Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Trojan Powessere.A!reg


  • This topic is locked This topic is locked
15 replies to this topic

#1 ch333s

ch333s

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 31 December 2014 - 03:56 AM

Been doing battle with this guy for a full day and have no clue what to do. Google search tell me to edit things in my registry, however I'm not an expert with computers so I hesitate to do anything that might jeopardize the computer. The reason I know that I'm battling a Trojan is from MSE. Every time I scan MSE the Trojan is back, even if I had just removed it.

 

In MSE Quarantine list, it says Trojan:Win32/Powessere.A!reg, suggests that I remove it (how I wish it were so easy) and lists the "Items" which is: regkey:HKCU@S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\LocalServer32\

 

The following is the DDS log:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.17496  BrowserJavaVersion: 10.71.2
Run by admin at 2:45:25 on 2014-12-31
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8145.5495 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: ESET NOD32 Antivirus 8.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET NOD32 Antivirus 8.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\syswow64\fixmapi.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\syswow64\wextract.exe
C:\Windows\syswow64\wiaacmgr.exe
C:\Windows\syswow64\regsvr32.exe
C:\Windows\syswow64\systray.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\systray.exe
C:\Windows\syswow64\upnpcont.exe
C:\Windows\syswow64\rundll32.exe
C:\Windows\syswow64\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
mStart Page = www.google.com
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRunOnce: [Del458925753] cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del"
uRunOnce: [DelTr459011117] cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
uRunOnce: [SpybotDeletingB553] command.com /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
uRunOnce: [SpybotDeletingD2674] cmd.exe /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRunOnce: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
mRunOnce: [Del458925753] cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del"
mRunOnce: [DelTr459011117] cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
mRunOnce: [SpybotDeletingA7963] command.com /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
mRunOnce: [SpybotDeletingC3824] cmd.exe /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://athena.neisd.net/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{7A2566DA-3EF2-4990-B01E-D77A132B7BBB} : DHCPNameServer = 192.168.1.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{7A2566DA-3EF2-4990-B01E-D77A132B7BBB}\144545538353 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{7A2566DA-3EF2-4990-B01E-D77A132B7BBB}\14962725F6774697F53547574656E647 : DHCPNameServer = 129.115.102.165 129.115.102.167
TCP: Interfaces\{7A2566DA-3EF2-4990-B01E-D77A132B7BBB}\35D616C6C6C496F6E6D27657563747 : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{7A2566DA-3EF2-4990-B01E-D77A132B7BBB}\65562796A7F6E6024425F49444230233636343 : DHCPNameServer = 192.168.42.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.google.com
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TpShocks] TpShocks.exe
x64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
x64-Run: [ALCKRESI.EXE] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
x64-Run: [IntelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\
FF - prefs.js: browser.search.selectedEngine - WebSearch
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.searchandfly.info/?pid=3540&r=2014/09/30&hid=8203408240082327723&lg=EN&cc=US&unqvl=62&l=1&q=
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Nexon\NGM\npnxgame.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
============= SERVICES / DRIVERS ===============
.
R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2011-7-8 31344]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-1-5 14456]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-11-15 30496]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2010-12-15 23664]
R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2010-12-3 31592]
R2 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2011-7-8 101376]
R3 LenovoRd;LenovoRd;C:\Windows\System32\drivers\LenovoRd.sys [2011-7-8 118016]
S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
S1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2014-8-18 243440]
S1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2010-12-29 15472]
S1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2013-11-15 284448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2011-7-8 198784]
S2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-1 1349576]
S2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2014-9-18 158968]
S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2010-12-3 116072]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2011-7-8 40808]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2010-12-29 45496]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-7-8 59240]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2010-12-29 93032]
S2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-11-15 137528]
S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 125584]
S2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2013-9-5 65657]
S2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-6-19 1646608]
S2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 SpyHunter 4 Service;SpyHunter 4 Service;C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2014-12-30 1025920]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2010-12-29 114024]
S2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2010-12-29 64440]
S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-8 2656280]
S2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-4-18 84080]
S3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2011-7-8 166016]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2013-3-20 6144]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2011-7-8 425000]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-7-8 39464]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2011-7-8 477032]
S3 EsgScanner;EsgScanner;C:\Windows\System32\drivers\EsgScanner.sys [2014-12-30 22704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2013-3-19 23552]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2013-3-19 27648]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2013-3-20 12288]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2011-7-8 31152]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2011-7-8 79208]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2010-9-27 41536]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-2 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-31 08:13:42 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C29A7B7E-2E9E-4307-B1D1-7B82D1625F0F}\offreg.dll
2014-12-30 19:33:56 -------- d-----w- C:\Users\admin\AppData\Local\ESET
2014-12-30 18:56:38 -------- d-----w- C:\Users\admin\AppData\Roaming\Enigma Software Group
2014-12-30 18:56:27 -------- d-----w- C:\sh4ldr
2014-12-30 18:55:39 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys
2014-12-30 18:55:27 -------- d-----w- C:\Program Files\Enigma Software Group
2014-12-30 18:50:15 -------- d-----w- C:\Program Files\ESET
2014-12-29 22:17:45 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C29A7B7E-2E9E-4307-B1D1-7B82D1625F0F}\mpengine.dll
2014-12-29 19:09:41 -------- d-sh--w- C:\found.000
2014-12-29 05:50:53 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-20 05:02:38 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9FAA5855-3810-4ACA-A70A-171404E52D4F}\gapaengine.dll
2014-12-18 01:18:27 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-12-18 01:18:27 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-12-11 09:22:23 -------- d-----w- C:\Windows\System32\appraiser
2014-12-11 09:01:22 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-11 09:01:22 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-11 04:14:59 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2014-12-03 06:31:20 227048 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2014-12-31 08:16:18 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-11 04:51:14 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-11 04:51:14 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-21 12:14:22 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-21 12:14:12 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 12:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-19 10:31:16 1217192 ----a-w- C:\Windows\SysWow64\FM20.DLL
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-25 18:27:09 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:23 310272 ----a-w- C:\Windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\Windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\Windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-10-02 20:23:20 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-10-02 20:23:20 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH:  2:45:32.84 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:15 AM

Posted 31 December 2014 - 07:53 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1
logo.png
Please download Powelikscleaner (by ESET) and save it to your Desktop.
  • Double-click the 3.png to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
1.png
2.png

Step 2

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Step 3

Please download 51a612a8b27e2-Zoek.pngZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    process;
    services-list;
    systemspecs;
    startupall;
    filesrcm;
    
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 ch333s

ch333s
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 31 December 2014 - 01:42 PM

Thank you so much for your help Jurgen, I appreciate it for sure! I also appreciate the very quick response!

 

First, the log from Powelikscleaner:

 

[2014.12.31 12:07:29.415] - Begin
[2014.12.31 12:07:29.415] -
[2014.12.31 12:07:29.415] -     ....................................
[2014.12.31 12:07:29.415] -   ..::::::::::::::::::....................
[2014.12.31 12:07:29.415] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2014.12.31 12:07:29.415] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.1
[2014.12.31 12:07:29.415] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Oct 15 2014
[2014.12.31 12:07:29.415] -  .::EE:::::::::::::SS:.EE..........TT......
[2014.12.31 12:07:29.415] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2014.12.31 12:07:29.415] -   ..::::::::::::::::::....................    1992-2013. All rights reserved.
[2014.12.31 12:07:29.415] -     ....................................
[2014.12.31 12:07:29.415] -
[2014.12.31 12:07:29.415] - --------------------------------------------------------------------------------
[2014.12.31 12:07:29.415] -
[2014.12.31 12:07:29.415] - INFO: OS: 6.1.7601 SP1
[2014.12.31 12:07:29.415] - INFO: Product Type: Workstation
[2014.12.31 12:07:29.415] - INFO: WoW64: True
[2014.12.31 12:07:29.415] - INFO: Machine guid: 7DC3F47F-F2BE-4277-A7C4-A330BAF76A74
[2014.12.31 12:07:29.415] -
[2014.12.31 12:07:38.214] - INFO: Scanning for system infection...
[2014.12.31 12:07:38.214] - --------------------------------------------------------------------------------
[2014.12.31 12:07:38.214] -
[2014.12.31 12:07:38.214] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.12.31 12:07:38.214] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.12.31 12:07:38.214] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.12.31 12:07:38.214] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.12.31 12:07:38.214] - INFO: Processing classes...
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.214] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.230] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{1EF84C89-70EF-4b35-8698-A0EA357A9F9D}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{1EFF7739-9BDA-4295-BC07-383554CAAC84}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{70EE1E2D-AA80-4229-A990-08943A1A7F81}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{9EF5EF7A-DB82-464A-ACD0-1BC9416E3268}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{EAC6E3F5-091F-4282-AFD6-5FBA41D68C07}]



#4 ch333s

ch333s
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 31 December 2014 - 01:44 PM

[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.12.31 12:07:38.245] - WARNING: Found suspicous classid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{FD4DF9E0-E3DE-11CE-BFCF-ABCD1DE12345}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-18\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-18\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-18\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:38.245] - INFO: Processing clsid [\Registry\User\S-1-5-18\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:38.245] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.12.31 12:07:38.245] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.12.31 12:07:38.245] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.12.31 12:07:38.245] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.12.31 12:07:38.245] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.12.31 12:07:38.245] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.12.31 12:07:38.245] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.12.31 12:07:38.245] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.12.31 12:07:38.245] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.12.31 12:07:38.245] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.12.31 12:07:38.245] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.12.31 12:07:38.245] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.12.31 12:07:38.245] - INFO: Win32/Poweliks found
[2014.12.31 12:07:47.372] - INFO: process: dllhost.exe, pid 1904, parent 1840
[2014.12.31 12:07:47.372] - INFO: Terminated process pid = 1904
[2014.12.31 12:07:47.372] - INFO: process: dllhost.exe, pid 2584, parent 2528
[2014.12.31 12:07:47.372] - INFO: Terminated process pid = 2584
[2014.12.31 12:07:47.372] - INFO: process: dllhost.exe, pid 6408, parent 2584
[2014.12.31 12:07:47.372] - INFO: Terminated process pid = 6408
[2014.12.31 12:07:47.372] - INFO: process: dllhost.exe, pid 6664, parent 684
[2014.12.31 12:07:47.372] - INFO: Terminated process pid = 6664
[2014.12.31 12:07:47.372] - INFO: process: dllhost.exe, pid 7072, parent 6408
[2014.12.31 12:07:47.372] - INFO: Terminated process pid = 7072
[2014.12.31 12:07:47.372] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.12.31 12:07:47.372] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.12.31 12:07:47.372] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.12.31 12:07:47.372] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.12.31 12:07:47.372] - INFO: Processing classes...
[2014.12.31 12:07:47.372] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.372] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.372] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.388] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0082-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.403] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0068-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{1EF84C89-70EF-4b35-8698-A0EA357A9F9D}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{1EFF7739-9BDA-4295-BC07-383554CAAC84}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{70EE1E2D-AA80-4229-A990-08943A1A7F81}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{9EF5EF7A-DB82-464A-ACD0-1BC9416E3268}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{EAC6E3F5-091F-4282-AFD6-5FBA41D68C07}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.12.31 12:07:47.419] - INFO: Deleted classid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Classes\CLSID\{FD4DF9E0-E3DE-11CE-BFCF-ABCD1DE12345}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-18\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-18\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBB}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-18\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBC}]
[2014.12.31 12:07:47.419] - INFO: Processing clsid [\Registry\User\S-1-5-18\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2014.12.31 12:07:47.419] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.12.31 12:07:47.419] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.12.31 12:07:47.419] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.12.31 12:07:47.419] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.12.31 12:07:47.419] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.12.31 12:07:47.419] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.12.31 12:07:47.419] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.12.31 12:07:47.419] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.12.31 12:07:47.419] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.12.31 12:07:47.419] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.12.31 12:07:47.419] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.12.31 12:07:47.419] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.12.31 12:07:47.419] - INFO: Cleaning status: 0
[2014.12.31 12:07:59.790] - End

 

My apologies, had to split the log in half as it was too large on its own.

 

Secondly, the FRST.txt log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by admin (administrator) on JFD4-T520 on 31-12-2014 12:12:05
Running from C:\Users\Jdemario\Desktop
Loaded Profiles: admin & Jdemario (Available profiles: admin & Jdemario)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-04] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2011-02-28] (Lenovo Group Limited)
HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-16] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [GrpConv] => grpconv -o
HKLM-x32\...\RunOnce: [SpybotSnD] => C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe [5365592 2009-01-26] (Safer Networking Limited)
HKLM-x32\...\RunOnce: [Del458925753] => cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del"
HKLM-x32\...\RunOnce: [DelTr459011117] => cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [SpybotDeletingA7963] => command.com /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKLM-x32\...\RunOnce: [SpybotDeletingC3824] => cmd.exe /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [Del458925753] => cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del" <===== ATTENTION
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [DelTr459011117] => cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [SpybotDeletingB553] => command.com /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [SpybotDeletingD2674] => cmd.exe /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [ConnectionCenter] => C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\concentr.exe [362432 2011-12-22] (Citrix Systems, Inc.)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [hsscp.EXE] => C:\Users\Jdemario\AppData\Roaming\Hotspot Shield\bin\hsscp.EXE -nonadmin
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\MountPoints2: {cff29afc-10ea-11e1-b766-f0def1703858} - G:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-2855501541-4180452864-3991015007-1003] => http=127.0.0.1:8555;https=127.0.0.1:8555
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1001 -> DefaultScope {6EA73A99-0B28-4B72-847C-D496649EB24D} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ie&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtCyBtDtAzzyDzz0EzztA0CtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=276022301&ir=
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1001 -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL =
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1001 -> {6EA73A99-0B28-4B72-847C-D496649EB24D} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ie&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtCyBtDtAzzyDzz0EzztA0CtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=276022301&ir=
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1003 -> DefaultScope {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL =
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1003 -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL =
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1003 -> {F62B51A3-14DF-47A4-A4D9-550952207157} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: HKLM-x32 {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab
DPF: HKLM-x32 {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://athena.neisd.net/dana-cached/sc/JuniperSetupClient.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default
FF NewTab: about:blank
FF SelectedSearchEngine: WebSearch
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF DefaultSearchEngine,S: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchandfly.info/?pid=3540&r=2014/09/30&hid=8203408240082327723&lg=EN&cc=US&unqvl=62&l=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.com/NxGame -> C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2855501541-4180452864-3991015007-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2855501541-4180452864-3991015007-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-2855501541-4180452864-3991015007-1003: @Citrix.com/npican -> C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF HKLM-x32\...\Firefox\Extensions: [VIP6X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-07-08]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-23]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-23]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-23]
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-23]
CHR Extension: (GGouSSaave) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdmabmjcgnbngghkejhieljkbkchgop [2014-09-29]
CHR Extension: (Chrome In-App Payments service) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-23]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-23] (Lenovo.)
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-06] (Lenovo Group Limited)
S2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]
S2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-08-18] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-05] (GFI Software)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-10] (Lenovo)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-11-15] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-07-08] ()
S3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S1 A2DDA; \??\C:\Users\Jdemario\Desktop\EmsisoftEmergencyKit\Run\a2ddax64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 12:12 - 2014-12-31 12:12 - 00021075 _____ () C:\Users\Jdemario\Desktop\FRST.txt
2014-12-31 12:11 - 2014-12-31 12:12 - 00000000 ____D () C:\FRST
2014-12-31 12:11 - 2014-12-31 12:11 - 02123264 _____ (Farbar) C:\Users\Jdemario\Desktop\FRST64.exe
2014-12-31 12:07 - 2014-12-31 12:07 - 00645816 _____ () C:\Users\Jdemario\Desktop\ESETPoweliksCleaner.exe_20141231.120729.7412.log
2014-12-31 12:06 - 2014-12-31 12:06 - 00186568 _____ (ESET) C:\Users\Jdemario\Desktop\ESETPoweliksCleaner.exe
2014-12-31 02:49 - 2014-12-31 02:49 - 00025895 _____ () C:\Users\admin\Documents\Attach.txt
2014-12-31 02:35 - 2014-12-31 02:45 - 00026548 _____ () C:\Users\admin\Desktop\dds.txt
2014-12-31 02:35 - 2014-12-31 02:45 - 00025895 _____ () C:\Users\admin\Desktop\attach.txt
2014-12-31 02:33 - 2014-12-31 02:33 - 00688992 ____R (Swearware) C:\Users\Jdemario\Desktop\dds.com
2014-12-30 13:33 - 2014-12-30 13:33 - 00000000 ____D () C:\Users\admin\AppData\Local\ESET
2014-12-30 12:58 - 2014-12-30 13:00 - 00000000 ____D () C:\Users\Jdemario\Desktop\USB Drive
2014-12-30 12:57 - 2014-12-30 12:57 - 00913408 _____ (Microsoft Corporation) C:\Users\Jdemario\Desktop\mssstool64.exe
2014-12-30 12:56 - 2014-12-30 12:56 - 00003328 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\ProgramData\ESET
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\Program Files\ESET
2014-12-30 12:49 - 2014-12-30 12:54 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Jdemario\Desktop\SpyHunter-Installer.exe
2014-12-30 12:45 - 2014-12-30 12:48 - 73412608 _____ () C:\Users\Jdemario\Desktop\eav_nt64_enu.msi
2014-12-30 11:47 - 2014-12-30 11:49 - 00000000 ____D () C:\Users\Jdemario\Desktop\Nudes
2014-12-30 02:08 - 2014-12-31 12:03 - 00000504 _____ () C:\Windows\setupact.log
2014-12-30 02:08 - 2014-12-30 02:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-29 13:15 - 2014-12-31 02:19 - 00122312 _____ () C:\Windows\WindowsUpdate.log
2014-12-29 13:09 - 2014-12-29 13:09 - 00000000 __SHD () C:\found.000
2014-12-28 23:40 - 2014-12-28 23:40 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-21 13:34 - 2014-12-21 13:48 - 00000000 ____D () C:\Users\Jdemario\Desktop\DroidPics
2014-12-21 13:23 - 2014-12-21 13:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01009.Wdf
2014-12-20 01:23 - 2014-12-20 01:24 - 05317104 _____ (Piriform Ltd) C:\Users\Jdemario\Desktop\ccsetup501.exe
2014-12-17 19:18 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 19:18 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 03:22 - 2014-12-11 03:22 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:01 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:01 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 22:15 - 2014-12-03 20:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 22:15 - 2014-12-01 17:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 22:15 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 22:15 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 22:15 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 22:15 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 22:15 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 22:15 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 22:15 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 22:15 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 22:15 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 22:15 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 22:15 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 22:15 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 22:15 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 22:15 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 22:15 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 22:15 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 22:15 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 22:15 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 22:15 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 22:15 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 22:15 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 22:15 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 22:15 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 22:15 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 22:15 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 22:15 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 22:15 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 22:15 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 22:15 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 22:15 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 22:15 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 22:15 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 22:15 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 22:15 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 22:15 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 22:15 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 22:15 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 22:15 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 22:14 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 22:14 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 22:14 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 22:14 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 22:14 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 22:14 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 22:14 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 22:14 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 22:14 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 22:14 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 22:14 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 22:14 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 22:14 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 22:14 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 22:14 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 22:14 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 22:14 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 22:14 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 22:14 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 22:14 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 22:14 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 22:14 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 22:14 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 22:14 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 22:14 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 22:14 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 22:14 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-04 00:42 - 2014-11-04 23:14 - 00311685 _____ () C:\Users\Jdemario\Desktop\FactoringJeopardyReview.pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 12:04 - 2011-07-08 19:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-31 12:03 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-31 02:51 - 2014-03-05 00:28 - 00025895 _____ () C:\Users\Jdemario\Desktop\Attach.txt
2014-12-31 02:16 - 2014-05-19 22:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-31 02:16 - 2009-07-13 23:13 - 00796982 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-31 02:11 - 2013-08-18 12:44 - 00004060 _____ () C:\Users\admin\Desktop\Rkill.txt
2014-12-30 23:24 - 2014-04-10 02:33 - 00000000 __SHD () C:\Users\Jdemario\AppData\Local\EmieSiteList
2014-12-30 19:17 - 2013-03-28 10:04 - 00000000 ____D () C:\Users\Jdemario\AppData\Local\CrashDumps
2014-12-30 18:51 - 2012-07-05 14:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-30 18:38 - 2013-10-09 18:40 - 00000000 ____D () C:\Users\Jdemario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.2
2014-12-30 18:37 - 2011-09-30 00:25 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 13:01 - 2009-07-13 22:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-30 13:01 - 2009-07-13 22:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-30 12:57 - 2011-07-30 19:28 - 00122712 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 12:39 - 2009-07-13 21:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-30 12:37 - 2011-09-30 00:25 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 12:34 - 2013-02-02 23:20 - 00000000 ____D () C:\Temp
2014-12-30 11:55 - 2013-12-05 23:54 - 00000000 ____D () C:\Users\Jdemario\Desktop\UTSA
2014-12-30 10:32 - 2011-07-30 19:17 - 00000000 ____D () C:\Users\admin
2014-12-30 02:15 - 2012-02-25 00:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-30 00:09 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-29 13:29 - 2011-08-08 12:08 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-12-27 20:13 - 2011-11-26 16:04 - 00000452 _____ () C:\Windows\Tasks\Intel_C_CVSC1171005B080D.job
2014-12-25 01:35 - 2011-11-06 10:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2014-12-20 01:24 - 2014-02-19 11:50 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-20 01:24 - 2012-07-05 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 01:23 - 2011-08-22 21:36 - 00000000 ____D () C:\Users\Jdemario\AppData\Roaming\Skype
2014-12-18 22:34 - 2014-09-17 22:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-18 22:34 - 2011-08-22 21:36 - 00000000 ____D () C:\ProgramData\Skype
2014-12-14 02:09 - 2013-02-06 14:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 03:49 - 2014-07-10 02:45 - 00000000 ____D () C:\Windows\rescache
2014-12-11 03:22 - 2014-05-02 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 03:22 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 03:22 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 03:07 - 2011-07-30 20:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:06 - 2013-07-13 11:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:02 - 2011-09-02 12:18 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 22:51 - 2012-07-05 14:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 22:51 - 2012-03-29 19:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 22:51 - 2011-09-02 11:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 22:10 - 2014-10-18 20:46 - 00000000 ____D () C:\Users\admin\AppData\Local\Adobe
2014-12-10 22:07 - 2014-05-19 22:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-09 22:54 - 2014-05-19 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-09 22:54 - 2012-11-19 10:28 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

Files to move or delete:
====================
C:\Users\Jdemario\tmpifo.bat

Some content of TEMP:
====================
C:\Users\Jdemario\AppData\Local\temp\InstHelper.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

safeboot: {ef44e88a-38e7-11e0-ac4a-e5a1f1a5314a} => The system is configured to boot to Safe Mode <===== ATTENTION!

LastRegBack: 2014-12-25 03:46

==================== End Of Log ============================

Thirdly, the Addition.txt log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by admin at 2014-12-31 12:12:39
Running from C:\Users\Jdemario\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Citrix Receiver (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC Universe Online (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
ESET NOD32 Antivirus (HKLM\...\{7F39EB28-B9B7-41B8-8564-DB33284A010D}) (Version: 8.0.304.0 - ESET, spol s r. o.)
GeoGebra 4.2 (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\GeoGebra 4.2) (Version: 4.2.60.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Half-Life® 2 (HKLM-x32\...\{D45EC259-4A19-4656-B588-C2C360DD18EA}) (Version: 1.0.0.0 - Valve)
Hotspot Shield 3.42 (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® Solid-State Drive Toolbox (HKLM-x32\...\Intel® Solid-State Drive Toolbox) (Version: 3.0.1.400 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Manager (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.3.9 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 6.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 6.0.2 (x86 en-US)) (Version: 6.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA 3D Vision Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM-x32\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Self-service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 3000 (HKLM-x32\...\SimCity 3000) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Snes9x (HKLM-x32\...\Snes9x) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0046 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.61.00.11 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.19.0 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
Unity Web Player (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
WinDirStat 1.1.2 (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\WinDirStat) (Version:  - )
Windows Driver Package - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows Driver Package - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows Driver Package - Intel USB  (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows Driver Package - Lenovo (LenovoRd) SmartCardReader  (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows Driver Package - Synaptics (SynTP) Mouse  (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2014-10-08 21:44 - 00449979 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {081A1AC5-5F48-4A14-8D71-59352A839D57} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {12BEF712-4DE9-4066-A210-D8626B5612E8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {203FA549-69F7-48BA-BC25-C6E277F20D7D} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {20D6E0CA-AB80-42CC-A60A-5C98DE38C274} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {24E60271-C42C-445B-AADA-C45A2C7FBD18} - System32\Tasks\{8408A1C2-9B0D-4249-B78F-6C6A4FAA51E4} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.113&amp;LastError=404
Task: {366563DB-9E3A-4888-9464-2AC2E342098C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {3B055EA3-7FDA-4D8C-9641-BF975E31A8E3} - System32\Tasks\Intel_C_CVSC1171005B080D => C:\Program Files (x86)\Intel\Intel® Solid-State Drive Toolbox\Intel SSD Toolbox.exe [2011-10-28] (Intel)
Task: {415BA073-52C0-43A4-B461-E88F59967028} - System32\Tasks\Lenovo\Lenovo Product Registration (Jdemario) => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2011-02-09] (Lenovo, Inc.)
Task: {620AE1C3-DA96-4638-8B6C-A0845E39BAC5} - System32\Tasks\{91C9E031-410B-447C-830A-6169AAC8DCF6} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {683B6D74-EE0B-42EE-B097-3EFD55670390} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {6A805D52-13FE-4EF1-87C3-30C2BACFBF68} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {6BBD8C56-FA2C-40A0-A613-53523D8DF1C2} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {78DFD19C-BA2B-4B28-A1C6-CCA18A7FCF65} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {8B605CA6-F99C-48F1-B738-AAA8CAF99FD5} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe
Task: {9420E4DD-5A28-40A3-ACCE-961168B9CACA} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {97AB2485-387A-4312-BD3C-D3373AC7BE8F} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-23] (Lenovo Group Limited)
Task: {9AE6F763-E371-446E-81EA-453AC0FCCF60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {A587843F-1A0B-4DC2-9A6E-10AC6B568102} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {A8DC07C9-C13E-4A3B-8DEF-F14C384B53AA} - System32\Tasks\task3521254 => C:\Users\Jdemario\AppData\Local\Temp\0.8821565173166377.exe <==== ATTENTION
Task: {B85195D8-E783-4622-96B4-A476C492F023} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {BA00E64B-B852-4F6B-A171-12DB1BB6BB9B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C663ABF3-DDF9-4B22-B54A-B7E754387A8D} - System32\Tasks\{C73921BA-B1FF-40BA-8555-01F599BC1387} => Iexplore.exe http://ui.skype.com/ui/0/6.9.73.106.456/en/abandoninstall?page=tsMain
Task: {D77AD9E2-963B-4BF4-B608-4F7FA3952646} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {E8458068-2528-4EC6-BC63-0B546CF923F9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {FADD8570-550D-4F71-835E-9B8E90AD657B} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Intel_C_CVSC1171005B080D.job => C:\Program Files (x86)\Intel\Intel® Solid-State Drive Toolbox\Intel SSD Toolbox.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-07-08 19:58 - 2011-03-23 12:48 - 00044544 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: nwiz => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet

========================= Accounts: ==========================

admin (S-1-5-21-2855501541-4180452864-3991015007-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2855501541-4180452864-3991015007-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2855501541-4180452864-3991015007-1005 - Limited - Enabled)
Guest (S-1-5-21-2855501541-4180452864-3991015007-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2855501541-4180452864-3991015007-1007 - Limited - Enabled)
Jdemario (S-1-5-21-2855501541-4180452864-3991015007-1003 - Limited - Enabled) => C:\Users\Jdemario
JFD4 (S-1-5-21-2855501541-4180452864-3991015007-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ehdrv
Description: ehdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ehdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/31/2014 00:10:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:06:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:04:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 03:11:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:11:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:08:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:06:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:05:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2014 07:35:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2014 07:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17496, time stamp: 0x4a5bc100
Faulting module name: MSHTML.dll, version: 11.0.9600.17496, time stamp: 0x546ff2f9
Exception code: 0xc00000fd
Fault offset: 0x00120dbf
Faulting process id: 0xb20
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

System errors:
=============
Error: (12/31/2014 00:09:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (12/31/2014 00:09:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (12/31/2014 00:09:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (12/31/2014 00:09:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (12/31/2014 00:09:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\IWMSSvc.dll
Error Code: 21

Error: (12/31/2014 00:09:12 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (12/31/2014 00:09:06 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/31/2014 00:08:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
discache
eamonm
ehdrv
lenovo.smi
MpFilter
spldr
TPPWRIF
Wanarpv6

Error: (12/31/2014 00:08:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error:
%%31

Error: (12/31/2014 00:08:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Conexant Audio Message Service service depends on the Windows Audio service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (12/31/2014 00:10:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:06:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:04:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 03:11:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:11:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:08:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:06:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:05:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2014 07:35:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2014 07:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.174964a5bc100MSHTML.dll11.0.9600.17496546ff2f9c00000fd00120dbfb2001d0249712cbebf6C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllb8705fe4-908a-11e4-af76-f0def1703858

CodeIntegrity Errors:
===================================
  Date: 2014-09-28 12:10:27.170
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-28 12:10:27.014
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.440
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.425
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.394
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.378
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-21 11:30:15.555
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-21 11:30:15.539
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7-2820QM CPU @ 2.30GHz
Percentage of memory in use: 16%
Total physical RAM: 8145.23 MB
Available physical RAM: 6790.45 MB
Total Pagefile: 16288.65 MB
Available Pagefile: 14987.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:73.36 GB) (Free:7.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.84 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Windows7_OS) (Fixed) (Total:296.92 GB) (Free:158.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: FE06DFB1)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 74.5 GB) (Disk ID: B54D14C8)
Partition 1: (Not Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=73.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Lastly, the log from zoek:

 

Zoek.exe v5.0.0.0 Updated 31-12-2014
Tool run by admin on Wed 12/31/2014 at 12:15:48.59.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Jdemario\Desktop\zoek.exe    [Scan all users] [Script inserted]

==== System Restore Info ======================

==== Running Processes ======================

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Jdemario\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [MsMpSvc] - Microsoft Antimalware Service - c:\program files\microsoft security client\msmpeng.exe
S2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
S2 - [Apple Mobile Device] - Apple Mobile Device - c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe
S2 - [Bonjour Service] - Bonjour Service - c:\program files\bonjour\mdnsresponder.exe
S2 - [btwdins] - Bluetooth Service - c:\program files\thinkpad\bluetooth software\btwdins.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [CxAudMsg] - Conexant Audio Message Service - c:\windows\system32\cxaudmsg64.exe
S2 - [EvtEng] - Intel® PROSet/Wireless Event Log - c:\program files\intel\wifi\bin\evteng.exe
S2 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S2 - [HyperW7Svc] - HyperW7 Service - c:\program files\lenovo\rapidboot\hyperw7svc64.exe
S2 - [jhi_service] - Intel® Identity Protection Technology Host Interface Service - c:\program files (x86)\intel\services\ipt\jhi_service.exe
S2 - [LENOVO.CAMMUTE] - Lenovo Camera Mute - c:\program files\lenovo\communications utility\cammute.exe
S2 - [LENOVO.MICMUTE] - Lenovo Microphone Mute - c:\program files\lenovo\hotkey\micmute.exe
S2 - [LENOVO.TPKNRSVC] - Lenovo Keyboard Noise Reduction - c:\program files\lenovo\communications utility\tpknrsvc.exe
S2 - [Lenovo.VIRTSCRLSVC] - Lenovo Auto Scroll - c:\program files\lenovo\virtscrl\lvvsst.exe
S2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe
S2 - [Motorola Device Manager] - Motorola Device Manager Service - c:\program files (x86)\motorola mobility\motorola device manager\motohelperservice.exe
S2 - [NVSvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
S2 - [PSI_SVC_2] - Protexis Licensing V2 - c:\program files (x86)\common files\protexis\license service\psiservice_2.exe
S2 - [RegSrvc] - Intel® PROSet/Wireless Registry Service - c:\program files\common files\intel\wirelesscommon\regsrvc.exe
S2 - [SAService] - Conexant SmartAudio service - c:\windows\system32\sasrv.exe [x]
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
S2 - [TPHKLOAD] - Lenovo Hotkey Client Loader - c:\program files\lenovo\hotkey\tphkload.exe
S2 - [TPHKSVC] - On Screen Display - c:\program files\lenovo\hotkey\tphksvc.exe
S2 - [UNS] - Intel® Management and Security Application User Notification Service - c:\program files (x86)\intel\intel® management engine components\uns\uns.exe
S2 - [VIPAppService] - VIPAppService - c:\program files (x86)\symantec\vip access client\vipappservice.exe
S2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FLEXnet Licensing Service] - FLEXnet Licensing Service - c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [iPod Service] - iPod Service - c:\program files\ipod\bin\ipodservice.exe
S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files (x86)\microsoft office\office14\groove.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [NisSrv] - Microsoft Network Inspection - c:\program files\microsoft security client\nissrv.exe
S3 - [ose] - Office  Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [Power Manager DBC Service] - Power Manager DBC Service - c:\program files (x86)\thinkpad\utilities\pwmdbsvc.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TPHDEXLGSVC] - ThinkPad HDD APS Logging Service - system32\tphdexlg64.exe [x]
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S3 - [WatAdminSvc] - Windows Activation Technologies Service - c:\windows\system32\wat\watadminsvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe
S4 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe

==== Batch Command(s) Run By Tool======================

C:\Windows\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\Windows\syswow64\appdata deleted

==== System Specs ======================

Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8146 MB
CPU Info: Intel® Core™ i7-2820QM CPU @ 2.30GHz
CPU Speed: 2351.1 MHz
Sound Card: Not detected
Display Adapters: | RDP Encoder Mirror Driver
Monitors: 1x;
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Intel® Centrino® Ultimate-N 6300 AGN | Intel® 82579LM Gigabit Network Connection
CD / DVD Drives: 1x (F: | ) F: HL-DT-STDVDRAM GT33N
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  73.4GB | D:  1.2GB | E:  296.9GB
Hard Disks - Free: C:  7.4GB | D:  864.3MB | E:  158.7GB
Manufacturer *: LENOVO
BIOS Info: AT/AT COMPATIBLE | 05/18/11 | LENOVO - 1260
Time Zone: Central Standard Time
Motherboard *: LENOVO 4239CTO
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Virus: ESET NOD32 Antivirus 8.0 On-access scanning disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: ESET NOD32 Antivirus 8.0 disabled (Outdated)
Internet Explorer Version: 11.0.9600.17501
Mozilla Firefox version: 6.0.2 (x86 en-US)
Google Chrome version: 37.0.2062.124
Adobe Reader version: 11.0.10.32
Sun Java version: 1.7.0_71 (32-bit)
Flash Player version: 15.0.0.246
Shockwave Player version: 12.1.3r153

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\admin\AppData\Local\Temp ====
2014-12-30 18:51:43 6625027F7980F98E9FE64902EE59CA64 372936 ----a-w- C:\Users\Jdemario\AppData\Local\Temp\InstHelper.exe
2014-12-29 21:53:57 D9EAF9C0157666DB84D568E32C1E2416 3538 ----a-w- C:\Users\Jdemario\AppData\Local\Temp\4e98\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVWSXUQY\java_setup[1].exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-12-18 01:18:27 0481346D0EF668C0D4FF69A7BBEFA846 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-12-18 01:18:27 5564883BFB523D5078A5B1FE3128FD63 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
====== C:\Windows\Sysnative\drivers =====
2014-12-21 19:23:33 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_motmodem_01009.Wdf
2014-12-11 04:15:05 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys
====== C:\Windows\Tasks ======
2014-12-30 18:56:36 21133D25D834A59B16F527C2049A63F3 3328 ----a-w- C:\Windows\Sysnative\Tasks\SpyHunter4Startup
2014-12-29 05:40:44 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-12-30 18:50:15 -------- d-----w- C:\Program Files\ESET
======= C:\PROGRA~2 =====
=======  =====
====== C:\Users\admin\AppData\Roaming ======
2014-12-30 19:44:25 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\ESET
2014-12-30 19:33:56 -------- d-----w- C:\Users\admin\AppData\Local\ESET
====== C:\Users\admin ======
2014-12-31 18:11:26 988312E4532153D5A75B4EBCD72D37AD 2123264 ----a-w- C:\Users\Jdemario\Desktop\FRST64.exe
2014-12-31 18:06:38 7650EF7FFE338A50ADE28288FB601B7A 186568 ----a-w- C:\Users\Jdemario\Desktop\ESETPoweliksCleaner.exe
2014-12-31 08:33:28 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Jdemario\Desktop\dds.com
2014-12-30 18:57:07 0064DEA542B09CEA34155FE86E6192E1 913408 ----a-w- C:\Users\Jdemario\Desktop\mssstool64.exe
2014-12-30 18:50:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-12-30 18:50:15 -------- d-----w- C:\ProgramData\ESET
2014-12-30 18:49:50 B4CD9E8513C17C32224C70330A235296 3044736 ----a-w- C:\Users\Jdemario\Desktop\SpyHunter-Installer.exe
2014-12-20 07:23:57 E45823AE0D754FC0206F14C1FC43EB74 5317104 ----a-w- C:\Users\Jdemario\Desktop\ccsetup501.exe

====== C: exe-files ==
2014-12-31 18:19:40 988312E4532153D5A75B4EBCD72D37AD 2123264 ----a-w- C:\Users\Jdemario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9KK64D1S\FRST64[1].exe
2014-12-31 18:11:26 988312E4532153D5A75B4EBCD72D37AD 2123264 ----a-w- C:\Users\Jdemario\Desktop\FRST64.exe
2014-12-31 18:06:38 7650EF7FFE338A50ADE28288FB601B7A 186568 ----a-w- C:\Users\Jdemario\Desktop\ESETPoweliksCleaner.exe
2014-12-31 18:06:04 3282042CCDC28BB530B020B442030A77 5541 ----a-w- C:\Users\Jdemario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7ZMS0RZA\ESETPoweliksCleaner[1].exe
2014-12-30 18:59:03 1AE182AAEE10969E892F9A5307905210 29672376 ----a-w- C:\Users\Jdemario\Desktop\USB Drive\UTSA\GeoGebra-Windows-Installer-4-2-60-0.exe
2014-12-30 18:58:46 652D2754E183098E8BB2461C4EE356D9 41791568 ----a-w- C:\Users\Jdemario\Desktop\USB Drive\GeoGebra-Windows-Installer-4-4-1-0.exe
2014-12-30 18:57:07 0064DEA542B09CEA34155FE86E6192E1 913408 ----a-w- C:\Users\Jdemario\Desktop\mssstool64.exe
2014-12-30 18:54:00 65565B7EC5B08F91B608949A06D27920 589512 ----a-w- C:\Program Files\ESET\ESET NOD32 Antivirus\speclean.exe
2014-12-30 18:51:43 6625027F7980F98E9FE64902EE59CA64 372936 ----a-w- C:\Users\Jdemario\AppData\Local\Temp\InstHelper.exe
2014-12-30 18:49:50 B4CD9E8513C17C32224C70330A235296 3044736 ----a-w- C:\Users\Jdemario\Desktop\SpyHunter-Installer.exe
2014-12-29 21:53:57 D9EAF9C0157666DB84D568E32C1E2416 3538 ----a-w- C:\Users\Jdemario\AppData\Local\Temp\4e98\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVWSXUQY\java_setup[1].exe
2014-12-29 05:40:31 516C021FEBEDE2962C9252DF85606C76 382168 ----a-w- C:\ProgramData\Adobe\ARM\S\31782\AdobeARMHelper.exe
2014-12-29 05:40:31 516C021FEBEDE2962C9252DF85606C76 382168 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\Temp\200416173\AdobeARMHelper.exe
=== C: other files ==
2014-12-31 08:33:28 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Jdemario\Desktop\dds.com
2014-12-31 08:31:37 2FCC85920D65694D89520C1B27F8BA8D 14396 ----a-w- C:\Users\Jdemario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A3PN7WVA\dds[1].com
2014-12-30 18:59:54 EAE3BA9F20100F45281EAF8547AD93A7 1244049 ----a-w- C:\Users\Jdemario\Desktop\USB Drive\NVC\Math 300 materials.zip
2014-12-30 18:59:06 D8667F617D4775DA38CBB6EDE3B7D6F8 31124 ----a-w- C:\Users\Jdemario\Desktop\USB Drive\UTSA\ComputersForMathTeachers\Final Exam.zip
2014-12-30 18:59:05 98A8D329F15BFC255E3AFF77E059DF46 663639 ----a-w- C:\Users\Jdemario\Desktop\USB Drive\UTSA\ComputersForMathTeachers.zip
2014-12-30 18:38:36 0676438A39C7DF57AC657E815B3FE3BC 750724 ----a-w- C:\Users\Jdemario\AppData\Local\Temp\BST_InputMapper_backup\Profiles.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"ConnectionCenter"="C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\concentr.exe /startup"
"hsscp.EXE"="C:\Users\Jdemario\AppData\Roaming\Hotspot Shield\bin\hsscp.EXE -nonadmin"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Windows\CurrentVersion\runonce]
"Del458925753"="cmd.exe /Q /D /c del C:\Users\admin\AppData\Local\Temp\0.del"
"DelTr459011117"="cmd.exe /c rd /s /q  C:\Users\admin\AppData\Roaming\mysearchdial"
"SpybotDeletingD2674"="cmd.exe /c del C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"="C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"IMSS"="C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
"Lenovo Registration"="C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotSnD"="C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe /autocheck"
"Del458925753"="cmd.exe /Q /D /c del C:\Users\admin\AppData\Local\Temp\0.del"
"DelTr459011117"="cmd.exe /c rd /s /q  C:\Users\admin\AppData\Roaming\mysearchdial"
"Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
"SpybotDeletingC3824"="cmd.exe /c del C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Del458925753"="cmd.exe /Q /D /c del C:\Users\admin\AppData\Local\Temp\0.del"
"DelTr459011117"="cmd.exe /c rd /s /q  C:\Users\admin\AppData\Roaming\mysearchdial"
"SpybotDeletingD2674"="cmd.exe /c del C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"="TpShocks.exe"
"ForteConfig"="C:\Program Files\Conexant\ForteConfig\fmapp.exe"
"SmartAudio"="C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"LENOVO.TPKNRRES"="C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe"
"ALCKRESI.EXE"="C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE"
"IntelliType Pro"="C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"IntelliPoint"="C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nwiz"
"hkey"="HKLM"
"command"="C:\\Program Files\\NVIDIA Corporation\\nview\\nwiz.exe /installquiet"

==== Startup Folders ======================

2011-07-09 01:48:40 890 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/10/2014 10:51 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\Intel_C_CVSC1171005B080D.job --a------ C:\Program Files (x86)\Intel\IntelR Solid-State Drive Toolbox\Intel SSD Toolbox.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Ad-Aware Antivirus Scheduled Scan" [C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe]
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\DiskUpdate" [C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe]
"C:\Windows\SysNative\tasks\GoforFilesUpdate" [C:\Program Files (x86)\GoforFiles\GFFUpdater.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Intel_C_CVSC1171005B080D" [C:\Program Files (x86)\Intel\Intel® Solid-State Drive Toolbox\Intel SSD Toolbox.exe]
"C:\Windows\SysNative\tasks\MCP" ["C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe"]
"C:\Windows\SysNative\tasks\Motorola Device Manager Engine" ["C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe"]
"C:\Windows\SysNative\tasks\Motorola Device Manager Initial Update" ["C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe"]
"C:\Windows\SysNative\tasks\Motorola Device Manager Update" ["C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe"]
"C:\Windows\SysNative\tasks\PMTask" [C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe]
"C:\Windows\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"]
"C:\Windows\SysNative\tasks\task3521254" [C:\Users\Jdemario\AppData\Local\Temp\0.8821565173166377.exe]
"C:\Windows\SysNative\tasks\{8408A1C2-9B0D-4249-B78F-6C6A4FAA51E4}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.113&amp;LastError=404]
"C:\Windows\SysNative\tasks\{91C9E031-410B-447C-830A-6169AAC8DCF6}" [C:\Program Files (x86)\Skype\Phone\Skype.exe]
"C:\Windows\SysNative\tasks\{C73921BA-B1FF-40BA-8555-01F599BC1387}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/6.9.73.106.456/en/abandoninstall?page=tsMain]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Lenovo\Lenovo Product Registration (Jdemario)" [C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2 folders=4 16449 bytes)

==== EOF on Wed 12/31/2014 at 12:21:40.84 ======================

Thanks again Jurgen!



#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:15 AM

Posted 01 January 2015 - 05:42 AM

Happy New Year! :thumbup2:

Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.
Attached File  fixlist.txt   3.05KB   8 downloads
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 ch333s

ch333s
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 01 January 2015 - 12:13 PM

Happy New Year to you as well!

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by admin at 2015-01-01 11:05:53 Run:1
Running from C:\Users\Jdemario\Desktop
Loaded Profiles: admin & Jdemario (Available profiles: admin & Jdemario)
Boot Mode: Safe Mode (with Networking)
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction
ProxyServer: [S-1-5-21-2855501541-4180452864-3991015007-1003] => http=127.0.0.1:8555;https=127.0.0.1:8555
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1001 -> DefaultScope {6EA73A99-0B28-4B72-847C-D496649EB24D} URL = http://start.mysearchdial.com/
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1001 -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL =
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1001 -> {6EA73A99-0B28-4B72-847C-D496649EB24D} URL = http://start.mysearchdial.com/
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1003 -> DefaultScope {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL =
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1003 -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL =
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
FF SelectedSearchEngine: WebSearch
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF DefaultSearchEngine,S: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchandfly.info/?pid=3540&r=2014/09/30&hid=8203408240082327723&lg=EN&cc=US&unqvl=62&l=1&q=
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-2855501541-4180452864-3991015007-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
2014-12-30 12:56 - 2014-12-30 12:56 - 00003328 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-12-30 12:49 - 2014-12-30 12:54 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Jdemario\Desktop\SpyHunter-Installer.exe
safeboot: {ef44e88a-38e7-11e0-ac4a-e5a1f1a5314a} => The system is configured to boot to Safe Mode
Task: {203FA549-69F7-48BA-BC25-C6E277F20D7D} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
Task: {A8DC07C9-C13E-4A3B-8DEF-F14C384B53AA} - System32\Tasks\task3521254 => C:\Users\Jdemario\AppData\Local\Temp\0.8821565173166377.exe
Task: {FADD8570-550D-4F71-835E-9B8E90AD657B} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Users\Jdemario\AppData\Local\Temp\0.8821565173166377.exe
C:\Program Files\Enigma Software Group
C:\Program Files (x86)\GoforFiles
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{501D887B-8D4E-4600-B38C-1AEAD9B4B433}" => Key deleted successfully.
HKCR\CLSID\{501D887B-8D4E-4600-B38C-1AEAD9B4B433} => Key not found.
"HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6EA73A99-0B28-4B72-847C-D496649EB24D}" => Key deleted successfully.
HKCR\CLSID\{6EA73A99-0B28-4B72-847C-D496649EB24D} => Key not found.
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{501D887B-8D4E-4600-B38C-1AEAD9B4B433}" => Key deleted successfully.
HKCR\CLSID\{501D887B-8D4E-4600-B38C-1AEAD9B4B433} => Key not found.
"HKCR\PROTOCOLS\Handler\livecall" => Key deleted successfully.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => Key not found.
"HKCR\PROTOCOLS\Handler\msnim" => Key deleted successfully.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => Key not found.
Firefox SelectedSearchEngine deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox SearchEngineOrder.1,S deleted successfully.
Firefox DefaultSearchEngine,S deleted successfully.
Firefox SelectedSearchEngine,S deleted successfully.
Firefox DefaultSearchUrl deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Windows\System32\Tasks\SpyHunter4Startup => Moved successfully.
C:\Users\Jdemario\Desktop\SpyHunter-Installer.exe => Moved successfully.

The operation completed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{203FA549-69F7-48BA-BC25-C6E277F20D7D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{203FA549-69F7-48BA-BC25-C6E277F20D7D}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoforFilesUpdate => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8DC07C9-C13E-4A3B-8DEF-F14C384B53AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8DC07C9-C13E-4A3B-8DEF-F14C384B53AA}" => Key deleted successfully.
C:\Windows\System32\Tasks\task3521254 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\task3521254" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FADD8570-550D-4F71-835E-9B8E90AD657B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FADD8570-550D-4F71-835E-9B8E90AD657B}" => Key deleted successfully.
C:\Windows\System32\Tasks\SpyHunter4Startup not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => Key deleted successfully.
"C:\Users\Jdemario\AppData\Local\Temp\0.8821565173166377.exe" => File/Directory not found.
"C:\Program Files\Enigma Software Group" => File/Directory not found.
"C:\Program Files (x86)\GoforFiles" => File/Directory not found.

The system needed a reboot.

==== End of Fixlog 11:05:54 ====



#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:15 AM

Posted 01 January 2015 - 12:21 PM

Hi,

please try to boot in normal mode now. If successful, generate the next reports from normal mode by re-running FRST. Make sure that the option (Addition.txt) is checked.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 ch333s

ch333s
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 01 January 2015 - 12:54 PM

Yes the boot into normal mode is now successful.

 

First the FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by admin (administrator) on JFD4-T520 on 01-01-2015 11:52:46
Running from C:\Users\Jdemario\Desktop
Loaded Profiles: admin & Jdemario (Available profiles: admin & Jdemario)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Citrix Systems, Inc.) C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\concentr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Citrix Systems, Inc.) C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\Receiver\Receiver.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Systems, Inc.) C:\Users\Jdemario\AppData\Local\Citrix\SelfService\Program Files\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\wfcrun32.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-04] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2011-02-28] (Lenovo Group Limited)
HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-16] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [GrpConv] => grpconv -o
HKLM-x32\...\RunOnce: [SpybotSnD] => C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe [5365592 2009-01-26] (Safer Networking Limited)
HKLM-x32\...\RunOnce: [Del458925753] => cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del"
HKLM-x32\...\RunOnce: [DelTr459011117] => cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [SpybotDeletingA7963] => command.com /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKLM-x32\...\RunOnce: [SpybotDeletingC3824] => cmd.exe /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [Del458925753] => cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del" <===== ATTENTION
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [DelTr459011117] => cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [SpybotDeletingB553] => command.com /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [SpybotDeletingD2674] => cmd.exe /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [ConnectionCenter] => C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\concentr.exe [362432 2011-12-22] (Citrix Systems, Inc.)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [hsscp.EXE] => C:\Users\Jdemario\AppData\Roaming\Hotspot Shield\bin\hsscp.EXE -nonadmin
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\MountPoints2: {cff29afc-10ea-11e1-b766-f0def1703858} - G:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1003 -> {F62B51A3-14DF-47A4-A4D9-550952207157} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: HKLM-x32 {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab
DPF: HKLM-x32 {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://athena.neisd.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.com/NxGame -> C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2855501541-4180452864-3991015007-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2855501541-4180452864-3991015007-1003: @Citrix.com/npican -> C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF HKLM-x32\...\Firefox\Extensions: [VIP6X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-07-08]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-23]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-23]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-23]
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-23]
CHR Extension: (GGouSSaave) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdmabmjcgnbngghkejhieljkbkchgop [2014-09-29]
CHR Extension: (Chrome In-App Payments service) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-23]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-23] (Lenovo.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-06] (Lenovo Group Limited)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-05] (GFI Software)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-10] (Lenovo)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-11-15] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-07-08] ()
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S1 A2DDA; \??\C:\Users\Jdemario\Desktop\EmsisoftEmergencyKit\Run\a2ddax64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-01 11:06 - 2015-01-01 11:06 - 00000324 _____ () C:\Windows\PFRO.log
2014-12-31 12:22 - 2014-12-31 12:22 - 00022944 _____ () C:\Users\Jdemario\Desktop\zoek-results.txt
2014-12-31 12:21 - 2014-12-31 12:21 - 00022944 _____ () C:\Users\admin\Desktop\zoek-results.txt
2014-12-31 12:19 - 2014-12-31 12:21 - 00022944 _____ () C:\zoek-results.log
2014-12-31 12:15 - 2014-12-31 12:19 - 00000000 ____D () C:\zoek_backup
2014-12-31 12:15 - 2014-12-31 12:15 - 01295360 _____ () C:\Users\Jdemario\Desktop\zoek.exe
2014-12-31 12:12 - 2015-01-01 11:52 - 00023706 _____ () C:\Users\Jdemario\Desktop\FRST.txt
2014-12-31 12:12 - 2014-12-31 12:12 - 00038603 _____ () C:\Users\Jdemario\Desktop\Addition.txt
2014-12-31 12:11 - 2015-01-01 11:52 - 00000000 ____D () C:\FRST
2014-12-31 12:11 - 2014-12-31 12:11 - 02123264 _____ (Farbar) C:\Users\Jdemario\Desktop\FRST64.exe
2014-12-31 12:07 - 2014-12-31 12:07 - 00645816 _____ () C:\Users\Jdemario\Desktop\ESETPoweliksCleaner.exe_20141231.120729.7412.log
2014-12-31 12:06 - 2014-12-31 12:06 - 00186568 _____ (ESET) C:\Users\Jdemario\Desktop\ESETPoweliksCleaner.exe
2014-12-31 02:49 - 2014-12-31 02:49 - 00025895 _____ () C:\Users\admin\Documents\Attach.txt
2014-12-31 02:35 - 2014-12-31 02:45 - 00026548 _____ () C:\Users\admin\Desktop\dds.txt
2014-12-31 02:35 - 2014-12-31 02:45 - 00025895 _____ () C:\Users\admin\Desktop\attach.txt
2014-12-31 02:33 - 2014-12-31 02:33 - 00688992 ____R (Swearware) C:\Users\Jdemario\Desktop\dds.com
2014-12-30 13:33 - 2014-12-30 13:33 - 00000000 ____D () C:\Users\admin\AppData\Local\ESET
2014-12-30 12:58 - 2014-12-30 13:00 - 00000000 ____D () C:\Users\Jdemario\Desktop\USB Drive
2014-12-30 12:57 - 2014-12-30 12:57 - 00913408 _____ (Microsoft Corporation) C:\Users\Jdemario\Desktop\mssstool64.exe
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\ProgramData\ESET
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\Program Files\ESET
2014-12-30 12:45 - 2014-12-30 12:48 - 73412608 _____ () C:\Users\Jdemario\Desktop\eav_nt64_enu.msi
2014-12-30 11:47 - 2014-12-30 11:49 - 00000000 ____D () C:\Users\Jdemario\Desktop\Nudes
2014-12-30 02:08 - 2015-01-01 11:09 - 00000728 _____ () C:\Windows\setupact.log
2014-12-30 02:08 - 2014-12-30 02:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-29 13:15 - 2015-01-01 11:42 - 00203694 _____ () C:\Windows\WindowsUpdate.log
2014-12-29 13:09 - 2014-12-29 13:09 - 00000000 __SHD () C:\found.000
2014-12-28 23:40 - 2014-12-28 23:40 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-21 13:34 - 2014-12-21 13:48 - 00000000 ____D () C:\Users\Jdemario\Desktop\DroidPics
2014-12-21 13:23 - 2014-12-21 13:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01009.Wdf
2014-12-20 01:23 - 2014-12-20 01:24 - 05317104 _____ (Piriform Ltd) C:\Users\Jdemario\Desktop\ccsetup501.exe
2014-12-17 19:18 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 19:18 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 03:22 - 2014-12-11 03:22 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:01 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:01 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 22:15 - 2014-12-03 20:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 22:15 - 2014-12-01 17:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 22:15 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 22:15 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 22:15 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 22:15 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 22:15 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 22:15 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 22:15 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 22:15 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 22:15 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 22:15 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 22:15 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 22:15 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 22:15 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 22:15 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 22:15 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 22:15 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 22:15 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 22:15 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 22:15 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 22:15 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 22:15 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 22:15 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 22:15 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 22:15 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 22:15 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 22:15 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 22:15 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 22:15 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 22:15 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 22:15 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 22:15 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 22:15 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 22:15 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 22:15 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 22:15 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 22:15 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 22:15 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 22:15 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 22:14 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 22:14 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 22:14 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 22:14 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 22:14 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 22:14 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 22:14 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 22:14 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 22:14 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 22:14 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 22:14 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 22:14 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 22:14 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 22:14 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 22:14 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 22:14 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 22:14 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 22:14 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 22:14 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 22:14 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 22:14 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 22:14 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 22:14 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 22:14 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 22:14 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 22:14 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 22:14 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-04 00:42 - 2014-11-04 23:14 - 00311685 _____ () C:\Users\Jdemario\Desktop\FactoringJeopardyReview.pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-01 11:51 - 2012-07-05 14:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-01 11:37 - 2011-09-30 00:25 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-01 11:16 - 2009-07-13 22:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-01 11:16 - 2009-07-13 22:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-01 11:14 - 2009-07-13 23:13 - 00796982 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-01 11:10 - 2013-02-02 23:20 - 00000000 ____D () C:\Temp
2015-01-01 11:10 - 2011-09-30 00:25 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-01 11:10 - 2011-07-08 19:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-01 11:09 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-01 11:06 - 2014-09-29 22:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-01-01 11:05 - 2009-07-13 21:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-31 02:51 - 2014-03-05 00:28 - 00025895 _____ () C:\Users\Jdemario\Desktop\Attach.txt
2014-12-31 02:16 - 2014-05-19 22:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-31 02:11 - 2013-08-18 12:44 - 00004060 _____ () C:\Users\admin\Desktop\Rkill.txt
2014-12-30 23:24 - 2014-04-10 02:33 - 00000000 __SHD () C:\Users\Jdemario\AppData\Local\EmieSiteList
2014-12-30 19:17 - 2013-03-28 10:04 - 00000000 ____D () C:\Users\Jdemario\AppData\Local\CrashDumps
2014-12-30 18:38 - 2013-10-09 18:40 - 00000000 ____D () C:\Users\Jdemario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.2
2014-12-30 12:57 - 2011-07-30 19:28 - 00122712 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 12:39 - 2009-07-13 21:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-30 11:55 - 2013-12-05 23:54 - 00000000 ____D () C:\Users\Jdemario\Desktop\UTSA
2014-12-30 10:32 - 2011-07-30 19:17 - 00000000 ____D () C:\Users\admin
2014-12-30 02:15 - 2012-02-25 00:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-30 00:09 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-29 13:29 - 2011-08-08 12:08 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-12-27 20:13 - 2011-11-26 16:04 - 00000452 _____ () C:\Windows\Tasks\Intel_C_CVSC1171005B080D.job
2014-12-25 01:35 - 2011-11-06 10:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2014-12-20 01:24 - 2014-02-19 11:50 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-20 01:24 - 2012-07-05 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 01:23 - 2011-08-22 21:36 - 00000000 ____D () C:\Users\Jdemario\AppData\Roaming\Skype
2014-12-18 22:34 - 2014-09-17 22:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-18 22:34 - 2011-08-22 21:36 - 00000000 ____D () C:\ProgramData\Skype
2014-12-14 02:09 - 2013-02-06 14:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 03:49 - 2014-07-10 02:45 - 00000000 ____D () C:\Windows\rescache
2014-12-11 03:22 - 2014-05-02 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 03:22 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 03:22 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 03:07 - 2011-07-30 20:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:06 - 2013-07-13 11:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:02 - 2011-09-02 12:18 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 22:51 - 2012-07-05 14:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 22:51 - 2012-03-29 19:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 22:51 - 2011-09-02 11:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 22:10 - 2014-10-18 20:46 - 00000000 ____D () C:\Users\admin\AppData\Local\Adobe
2014-12-10 22:07 - 2014-05-19 22:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-09 22:54 - 2014-05-19 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-09 22:54 - 2012-11-19 10:28 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

Files to move or delete:
====================
C:\Users\Jdemario\tmpifo.bat

Some content of TEMP:
====================
C:\Users\Jdemario\AppData\Local\temp\InstHelper.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-25 03:46

==================== End Of Log ============================

 

Now the Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by admin at 2015-01-01 11:53:19
Running from C:\Users\Jdemario\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Citrix Receiver (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC Universe Online (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
ESET NOD32 Antivirus (HKLM\...\{7F39EB28-B9B7-41B8-8564-DB33284A010D}) (Version: 8.0.304.0 - ESET, spol s r. o.)
GeoGebra 4.2 (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\GeoGebra 4.2) (Version: 4.2.60.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Half-Life® 2 (HKLM-x32\...\{D45EC259-4A19-4656-B588-C2C360DD18EA}) (Version: 1.0.0.0 - Valve)
Hotspot Shield 3.42 (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® Solid-State Drive Toolbox (HKLM-x32\...\Intel® Solid-State Drive Toolbox) (Version: 3.0.1.400 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Manager (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.3.9 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 6.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 6.0.2 (x86 en-US)) (Version: 6.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA 3D Vision Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM-x32\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Self-service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 3000 (HKLM-x32\...\SimCity 3000) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Snes9x (HKLM-x32\...\Snes9x) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0046 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.61.00.11 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.19.0 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
Unity Web Player (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
WinDirStat 1.1.2 (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\WinDirStat) (Version:  - )
Windows Driver Package - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows Driver Package - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows Driver Package - Intel USB  (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows Driver Package - Lenovo (LenovoRd) SmartCardReader  (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows Driver Package - Synaptics (SynTP) Mouse  (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

01-01-2015 11:33:46 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2014-10-08 21:44 - 00449979 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {081A1AC5-5F48-4A14-8D71-59352A839D57} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {12BEF712-4DE9-4066-A210-D8626B5612E8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {20D6E0CA-AB80-42CC-A60A-5C98DE38C274} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {24E60271-C42C-445B-AADA-C45A2C7FBD18} - System32\Tasks\{8408A1C2-9B0D-4249-B78F-6C6A4FAA51E4} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.113&amp;LastError=404
Task: {366563DB-9E3A-4888-9464-2AC2E342098C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {3B055EA3-7FDA-4D8C-9641-BF975E31A8E3} - System32\Tasks\Intel_C_CVSC1171005B080D => C:\Program Files (x86)\Intel\Intel® Solid-State Drive Toolbox\Intel SSD Toolbox.exe [2011-10-28] (Intel)
Task: {415BA073-52C0-43A4-B461-E88F59967028} - System32\Tasks\Lenovo\Lenovo Product Registration (Jdemario) => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2011-02-09] (Lenovo, Inc.)
Task: {620AE1C3-DA96-4638-8B6C-A0845E39BAC5} - System32\Tasks\{91C9E031-410B-447C-830A-6169AAC8DCF6} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {683B6D74-EE0B-42EE-B097-3EFD55670390} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {6A805D52-13FE-4EF1-87C3-30C2BACFBF68} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {6BBD8C56-FA2C-40A0-A613-53523D8DF1C2} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {78DFD19C-BA2B-4B28-A1C6-CCA18A7FCF65} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {8B605CA6-F99C-48F1-B738-AAA8CAF99FD5} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe
Task: {9420E4DD-5A28-40A3-ACCE-961168B9CACA} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {97AB2485-387A-4312-BD3C-D3373AC7BE8F} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-23] (Lenovo Group Limited)
Task: {9AE6F763-E371-446E-81EA-453AC0FCCF60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {A587843F-1A0B-4DC2-9A6E-10AC6B568102} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {B85195D8-E783-4622-96B4-A476C492F023} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {BA00E64B-B852-4F6B-A171-12DB1BB6BB9B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C663ABF3-DDF9-4B22-B54A-B7E754387A8D} - System32\Tasks\{C73921BA-B1FF-40BA-8555-01F599BC1387} => Iexplore.exe http://ui.skype.com/ui/0/6.9.73.106.456/en/abandoninstall?page=tsMain
Task: {D77AD9E2-963B-4BF4-B608-4F7FA3952646} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {E8458068-2528-4EC6-BC63-0B546CF923F9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Intel_C_CVSC1171005B080D.job => C:\Program Files (x86)\Intel\Intel® Solid-State Drive Toolbox\Intel SSD Toolbox.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 14:53 - 2010-12-17 14:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-06-26 12:34 - 2012-09-18 14:27 - 00192512 _____ () C:\Windows\System32\ZLhp1020.DLL
2013-06-26 20:50 - 2012-09-18 14:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-07-08 19:58 - 2011-03-23 12:48 - 00044544 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2011-07-08 19:32 - 2011-03-24 04:48 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-07-08 19:51 - 2010-10-26 14:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2013-08-01 23:14 - 2013-12-19 12:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-05-27 23:09 - 2009-05-27 23:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-31 09:05 - 2013-10-31 09:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2011-07-08 19:59 - 2010-04-06 10:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-07-08 19:59 - 2010-04-06 10:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: nwiz => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet

========================= Accounts: ==========================

admin (S-1-5-21-2855501541-4180452864-3991015007-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2855501541-4180452864-3991015007-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2855501541-4180452864-3991015007-1005 - Limited - Enabled)
Guest (S-1-5-21-2855501541-4180452864-3991015007-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2855501541-4180452864-3991015007-1007 - Limited - Enabled)
Jdemario (S-1-5-21-2855501541-4180452864-3991015007-1003 - Limited - Enabled) => C:\Users\Jdemario
JFD4 (S-1-5-21-2855501541-4180452864-3991015007-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: A2 Direct Disk Access Support Driver
Description: A2 Direct Disk Access Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: A2DDA
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/01/2015 11:10:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 11:08:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 11:07:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:19:19 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = zoek.exe restore point; Error = 0x8007043c).

Error: (12/31/2014 00:10:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:06:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:04:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 03:11:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:11:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:08:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (01/01/2015 11:10:50 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (01/01/2015 11:10:45 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (01/01/2015 11:10:40 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (01/01/2015 11:10:35 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (01/01/2015 11:10:30 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (01/01/2015 04:19:50 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.191.1131.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.6.0305.00

 Source Path: 4.6.0305.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/31/2014 00:18:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.191.1131.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.6.0305.00

 Source Path: 4.6.0305.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/31/2014 00:18:58 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (12/31/2014 00:09:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (12/31/2014 00:09:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (01/01/2015 11:10:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 11:08:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 11:07:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:19:19 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\wbem\wmiprvse.exezoek.exe restore point0x8007043c

Error: (12/31/2014 00:10:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:06:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:04:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 03:11:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:11:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 02:08:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
  Date: 2014-09-28 12:10:27.170
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-28 12:10:27.014
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.440
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.425
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.394
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.378
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-21 11:30:15.555
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-21 11:30:15.539
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7-2820QM CPU @ 2.30GHz
Percentage of memory in use: 40%
Total physical RAM: 8145.23 MB
Available physical RAM: 4871.75 MB
Total Pagefile: 16288.65 MB
Available Pagefile: 13257.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:73.36 GB) (Free:6.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.84 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Windows7_OS) (Fixed) (Total:296.92 GB) (Free:158.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: FE06DFB1)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 74.5 GB) (Disk ID: B54D14C8)
Partition 1: (Not Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=73.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:15 AM

Posted 01 January 2015 - 01:09 PM

warning.gif Malware Warning

If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, Email, eBay, Paypal, online forums, etc).

Next steps are:
 
Step 1

Please uninstall some programs:

  • Windows 7w7.png: Click on the hidden2.png button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall:

    Google Chrome
    Microsoft Security Essentials
    Spybot - Search & Destroy

Step 2

emsisoft_emergency_kit.pnglogo.png

  • Download EEK and extract the contents to C:\
  • Double-click the desktop-shortcut to start the tool.
  • Click in the following update-screen "Yes" to obtain the latest malware definitions.
  • Once the update is complete click "Scan".
  • Enable "PUPs" detection (1) and click on "Full Scan" (2).
  • If adware/malware was detected, make sure to check all the items and click "Quarantine selected" (1) and afterwards "view report" (2).
  • Please paste the content of the report in your next reply.

EKK.gif

 

Reboot the computer:

 

 

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

lesestoff.png

Can you please tell me which problems still persist now?
How is the computer running?


Edited by deeprybka, 01 January 2015 - 01:11 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 ch333s

ch333s
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 02 January 2015 - 03:03 AM

First here is the report from emsisoft:

 

Emsisoft Emergency Kit - Version 9.0
Last update: 1/1/2015 11:27:19 PM
User account: JFD4-T520\admin

Scan settings:

Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, D:\, E:\

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 1/1/2015 11:27:41 PM
C:\Users\admin\AppData\Roaming\goforfiles  detected: Application.AppInstall (A)
C:\Users\Jdemario\AppData\Roaming\goforfiles  detected: Application.AppInstall (A)
C:\Users\admin\AppData\Roaming\systweak  detected: Application.AppInstall (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}  detected: Application.AdReg (A)
Key: HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\GOFORFILES  detected: Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\GOFORFILES  detected: Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\ADAWARETB  detected: Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\GOFORFILES  detected: Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SYSTWEAK  detected: Application.InstallAd (A)
C:\Program Files (x86)\Conduit  detected: Application.AppInstall (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS  detected: Setting.DisableRegistryTools (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\CONDUIT  detected: Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\SMARTBAR  detected: Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\YAHOOPARTNERTOOLBAR  detected: Application.Win32.YTool (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}  detected: Application.Win32.WSearch (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SPEEDUPMYPC  detected: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}  detected: Application.Win32.WSearch (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASAPI32  detected: Application.Win32.InstallExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASMANCS  detected: Application.Win32.InstallExt (A)
C:\Users\Jdemario\Desktop\zoek.exe  detected: Trojan.Generic.12298096 (B)
C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll  detected: Adware.Linkury.B (B)
E:\ExtaliaMS.zip -> Extalia.dll  detected: Gen:Trojan.Heur.LP.LK8@aWDIbsci (B)

Scanned 857564
Found 22

Scan end: 1/2/2015 1:43:03 AM
Scan time: 2:15:22

E:\ExtaliaMS.zip Quarantined Gen:Trojan.Heur.LP.LK8@aWDIbsci (B)
C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll Quarantined Adware.Linkury.B (B)
C:\Users\Jdemario\Desktop\zoek.exe Quarantined Trojan.Generic.12298096 (B)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASMANCS Quarantined Application.Win32.InstallExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASAPI32 Quarantined Application.Win32.InstallExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Quarantined Application.Win32.WSearch (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SPEEDUPMYPC Quarantined Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Quarantined Application.Win32.WSearch (A)
Key: HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\YAHOOPARTNERTOOLBAR Quarantined Application.Win32.YTool (A)
Key: HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\SMARTBAR Quarantined Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\CONDUIT Quarantined Application.InstallAd (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
C:\Program Files (x86)\Conduit Quarantined Application.AppInstall (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SYSTWEAK Quarantined Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\GOFORFILES Quarantined Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\ADAWARETB Quarantined Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1003\SOFTWARE\GOFORFILES Quarantined Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-21-2855501541-4180452864-3991015007-1001\SOFTWARE\GOFORFILES Quarantined Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Quarantined Application.AdReg (A)
C:\Users\admin\AppData\Roaming\systweak Quarantined Application.AppInstall (A)
C:\Users\Jdemario\AppData\Roaming\goforfiles Quarantined Application.AppInstall (A)
C:\Users\admin\AppData\Roaming\goforfiles Quarantined Application.AppInstall (A)

Quarantined 22

 

Secondly here is the log from FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by admin (administrator) on JFD4-T520 on 02-01-2015 01:56:21
Running from C:\Users\Jdemario\Desktop
Loaded Profiles: admin & Jdemario (Available profiles: admin & Jdemario)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo Group Limited) C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\userinit.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Citrix Systems, Inc.) C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\concentr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Citrix Systems, Inc.) C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\Receiver\Receiver.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-04] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2011-02-28] (Lenovo Group Limited)
HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-16] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [GrpConv] => grpconv -o
HKLM-x32\...\RunOnce: [SpybotSnD] => "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
HKLM-x32\...\RunOnce: [Del458925753] => cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del"
HKLM-x32\...\RunOnce: [DelTr459011117] => cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [SpybotDeletingA7963] => command.com /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKLM-x32\...\RunOnce: [SpybotDeletingC3824] => cmd.exe /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [Del458925753] => cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del" <===== ATTENTION
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [DelTr459011117] => cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [SpybotDeletingB553] => command.com /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [SpybotDeletingD2674] => cmd.exe /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [ConnectionCenter] => C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\concentr.exe [362432 2011-12-22] (Citrix Systems, Inc.)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [hsscp.EXE] => C:\Users\Jdemario\AppData\Roaming\Hotspot Shield\bin\hsscp.EXE -nonadmin
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\MountPoints2: {cff29afc-10ea-11e1-b766-f0def1703858} - G:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1003 -> {F62B51A3-14DF-47A4-A4D9-550952207157} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: HKLM-x32 {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab
DPF: HKLM-x32 {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://athena.neisd.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.com/NxGame -> C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2855501541-4180452864-3991015007-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2855501541-4180452864-3991015007-1003: @Citrix.com/npican -> C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF HKLM-x32\...\Firefox\Extensions: [VIP6X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-07-08]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-23] (Lenovo.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-06] (Lenovo Group Limited)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-02] (Emsisoft GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-05] (GFI Software)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-10] (Lenovo)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-11-15] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-07-08] ()
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 01:53 - 2015-01-02 01:53 - 00010268 _____ () C:\Users\admin\Desktop\a2scan_150101-232741.txt
2015-01-01 23:23 - 2015-01-01 23:26 - 00000754 _____ () C:\Users\admin\Desktop\Start Emsisoft Emergency Kit.lnk
2015-01-01 23:22 - 2015-01-01 23:26 - 00000000 ____D () C:\EEK
2015-01-01 23:19 - 2015-01-01 23:22 - 165648648 _____ () C:\Users\Jdemario\Desktop\EmsisoftEmergencyKit.exe
2015-01-01 11:06 - 2015-01-01 11:06 - 00000324 _____ () C:\Windows\PFRO.log
2014-12-31 12:22 - 2014-12-31 12:22 - 00022944 _____ () C:\Users\Jdemario\Desktop\zoek-results.txt
2014-12-31 12:21 - 2014-12-31 12:21 - 00022944 _____ () C:\Users\admin\Desktop\zoek-results.txt
2014-12-31 12:19 - 2014-12-31 12:21 - 00022944 _____ () C:\zoek-results.log
2014-12-31 12:15 - 2014-12-31 12:19 - 00000000 ____D () C:\zoek_backup
2014-12-31 12:12 - 2015-01-02 01:56 - 00021357 _____ () C:\Users\Jdemario\Desktop\FRST.txt
2014-12-31 12:12 - 2015-01-01 11:54 - 00040295 _____ () C:\Users\Jdemario\Desktop\Addition.txt
2014-12-31 12:11 - 2015-01-02 01:56 - 00000000 ____D () C:\FRST
2014-12-31 12:11 - 2014-12-31 12:11 - 02123264 _____ (Farbar) C:\Users\Jdemario\Desktop\FRST64.exe
2014-12-31 12:07 - 2014-12-31 12:07 - 00645816 _____ () C:\Users\Jdemario\Desktop\ESETPoweliksCleaner.exe_20141231.120729.7412.log
2014-12-31 12:06 - 2014-12-31 12:06 - 00186568 _____ (ESET) C:\Users\Jdemario\Desktop\ESETPoweliksCleaner.exe
2014-12-31 02:49 - 2014-12-31 02:49 - 00025895 _____ () C:\Users\admin\Documents\Attach.txt
2014-12-31 02:35 - 2014-12-31 02:45 - 00026548 _____ () C:\Users\admin\Desktop\dds.txt
2014-12-31 02:35 - 2014-12-31 02:45 - 00025895 _____ () C:\Users\admin\Desktop\attach.txt
2014-12-31 02:33 - 2014-12-31 02:33 - 00688992 ____R (Swearware) C:\Users\Jdemario\Desktop\dds.com
2014-12-30 13:33 - 2014-12-30 13:33 - 00000000 ____D () C:\Users\admin\AppData\Local\ESET
2014-12-30 12:58 - 2014-12-30 13:00 - 00000000 ____D () C:\Users\Jdemario\Desktop\USB Drive
2014-12-30 12:57 - 2014-12-30 12:57 - 00913408 _____ (Microsoft Corporation) C:\Users\Jdemario\Desktop\mssstool64.exe
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\ProgramData\ESET
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\Program Files\ESET
2014-12-30 12:45 - 2014-12-30 12:48 - 73412608 _____ () C:\Users\Jdemario\Desktop\eav_nt64_enu.msi
2014-12-30 11:47 - 2014-12-30 11:49 - 00000000 ____D () C:\Users\Jdemario\Desktop\Nudes
2014-12-30 02:08 - 2015-01-02 01:55 - 00000784 _____ () C:\Windows\setupact.log
2014-12-30 02:08 - 2014-12-30 02:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-29 13:15 - 2015-01-02 01:55 - 00204319 _____ () C:\Windows\WindowsUpdate.log
2014-12-29 13:09 - 2014-12-29 13:09 - 00000000 __SHD () C:\found.000
2014-12-28 23:40 - 2014-12-28 23:40 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-21 13:34 - 2014-12-21 13:48 - 00000000 ____D () C:\Users\Jdemario\Desktop\DroidPics
2014-12-21 13:23 - 2014-12-21 13:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01009.Wdf
2014-12-20 01:23 - 2014-12-20 01:24 - 05317104 _____ (Piriform Ltd) C:\Users\Jdemario\Desktop\ccsetup501.exe
2014-12-17 19:18 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 19:18 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 03:22 - 2014-12-11 03:22 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:01 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:01 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 22:15 - 2014-12-03 20:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 22:15 - 2014-12-01 17:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 22:15 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 22:15 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 22:15 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 22:15 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 22:15 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 22:15 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 22:15 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 22:15 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 22:15 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 22:15 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 22:15 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 22:15 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 22:15 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 22:15 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 22:15 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 22:15 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 22:15 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 22:15 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 22:15 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 22:15 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 22:15 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 22:15 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 22:15 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 22:15 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 22:15 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 22:15 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 22:15 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 22:15 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 22:15 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 22:15 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 22:15 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 22:15 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 22:15 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 22:15 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 22:15 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 22:15 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 22:15 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 22:15 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 22:14 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 22:14 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 22:14 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 22:14 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 22:14 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 22:14 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 22:14 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 22:14 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 22:14 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 22:14 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 22:14 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 22:14 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 22:14 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 22:14 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 22:14 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 22:14 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 22:14 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 22:14 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 22:14 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 22:14 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 22:14 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 22:14 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 22:14 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 22:14 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 22:14 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 22:14 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 22:14 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-04 00:42 - 2014-11-04 23:14 - 00311685 _____ () C:\Users\Jdemario\Desktop\FactoringJeopardyReview.pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 01:56 - 2013-02-02 23:20 - 00000000 ____D () C:\Temp
2015-01-02 01:56 - 2011-09-30 00:25 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-02 01:56 - 2011-07-08 19:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-02 01:55 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-02 01:51 - 2012-07-05 14:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-02 01:37 - 2011-09-30 00:25 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-01 23:18 - 2012-06-02 22:21 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-01-01 23:18 - 2012-02-25 00:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-01 23:18 - 2012-02-25 00:19 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2015-01-01 23:17 - 2011-09-30 00:24 - 00000000 ____D () C:\Users\admin\AppData\Local\Google
2015-01-01 23:17 - 2011-09-30 00:24 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-01 11:16 - 2009-07-13 22:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-01 11:16 - 2009-07-13 22:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-01 11:14 - 2009-07-13 23:13 - 00796982 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-01 11:06 - 2014-09-29 22:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-01-01 11:05 - 2009-07-13 21:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-31 02:51 - 2014-03-05 00:28 - 00025895 _____ () C:\Users\Jdemario\Desktop\Attach.txt
2014-12-31 02:16 - 2014-05-19 22:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-31 02:11 - 2013-08-18 12:44 - 00004060 _____ () C:\Users\admin\Desktop\Rkill.txt
2014-12-30 23:24 - 2014-04-10 02:33 - 00000000 __SHD () C:\Users\Jdemario\AppData\Local\EmieSiteList
2014-12-30 19:17 - 2013-03-28 10:04 - 00000000 ____D () C:\Users\Jdemario\AppData\Local\CrashDumps
2014-12-30 18:38 - 2013-10-09 18:40 - 00000000 ____D () C:\Users\Jdemario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.2
2014-12-30 12:57 - 2011-07-30 19:28 - 00122712 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 12:39 - 2009-07-13 21:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-30 11:55 - 2013-12-05 23:54 - 00000000 ____D () C:\Users\Jdemario\Desktop\UTSA
2014-12-30 10:32 - 2011-07-30 19:17 - 00000000 ____D () C:\Users\admin
2014-12-30 00:09 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-29 13:29 - 2011-08-08 12:08 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-12-27 20:13 - 2011-11-26 16:04 - 00000452 _____ () C:\Windows\Tasks\Intel_C_CVSC1171005B080D.job
2014-12-25 01:35 - 2011-11-06 10:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2014-12-20 01:24 - 2014-02-19 11:50 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-20 01:24 - 2012-07-05 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 01:23 - 2011-08-22 21:36 - 00000000 ____D () C:\Users\Jdemario\AppData\Roaming\Skype
2014-12-18 22:34 - 2014-09-17 22:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-18 22:34 - 2011-08-22 21:36 - 00000000 ____D () C:\ProgramData\Skype
2014-12-14 02:09 - 2013-02-06 14:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 03:49 - 2014-07-10 02:45 - 00000000 ____D () C:\Windows\rescache
2014-12-11 03:22 - 2014-05-02 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 03:22 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 03:22 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 03:07 - 2011-07-30 20:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:06 - 2013-07-13 11:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:02 - 2011-09-02 12:18 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 22:51 - 2012-07-05 14:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 22:51 - 2012-03-29 19:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 22:51 - 2011-09-02 11:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 22:10 - 2014-10-18 20:46 - 00000000 ____D () C:\Users\admin\AppData\Local\Adobe
2014-12-10 22:07 - 2014-05-19 22:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-09 22:54 - 2014-05-19 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-09 22:54 - 2012-11-19 10:28 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

Files to move or delete:
====================
C:\Users\Jdemario\tmpifo.bat

Some content of TEMP:
====================
C:\Users\Jdemario\AppData\Local\temp\InstHelper.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-25 03:46

==================== End Of Log ============================

 

My computer seems to be running much better, and I'm actually able to use it in normal mode and not safe mode as I had before. I don't seem to find that any of the previous problems are re-occurring. Seems like my computer is good, but you never know. Let me know if you see anything else that needs to be done.

 

Thanks so far for you help, I appreciate you helping out on a day like new years!



#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:15 AM

Posted 03 January 2015 - 09:38 AM

Hi,
please install Chrome version 39.0.2171.95 for Windows.
http://www.google.com/chrome


Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#12 ch333s

ch333s
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 04 January 2015 - 12:25 AM

Just reinstalled Chrome and ran the scan.

 

First the FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2015 03
Ran by admin (administrator) on JFD4-T520 on 03-01-2015 23:22:55
Running from C:\Users\Jdemario\Desktop
Loaded Profiles: admin & Jdemario (Available profiles: admin & Jdemario)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Citrix Systems, Inc.) C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\concentr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Citrix Systems, Inc.) C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\Receiver\Receiver.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Citrix Systems, Inc.) C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Citrix Systems, Inc.) C:\Users\Jdemario\AppData\Local\Citrix\SelfService\Program Files\SelfServicePlugin.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-04] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2011-02-28] (Lenovo Group Limited)
HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-16] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [GrpConv] => grpconv -o
HKLM-x32\...\RunOnce: [SpybotSnD] => "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
HKLM-x32\...\RunOnce: [Del458925753] => cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del"
HKLM-x32\...\RunOnce: [DelTr459011117] => cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [SpybotDeletingA7963] => command.com /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKLM-x32\...\RunOnce: [SpybotDeletingC3824] => cmd.exe /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [Del458925753] => cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del" <===== ATTENTION
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [DelTr459011117] => cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [SpybotDeletingB553] => command.com /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [SpybotDeletingD2674] => cmd.exe /c del "C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\searchplugins\WebSearch.xml"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [ConnectionCenter] => C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\concentr.exe [362432 2011-12-22] (Citrix Systems, Inc.)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [hsscp.EXE] => C:\Users\Jdemario\AppData\Roaming\Hotspot Shield\bin\hsscp.EXE -nonadmin
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\MountPoints2: {cff29afc-10ea-11e1-b766-f0def1703858} - G:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {501D887B-8D4E-4600-B38C-1AEAD9B4B433} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2855501541-4180452864-3991015007-1003 -> {F62B51A3-14DF-47A4-A4D9-550952207157} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: HKLM-x32 {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab
DPF: HKLM-x32 {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://athena.neisd.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.com/NxGame -> C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2855501541-4180452864-3991015007-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2855501541-4180452864-3991015007-1003: @Citrix.com/npican -> C:\Users\Jdemario\AppData\Local\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xrlx87xh.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF HKLM-x32\...\Firefox\Extensions: [VIP6X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-07-08]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-23] (Lenovo.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-06] (Lenovo Group Limited)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-02] (Emsisoft GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-05] (GFI Software)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-10] (Lenovo)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-11-15] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-07-08] ()
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-03 23:22 - 2015-01-03 23:22 - 00002270 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-03 23:22 - 2015-01-03 23:22 - 00000000 ____D () C:\Users\Jdemario\Desktop\FRST-OlderVersion
2015-01-03 23:22 - 2015-01-03 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-03 23:19 - 2015-01-03 23:20 - 00000000 ____D () C:\Users\Jdemario\AppData\Local\Deployment
2015-01-03 23:19 - 2015-01-03 23:19 - 00000000 ____D () C:\Users\Jdemario\AppData\Local\Apps\2.0
2015-01-02 01:53 - 2015-01-02 01:53 - 00010268 _____ () C:\Users\admin\Desktop\a2scan_150101-232741.txt
2015-01-01 23:23 - 2015-01-01 23:26 - 00000754 _____ () C:\Users\admin\Desktop\Start Emsisoft Emergency Kit.lnk
2015-01-01 23:22 - 2015-01-01 23:26 - 00000000 ____D () C:\EEK
2015-01-01 23:19 - 2015-01-01 23:22 - 165648648 _____ () C:\Users\Jdemario\Desktop\EmsisoftEmergencyKit.exe
2015-01-01 11:06 - 2015-01-01 11:06 - 00000324 _____ () C:\Windows\PFRO.log
2014-12-31 12:22 - 2014-12-31 12:22 - 00022944 _____ () C:\Users\Jdemario\Desktop\zoek-results.txt
2014-12-31 12:21 - 2014-12-31 12:21 - 00022944 _____ () C:\Users\admin\Desktop\zoek-results.txt
2014-12-31 12:19 - 2014-12-31 12:21 - 00022944 _____ () C:\zoek-results.log
2014-12-31 12:15 - 2014-12-31 12:19 - 00000000 ____D () C:\zoek_backup
2014-12-31 12:12 - 2015-01-03 23:22 - 00021913 _____ () C:\Users\Jdemario\Desktop\FRST.txt
2014-12-31 12:12 - 2015-01-01 11:54 - 00040295 _____ () C:\Users\Jdemario\Desktop\Addition.txt
2014-12-31 12:11 - 2015-01-03 23:22 - 02123776 _____ (Farbar) C:\Users\Jdemario\Desktop\FRST64.exe
2014-12-31 12:11 - 2015-01-03 23:22 - 00000000 ____D () C:\FRST
2014-12-31 12:07 - 2014-12-31 12:07 - 00645816 _____ () C:\Users\Jdemario\Desktop\ESETPoweliksCleaner.exe_20141231.120729.7412.log
2014-12-31 12:06 - 2014-12-31 12:06 - 00186568 _____ (ESET) C:\Users\Jdemario\Desktop\ESETPoweliksCleaner.exe
2014-12-31 02:49 - 2014-12-31 02:49 - 00025895 _____ () C:\Users\admin\Documents\Attach.txt
2014-12-31 02:35 - 2014-12-31 02:45 - 00026548 _____ () C:\Users\admin\Desktop\dds.txt
2014-12-31 02:35 - 2014-12-31 02:45 - 00025895 _____ () C:\Users\admin\Desktop\attach.txt
2014-12-31 02:33 - 2014-12-31 02:33 - 00688992 ____R (Swearware) C:\Users\Jdemario\Desktop\dds.com
2014-12-30 13:33 - 2014-12-30 13:33 - 00000000 ____D () C:\Users\admin\AppData\Local\ESET
2014-12-30 12:58 - 2014-12-30 13:00 - 00000000 ____D () C:\Users\Jdemario\Desktop\USB Drive
2014-12-30 12:57 - 2014-12-30 12:57 - 00913408 _____ (Microsoft Corporation) C:\Users\Jdemario\Desktop\mssstool64.exe
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\ProgramData\ESET
2014-12-30 12:50 - 2014-12-30 12:50 - 00000000 ____D () C:\Program Files\ESET
2014-12-30 12:45 - 2014-12-30 12:48 - 73412608 _____ () C:\Users\Jdemario\Desktop\eav_nt64_enu.msi
2014-12-30 11:47 - 2014-12-30 11:49 - 00000000 ____D () C:\Users\Jdemario\Desktop\Nudes
2014-12-30 02:08 - 2015-01-03 23:16 - 00000840 _____ () C:\Windows\setupact.log
2014-12-30 02:08 - 2014-12-30 02:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-29 13:15 - 2015-01-03 23:22 - 00288091 _____ () C:\Windows\WindowsUpdate.log
2014-12-29 13:09 - 2014-12-29 13:09 - 00000000 __SHD () C:\found.000
2014-12-28 23:40 - 2014-12-28 23:40 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-21 13:34 - 2014-12-21 13:48 - 00000000 ____D () C:\Users\Jdemario\Desktop\DroidPics
2014-12-21 13:23 - 2014-12-21 13:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01009.Wdf
2014-12-20 01:23 - 2014-12-20 01:24 - 05317104 _____ (Piriform Ltd) C:\Users\Jdemario\Desktop\ccsetup501.exe
2014-12-17 19:18 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 19:18 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 03:22 - 2014-12-11 03:22 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:01 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:01 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 22:15 - 2014-12-03 20:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 22:15 - 2014-12-03 20:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 22:15 - 2014-12-01 17:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 22:15 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 22:15 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 22:15 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 22:15 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 22:15 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 22:15 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 22:15 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 22:15 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 22:15 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 22:15 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 22:15 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 22:15 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 22:15 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 22:15 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 22:15 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 22:15 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 22:15 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 22:15 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 22:15 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 22:15 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 22:15 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 22:15 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 22:15 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 22:15 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 22:15 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 22:15 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 22:15 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 22:15 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 22:15 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 22:15 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 22:15 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 22:15 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 22:15 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 22:15 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 22:15 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 22:15 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 22:15 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 22:15 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 22:14 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 22:14 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 22:14 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 22:14 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 22:14 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 22:14 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 22:14 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 22:14 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 22:14 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 22:14 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 22:14 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 22:14 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 22:14 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 22:14 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 22:14 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 22:14 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 22:14 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 22:14 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 22:14 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 22:14 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 22:14 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 22:14 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 22:14 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 22:14 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 22:14 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 22:14 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 22:14 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 22:14 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 22:14 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-04 00:42 - 2014-11-04 23:14 - 00311685 _____ () C:\Users\Jdemario\Desktop\FactoringJeopardyReview.pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-03 23:22 - 2009-07-13 23:13 - 00796982 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-03 23:21 - 2011-09-30 00:24 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-03 23:20 - 2011-09-30 00:25 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-03 23:20 - 2011-09-30 00:25 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-03 23:20 - 2011-09-30 00:25 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-03 23:20 - 2011-09-30 00:25 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-03 23:17 - 2013-02-02 23:20 - 00000000 ____D () C:\Temp
2015-01-03 23:17 - 2011-07-08 19:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-03 23:16 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-02 02:12 - 2009-07-13 22:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-02 02:12 - 2009-07-13 22:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-02 01:51 - 2012-07-05 14:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-01 23:18 - 2012-06-02 22:21 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-01-01 23:18 - 2012-02-25 00:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-01 23:18 - 2012-02-25 00:19 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2015-01-01 23:17 - 2011-09-30 00:24 - 00000000 ____D () C:\Users\admin\AppData\Local\Google
2015-01-01 11:06 - 2014-09-29 22:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-01-01 11:05 - 2009-07-13 21:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-31 02:51 - 2014-03-05 00:28 - 00025895 _____ () C:\Users\Jdemario\Desktop\Attach.txt
2014-12-31 02:16 - 2014-05-19 22:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-31 02:11 - 2013-08-18 12:44 - 00004060 _____ () C:\Users\admin\Desktop\Rkill.txt
2014-12-30 23:24 - 2014-04-10 02:33 - 00000000 __SHD () C:\Users\Jdemario\AppData\Local\EmieSiteList
2014-12-30 19:17 - 2013-03-28 10:04 - 00000000 ____D () C:\Users\Jdemario\AppData\Local\CrashDumps
2014-12-30 18:38 - 2013-10-09 18:40 - 00000000 ____D () C:\Users\Jdemario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.2
2014-12-30 12:57 - 2011-07-30 19:28 - 00122712 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 12:39 - 2009-07-13 21:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-30 11:55 - 2013-12-05 23:54 - 00000000 ____D () C:\Users\Jdemario\Desktop\UTSA
2014-12-30 10:32 - 2011-07-30 19:17 - 00000000 ____D () C:\Users\admin
2014-12-30 00:09 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-29 13:29 - 2011-08-08 12:08 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-12-27 20:13 - 2011-11-26 16:04 - 00000452 _____ () C:\Windows\Tasks\Intel_C_CVSC1171005B080D.job
2014-12-25 01:35 - 2011-11-06 10:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2014-12-20 01:24 - 2014-02-19 11:50 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-20 01:24 - 2012-07-05 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 01:23 - 2011-08-22 21:36 - 00000000 ____D () C:\Users\Jdemario\AppData\Roaming\Skype
2014-12-18 22:34 - 2014-09-17 22:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-18 22:34 - 2011-08-22 21:36 - 00000000 ____D () C:\ProgramData\Skype
2014-12-14 02:09 - 2013-02-06 14:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 03:49 - 2014-07-10 02:45 - 00000000 ____D () C:\Windows\rescache
2014-12-11 03:22 - 2014-05-02 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 03:22 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 03:22 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 03:07 - 2011-07-30 20:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:06 - 2013-07-13 11:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:02 - 2011-09-02 12:18 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 22:51 - 2012-07-05 14:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 22:51 - 2012-03-29 19:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 22:51 - 2011-09-02 11:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 22:10 - 2014-10-18 20:46 - 00000000 ____D () C:\Users\admin\AppData\Local\Adobe
2014-12-10 22:07 - 2014-05-19 22:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-09 22:54 - 2014-05-19 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-09 22:54 - 2012-11-19 10:28 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

Files to move or delete:
====================
C:\Users\Jdemario\tmpifo.bat

Some content of TEMP:
====================
C:\Users\Jdemario\AppData\Local\temp\InstHelper.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-25 03:46

==================== End Of Log ============================

 

Next the Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-01-2015 03
Ran by admin at 2015-01-03 23:23:24
Running from C:\Users\Jdemario\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Citrix Receiver (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC Universe Online (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
ESET NOD32 Antivirus (HKLM\...\{7F39EB28-B9B7-41B8-8564-DB33284A010D}) (Version: 8.0.304.0 - ESET, spol s r. o.)
GeoGebra 4.2 (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\GeoGebra 4.2) (Version: 4.2.60.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Half-Life® 2 (HKLM-x32\...\{D45EC259-4A19-4656-B588-C2C360DD18EA}) (Version: 1.0.0.0 - Valve)
Hotspot Shield 3.42 (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® Solid-State Drive Toolbox (HKLM-x32\...\Intel® Solid-State Drive Toolbox) (Version: 3.0.1.400 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Manager (HKU\S-1-5-21-2855501541-4180452864-3991015007-1003\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.3.9 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 6.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 6.0.2 (x86 en-US)) (Version: 6.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA 3D Vision Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM-x32\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Self-service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 3000 (HKLM-x32\...\SimCity 3000) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Snes9x (HKLM-x32\...\Snes9x) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0046 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.61.00.11 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.19.0 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
Unity Web Player (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
WinDirStat 1.1.2 (HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\WinDirStat) (Version:  - )
Windows Driver Package - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows Driver Package - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows Driver Package - Intel USB  (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows Driver Package - Lenovo (LenovoRd) SmartCardReader  (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows Driver Package - Synaptics (SynTP) Mouse  (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2014-10-08 21:44 - 00449979 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {081A1AC5-5F48-4A14-8D71-59352A839D57} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {12BEF712-4DE9-4066-A210-D8626B5612E8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {20D6E0CA-AB80-42CC-A60A-5C98DE38C274} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03] (Google Inc.)
Task: {24E60271-C42C-445B-AADA-C45A2C7FBD18} - System32\Tasks\{8408A1C2-9B0D-4249-B78F-6C6A4FAA51E4} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.113&amp;LastError=404
Task: {366563DB-9E3A-4888-9464-2AC2E342098C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {3B055EA3-7FDA-4D8C-9641-BF975E31A8E3} - System32\Tasks\Intel_C_CVSC1171005B080D => C:\Program Files (x86)\Intel\Intel® Solid-State Drive Toolbox\Intel SSD Toolbox.exe [2011-10-28] (Intel)
Task: {415BA073-52C0-43A4-B461-E88F59967028} - System32\Tasks\Lenovo\Lenovo Product Registration (Jdemario) => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2011-02-09] (Lenovo, Inc.)
Task: {620AE1C3-DA96-4638-8B6C-A0845E39BAC5} - System32\Tasks\{91C9E031-410B-447C-830A-6169AAC8DCF6} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {683B6D74-EE0B-42EE-B097-3EFD55670390} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03] (Google Inc.)
Task: {6A805D52-13FE-4EF1-87C3-30C2BACFBF68} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {6BBD8C56-FA2C-40A0-A613-53523D8DF1C2} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {78DFD19C-BA2B-4B28-A1C6-CCA18A7FCF65} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {8B605CA6-F99C-48F1-B738-AAA8CAF99FD5} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe
Task: {9420E4DD-5A28-40A3-ACCE-961168B9CACA} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {97AB2485-387A-4312-BD3C-D3373AC7BE8F} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-23] (Lenovo Group Limited)
Task: {9AE6F763-E371-446E-81EA-453AC0FCCF60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {A587843F-1A0B-4DC2-9A6E-10AC6B568102} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {B85195D8-E783-4622-96B4-A476C492F023} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {BA00E64B-B852-4F6B-A171-12DB1BB6BB9B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C663ABF3-DDF9-4B22-B54A-B7E754387A8D} - System32\Tasks\{C73921BA-B1FF-40BA-8555-01F599BC1387} => Iexplore.exe http://ui.skype.com/ui/0/6.9.73.106.456/en/abandoninstall?page=tsMain
Task: {D77AD9E2-963B-4BF4-B608-4F7FA3952646} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {E8458068-2528-4EC6-BC63-0B546CF923F9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Intel_C_CVSC1171005B080D.job => C:\Program Files (x86)\Intel\Intel® Solid-State Drive Toolbox\Intel SSD Toolbox.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 14:53 - 2010-12-17 14:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-06-26 12:34 - 2012-09-18 14:27 - 00192512 _____ () C:\Windows\System32\ZLhp1020.DLL
2013-06-26 20:50 - 2012-09-18 14:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-07-08 19:58 - 2011-03-23 12:48 - 00044544 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2011-07-08 19:32 - 2011-03-24 04:48 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-07-08 19:51 - 2010-10-26 14:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2013-08-01 23:14 - 2013-12-19 12:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-05-27 23:09 - 2009-05-27 23:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-31 09:05 - 2013-10-31 09:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2011-07-08 19:59 - 2010-04-06 10:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-07-08 19:59 - 2010-04-06 10:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: nwiz => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet

========================= Accounts: ==========================

admin (S-1-5-21-2855501541-4180452864-3991015007-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2855501541-4180452864-3991015007-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2855501541-4180452864-3991015007-1005 - Limited - Enabled)
Guest (S-1-5-21-2855501541-4180452864-3991015007-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2855501541-4180452864-3991015007-1007 - Limited - Enabled)
Jdemario (S-1-5-21-2855501541-4180452864-3991015007-1003 - Limited - Enabled) => C:\Users\Jdemario
JFD4 (S-1-5-21-2855501541-4180452864-3991015007-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/03/2015 11:17:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2015 01:56:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2015 00:11:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/02/2015 00:11:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/01/2015 11:56:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/01/2015 11:56:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/01/2015 11:10:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 11:08:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 11:07:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:19:19 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = zoek.exe restore point; Error = 0x8007043c).

System errors:
=============
Error: (01/01/2015 11:28:22 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/01/2015 11:10:50 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (01/01/2015 11:10:45 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (01/01/2015 11:10:40 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (01/01/2015 11:10:35 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (01/01/2015 11:10:30 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (01/01/2015 04:19:50 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %%8604.6.0305.01.191.1131.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.11302.00x8007043cThis service cannot be started in Safe Mode 1%%852Default URL

Error: (12/31/2014 00:18:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %%8604.6.0305.01.191.1131.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.11302.00x8007043cThis service cannot be started in Safe Mode 1%%852Default URL

Error: (12/31/2014 00:18:58 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (12/31/2014 00:09:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (01/03/2015 11:17:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2015 01:56:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2015 00:11:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe

Error: (01/02/2015 00:11:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe

Error: (01/01/2015 11:56:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe

Error: (01/01/2015 11:56:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe

Error: (01/01/2015 11:10:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 11:08:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 11:07:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/31/2014 00:19:19 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\wbem\wmiprvse.exezoek.exe restore point0x8007043c

CodeIntegrity Errors:
===================================
  Date: 2014-09-28 12:10:27.170
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-28 12:10:27.014
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.440
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.425
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.394
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-06 13:58:38.378
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-21 11:30:15.555
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-21 11:30:15.539
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7-2820QM CPU @ 2.30GHz
Percentage of memory in use: 36%
Total physical RAM: 8145.23 MB
Available physical RAM: 5180.52 MB
Total Pagefile: 16288.65 MB
Available Pagefile: 13339.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:73.36 GB) (Free:7.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.84 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Windows7_OS) (Fixed) (Total:296.92 GB) (Free:158.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: FE06DFB1)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 74.5 GB) (Disk ID: B54D14C8)
Partition 1: (Not Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=73.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#13 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:15 AM

Posted 05 January 2015 - 01:52 PM

OK. :)

Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.)
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

Attached File  fixlist.txt   892bytes   6 downloads


That's it! abklatsch.gif
Your logs look clean to me at the moment. :thumbup2:
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif
Thank you!


Clean Upcleanupm.PNG

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download delfix.pngDelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:




Adobe Flash Player 15
Java 7 Update 71
Mozilla Firefox 6.0.2

 



Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#14 ch333s

ch333s
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 05 January 2015 - 11:05 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-01-2015 03
Ran by admin at 2015-01-05 19:18:14 Run:2
Running from C:\Users\Jdemario\Desktop
Loaded Profiles: admin & Jdemario (Available profiles: admin & Jdemario)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
HKLM-x32\...\RunOnce: [Del458925753] => cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del"
HKLM-x32\...\RunOnce: [DelTr459011117] => cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [Del458925753] => cmd.exe /Q /D /c del "C:\Users\admin\AppData\Local\Temp\0.del" <===== ATTENTION
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\...\RunOnce: [DelTr459011117] => cmd.exe /c rd /s /q  "C:\Users\admin\AppData\Roaming\mysearchdial"
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2014-12-21 13:23 - 2014-12-21 13:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01009.Wdf
C:\Users\Jdemario\tmpifo.bat
CreateRestorePoint:
EmptyTemp:
 
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\Del458925753 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\DelTr459011117 => value deleted successfully.
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Del458925753 => value deleted successfully.
HKU\S-1-5-21-2855501541-4180452864-3991015007-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\DelTr459011117 => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01009.Wdf => Moved successfully.
C:\Users\Jdemario\tmpifo.bat => Moved successfully.
Restore point was successfully created.
EmptyTemp: => Removed 11.5 GB temporary data.

The system needed a reboot.

==== End of Fixlog 19:31:46 ====

 

Thank you so much Jurgen! I'll be sure to read up on those suggestions!



#15 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:15 AM

Posted 06 January 2015 - 09:40 AM

You are welcome! :)
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users