes
      Age  . . . . . . . : 0.7 days (2014-11-23 20:03:49)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 00EAA9915EDE35DCF294023D59351A0FBFD132D6C0E3E5729FF1352009726F49
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -47.2s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ccSubSDK\{CE3A002A-4266-4C2F-8C7C-8DBC733C2DBD}
         -47.2s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ccSubSDK\{CE3A002A-4266-4C2F-8C7C-8DBC733C2DBD}
         -23.0s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ccSubSDK\{C2A14C48-F1B9-45A2-BB54-120EBDF30C4F}
         -5.8s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ErrorInstances\99C6F3BA\
         -5.8s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ErrorInstances\99C6F3BA\462A1768-9743-4231-A47E-94268A2E5900.dat
         -4.5s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ccSubSDK\{400A0A9A-E728-41F1-9AF5-0BA20D0B543D}
         -3.7s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ErrorInstances\50C72DE6\
         -2.5s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ErrorInstances\50C72DE6\51B506E5-C47B-4649-A124-FDA25C138E84.dat
          0.0s C:\Users\Gregory France\Desktop\frst64.exe
 
 
Cookies _____________________________________________________________________
 
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Cookies\8UZ8PSTZ.txt
   C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Cookies\IRVQ6YTU.txt
   C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Cookies\PO4YYVQP.txt
   C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Cookies\QPA1Y5O6.txt
   C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Cookies\X6A0C00I.txt
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:2o7.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ad.360yield.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:adlegend.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.advance.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.altitude-arena.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.bridgetrack.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.mediade.sk
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.nj.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.p161.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.pointroll.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.stickyadstv.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.undertone.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:adtech.de
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:adtechus.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:advertising.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ar.atwola.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:at.atwola.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:atdmt.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:atwola.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:burstnet.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:casalemedia.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:collective-media.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:doubleclick.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:fastclick.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:googleadservices.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:interclick.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:media6degrees.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:mediaplex.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:network.realmedia.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:pointroll.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:questionmarket.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:realmedia.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:revsci.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ru4.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:serving-sys.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:smartadserver.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:stat.dealtime.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:stat.komoona.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:statcounter.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:track.nextuser.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:tribalfusion.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:www.burstnet.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:zedo.com
 
 
 
 
ESET Log:
 
HitmanPro 3.7.9.232
www.hitmanpro.com
 
   Computer name . . . . : GREGORYFRANCE
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : GregoryFrance\Gregory France
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2014-11-24 13:58:13
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 14m 34s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 72
 
   Objects scanned . . . : 5,476,529
   Files scanned . . . . : 712,537
   Remnants scanned  . . : 3,659,335 files / 1,104,657 keys
 
Suspicious files ____________________________________________________________
 
   C:\$Recycle.Bin\S-1-5-21-775536879-1927795302-3616123917-1000\$RQQ0YBV.exe
      Size . . . . . . . : 1,110,016 bytes
      Age  . . . . . . . : 0.7 days (2014-11-23 20:01:44)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : AC70822A352AEDB164FB7BE5C46C9D4AA73F2C81C600CFF7382A4943A34F9117
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
 
   C:\Users\Gregory France\Desktop\frst64.exe
      Size . . . . . . . : 2,118,144 bytes
      Age  . . . . . . . : 0.7 days (2014-11-23 20:03:49)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 00EAA9915EDE35DCF294023D59351A0FBFD132D6C0E3E5729FF1352009726F49
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -47.2s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ccSubSDK\{CE3A002A-4266-4C2F-8C7C-8DBC733C2DBD}
         -47.2s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ccSubSDK\{CE3A002A-4266-4C2F-8C7C-8DBC733C2DBD}
         -23.0s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ccSubSDK\{C2A14C48-F1B9-45A2-BB54-120EBDF30C4F}
         -5.8s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ErrorInstances\99C6F3BA\
         -5.8s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ErrorInstances\99C6F3BA\462A1768-9743-4231-A47E-94268A2E5900.dat
         -4.5s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ccSubSDK\{400A0A9A-E728-41F1-9AF5-0BA20D0B543D}
         -3.7s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ErrorInstances\50C72DE6\
         -2.5s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\CmnClnt\ErrorInstances\50C72DE6\51B506E5-C47B-4649-A124-FDA25C138E84.dat
          0.0s C:\Users\Gregory France\Desktop\frst64.exe
 
 
Cookies _____________________________________________________________________
 
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Gregory France\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Cookies\8UZ8PSTZ.txt
   C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Cookies\IRVQ6YTU.txt
   C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Cookies\PO4YYVQP.txt
   C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Cookies\QPA1Y5O6.txt
   C:\Users\Gregory France\AppData\Roaming\Microsoft\Windows\Cookies\X6A0C00I.txt
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:2o7.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ad.360yield.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:adlegend.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.advance.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.altitude-arena.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.bridgetrack.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.mediade.sk
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.nj.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.p161.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.pointroll.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.stickyadstv.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ads.undertone.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:adtech.de
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:adtechus.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:advertising.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ar.atwola.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:at.atwola.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:atdmt.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:atwola.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:burstnet.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:casalemedia.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:collective-media.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:doubleclick.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:fastclick.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:googleadservices.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:interclick.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:media6degrees.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:mediaplex.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:network.realmedia.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:pointroll.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:questionmarket.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:realmedia.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:revsci.net
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:ru4.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:serving-sys.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:smartadserver.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:stat.dealtime.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:stat.komoona.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:statcounter.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:track.nextuser.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:tribalfusion.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:www.burstnet.com
   C:\Users\Gregory France\AppData\Roaming\Mozilla\Firefox\Profiles\owxd0ogl.default\cookies.sqlite:zedo.com
 
 
 


#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:26 PM

Posted 25 November 2014 - 03:52 AM

You've posted Hitman twice... :)
Please post the ESET Log as well.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 gpf262

gpf262
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 25 November 2014 - 08:10 PM

Oops!  Sorry..

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=18eea108ae004d459f5bd79b385842c5
# engine=21245
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-11-25 02:50:52
# local_time=2014-11-24 09:50:52 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 13156619 168427302 0 0
# scanned=917235
# found=4
# cleaned=0
# scan_time=27158
sh=728B0331B572EE396616BD8DBEF068396AFCBC00 ft=0 fh=0000000000000000 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\ProgramData\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}\setup.res"
sh=728B0331B572EE396616BD8DBEF068396AFCBC00 ft=0 fh=0000000000000000 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Users\All Users\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}\setup.res"
sh=626A8BFDE566A47CF8E844A0E43552BE7789EB6B ft=1 fh=92a716713397c90b vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Users\Melissa\AppData\Local\Temp\mia1\hstart.exe"
sh=C4D9F4369FBA7992040E86862CCF3C0FF70E8FB8 ft=1 fh=a3259e406bdc7673 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Users\Melissa\AppData\Local\Temp\{B0E3D3EA-4224-48E5-A9AB-B94767C92AB0}\{B87681AA-D74D-4E8A-AF98-7FDE52A759EF}\$$$\setup.exe"


#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:26 PM

Posted 26 November 2014 - 03:48 AM

This looks very good. No more active malware has been found. :)

Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.

Attached File  fixlist.txt   176bytes   1 downloads

That's it! abklatsch.gif
Your logs look clean to me at the moment. :thumbup2:
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif
Thank you!


Clean Upcleanupm.PNG

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download delfix.pngDelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:

 

Java 7 Update 17

 

Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.


Edited by deeprybka, 26 November 2014 - 03:51 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:26 PM

Posted 28 November 2014 - 03:10 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users