Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help! Cryptowall virus on computer!


  • Please log in to reply

#1
sarahb16

sarahb16

    Member

  • Member
  • PipPip
  • 23 posts

In need of some assistance. The family computer has seemed to have picked up Cryptowall virus (suspected via Chrome web browser) and now tons of files are encrypted. Fortunately there was not many important files on the computer, but, we do not have a recovery disk for the Windows Vista Home and the virus has blocked all system restores. There is also an issue with an external harddrive being infected. If steps could be shared how to wipe that as well it would be most helpful. Thank you!

 

 

I followed the Malware and Spyware Cleaning Guide with running FRST64. Below is posted the FRST and Additional Notepad information.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mitch (administrator) on KRIS-PC on 29-03-2015 21:13:42
Running from C:\Users\Sarah\Desktop
Loaded Profiles: Mitch & Sarah (Available profiles: Mitch & Sarah)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Primax Electronics Ltd.) C:\Windows\System32\ico.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Primax Electronics Ltd.) C:\Windows\System32\pmxmiced.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [PMX Daemon] => C:\Windows\system32\ICO.EXE [91648 2006-11-08] (Primax Electronics Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1290504 2011-01-22] (Trend Micro Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [443904 2008-06-26] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2010-02-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\...\Run: [Amazon Music] => C:\Users\Mitch\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\...\Run: [hgmreas] => rundll32 "C:\Users\Sarah\AppData\Local\hgmreas.dll",hgmreas <===== ATTENTION
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"jiiie8\..\mshtml,RunHTMLApplication ";eval("cq7<odv!@buhwdYNckdbu)#VRbshqu/ (the data entry has 27921 more characters). <==== Poweliks!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML ()
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG ()
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT ()
InternetURL: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL -> hxxp://paytoc4gtpn5czl2.optionstopaytos.com/12gtv3b
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3003745939-3766210737-3386188188-1004 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKU\S-1-5-21-3003745939-3766210737-3386188188-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-23] (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-06] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: No Name -> {C56CB6B0-0D96-11D6-8C65-B2868B609932} ->  No File
BHO-x32: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-20] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mitch\AppData\Roaming\Mozilla\Firefox\Profiles\aj64lc09.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 -> C:\Windows\system32\npDeployJava1.dll [2012-08-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-08-23] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2008-11-06] (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2008-12-10] (DivX, Inc)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-11-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-06]

Chrome:
=======
CHR Profile: C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-06]
CHR Extension: (Google Drive) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (YouTube) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06]
CHR Extension: (Google Search) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-08]
CHR Extension: (Google Wallet) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-06]
CHR Extension: (Gmail) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Kris\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-06] (AVAST Software)
R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [File not signed]
S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) [File not signed]
S3 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S4 MSSQL$BWDATOOLSET; c:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [820488 2011-01-22] (Trend Micro Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe [246272 2008-06-26] (IDT, Inc.)
R2 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [563464 2011-01-22] (Trend Micro Inc.)
S3 TmPfw; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [587696 2011-01-22] (Trend Micro Inc.)
S3 tmproxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [854280 2011-01-22] (Trend Micro Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
S3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-06] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [0 2014-07-06] () <==== ATTENTION (zero size file/folder)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-07-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-06] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-07-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2009-03-14] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2009-03-14] ()
S3 motport; C:\Windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Motorola Mobility Inc)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14304 1999-07-28] () [File not signed]
R1 tmlwf; C:\Windows\System32\DRIVERS\tmlwf.sys [192528 2011-01-22] (Trend Micro Inc.)
R2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42768 2011-07-12] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [80912 2011-01-22] (Trend Micro Inc.)
R2 tmwfp; C:\Windows\System32\DRIVERS\tmwfp.sys [277008 2011-01-22] (Trend Micro Inc.)
R2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [342288 2011-07-12] (Trend Micro Inc.)
R2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [2077456 2011-07-12] (Trend Micro Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 21:13 - 2015-03-29 21:15 - 00024225 _____ () C:\Users\Sarah\Desktop\FRST.txt
2015-03-29 21:09 - 2015-03-29 21:13 - 00000000 ____D () C:\FRST
2015-03-29 21:08 - 2015-03-29 21:04 - 02095616 _____ (Farbar) C:\Users\Sarah\Desktop\FRST64.exe
2015-03-29 20:55 - 2015-03-29 20:55 - 00000732 _____ () C:\Users\Sarah\AppData\Local\d3d9caps64.dat
2015-03-27 03:29 - 2015-03-27 03:29 - 00008706 _____ () C:\Users\Sarah\Desktop\HELP_DECRYPT.HTML
2015-03-27 03:29 - 2015-03-27 03:29 - 00004296 _____ () C:\Users\Sarah\Desktop\HELP_DECRYPT.TXT
2015-03-27 03:29 - 2015-03-27 03:29 - 00000304 _____ () C:\Users\Sarah\Desktop\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\AppData\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\AppData\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\AppData\HELP_DECRYPT.URL
2015-03-26 23:47 - 2015-03-26 23:47 - 00023552 _____ () C:\Users\Sarah\AppData\Local\hgmreas.dll
2015-03-26 23:47 - 2015-03-26 23:47 - 00008706 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-03-26 23:47 - 2015-03-26 23:47 - 00004296 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-03-26 23:47 - 2015-03-26 23:47 - 00002772 _____ () C:\Windows\System32\Tasks\task432902228
2015-03-26 23:47 - 2015-03-26 23:47 - 00000304 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-03-10 19:26 - 2015-03-10 19:26 - 14487928 _____ (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) C:\Users\Mitch\Downloads\R78500.EXE
2015-03-10 19:25 - 2015-03-10 19:25 - 08874624 _____ (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) C:\Users\Mitch\Downloads\R87461.EXE
2015-03-07 02:55 - 2015-03-08 14:03 - 00005120 _____ () C:\Users\Mitch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-05 23:44 - 2015-03-22 17:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-28 18:10 - 2015-03-08 10:18 - 00000000 ____D () C:\Users\Mitch\Documents\red usb drive
2015-02-28 15:07 - 2015-02-28 15:08 - 00000000 ____D () C:\Users\Mitch\Documents\mitch backup
2015-02-28 15:05 - 2015-02-28 15:05 - 00000000 ____D () C:\Users\Mitch\Documents\C bckup

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 21:14 - 2009-01-15 10:11 - 01231743 _____ () C:\Windows\WindowsUpdate.log
2015-03-29 21:13 - 2014-01-24 11:15 - 00000000 ____D () C:\Users\Mitch
2015-03-29 21:11 - 2014-06-30 22:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-29 21:11 - 2012-06-16 21:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-29 21:10 - 2009-04-13 21:20 - 00000000 ____D () C:\temp
2015-03-29 21:10 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-29 21:10 - 2006-11-02 11:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-29 21:10 - 2006-11-02 11:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-29 20:56 - 2006-11-02 08:46 - 00838784 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 09:04 - 2014-10-02 21:14 - 00000000 ____D () C:\Users\Mitch\AppData\Roaming\Skype
2015-03-27 08:28 - 2014-06-30 22:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 00:32 - 2014-07-03 00:23 - 00000680 _____ () C:\Users\Sarah\AppData\Local\d3d9caps.dat
2015-03-26 23:49 - 2015-02-18 14:43 - 00000000 ____D () C:\Users\Sarah\Downloads\comicpress
2015-03-26 23:49 - 2014-10-08 21:54 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Mozilla
2015-03-26 23:49 - 2014-07-01 21:56 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Skype
2015-03-26 23:49 - 2014-07-01 21:56 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Skype
2015-03-26 23:49 - 2014-06-30 22:02 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Adobe
2015-03-26 23:49 - 2014-06-30 22:01 - 00000000 ____D () C:\Users\Sarah
2015-03-26 23:48 - 2014-07-01 23:46 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Apple Computer
2015-03-26 23:48 - 2014-06-30 22:03 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Google
2015-03-26 23:47 - 2012-08-28 18:22 - 00000000 ____D () C:\ProgramData\Battle.net
2015-03-26 23:47 - 2010-03-14 20:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-03-21 20:14 - 2014-06-30 22:05 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-10 19:23 - 2006-11-02 11:27 - 00168974 _____ () C:\Windows\setupact.log
2015-03-09 12:54 - 2014-07-14 19:40 - 00010024 _____ () C:\Windows\system32\spsys.log
2015-03-07 12:53 - 2014-10-08 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-07 12:51 - 2006-11-02 11:42 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2014-01-24 16:23 - 2014-10-16 09:07 - 0000680 _____ () C:\Users\Mitch\AppData\Local\d3d9caps.dat
2015-03-07 02:55 - 2015-03-08 14:03 - 0005120 _____ () C:\Users\Mitch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-26 23:47 - 2015-03-26 23:47 - 0008706 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-03-26 23:47 - 2015-03-26 23:47 - 0045789 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-03-26 23:47 - 2015-03-26 23:47 - 0004296 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-03-26 23:47 - 2015-03-26 23:47 - 0000304 _____ () C:\ProgramData\HELP_DECRYPT.URL
2009-11-14 14:46 - 2014-01-23 16:28 - 0006754 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Mitch\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Mitch\AppData\Local\Temp\ose00000.exe
C:\Users\Mitch\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sarah\AppData\Local\Temp\repfix.exe


Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\aswMonFlt.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-29 21:16

==================== End Of Log ============================

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mitch (administrator) on KRIS-PC on 29-03-2015 21:13:42
Running from C:\Users\Sarah\Desktop
Loaded Profiles: Mitch & Sarah (Available profiles: Mitch & Sarah)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Primax Electronics Ltd.) C:\Windows\System32\ico.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Primax Electronics Ltd.) C:\Windows\System32\pmxmiced.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [PMX Daemon] => C:\Windows\system32\ICO.EXE [91648 2006-11-08] (Primax Electronics Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1290504 2011-01-22] (Trend Micro Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [443904 2008-06-26] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2010-02-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\...\Run: [Amazon Music] => C:\Users\Mitch\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\...\Run: [hgmreas] => rundll32 "C:\Users\Sarah\AppData\Local\hgmreas.dll",hgmreas <===== ATTENTION
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"jiiie8\..\mshtml,RunHTMLApplication ";eval("cq7<odv!@buhwdYNckdbu)#VRbshqu/ (the data entry has 27921 more characters). <==== Poweliks!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML ()
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG ()
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT ()
InternetURL: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL -> hxxp://paytoc4gtpn5czl2.optionstopaytos.com/12gtv3b
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3003745939-3766210737-3386188188-1004 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKU\S-1-5-21-3003745939-3766210737-3386188188-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-23] (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-06] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: No Name -> {C56CB6B0-0D96-11D6-8C65-B2868B609932} ->  No File
BHO-x32: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-20] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mitch\AppData\Roaming\Mozilla\Firefox\Profiles\aj64lc09.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 -> C:\Windows\system32\npDeployJava1.dll [2012-08-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-08-23] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2008-11-06] (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2008-12-10] (DivX, Inc)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-11-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-06]

Chrome:
=======
CHR Profile: C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-06]
CHR Extension: (Google Drive) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (YouTube) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06]
CHR Extension: (Google Search) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-08]
CHR Extension: (Google Wallet) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-06]
CHR Extension: (Gmail) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Kris\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-06] (AVAST Software)
R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [File not signed]
S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) [File not signed]
S3 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S4 MSSQL$BWDATOOLSET; c:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [820488 2011-01-22] (Trend Micro Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe [246272 2008-06-26] (IDT, Inc.)
R2 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [563464 2011-01-22] (Trend Micro Inc.)
S3 TmPfw; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [587696 2011-01-22] (Trend Micro Inc.)
S3 tmproxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [854280 2011-01-22] (Trend Micro Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
S3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-06] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [0 2014-07-06] () <==== ATTENTION (zero size file/folder)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-07-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-06] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-07-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2009-03-14] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2009-03-14] ()
S3 motport; C:\Windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Motorola Mobility Inc)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14304 1999-07-28] () [File not signed]
R1 tmlwf; C:\Windows\System32\DRIVERS\tmlwf.sys [192528 2011-01-22] (Trend Micro Inc.)
R2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42768 2011-07-12] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [80912 2011-01-22] (Trend Micro Inc.)
R2 tmwfp; C:\Windows\System32\DRIVERS\tmwfp.sys [277008 2011-01-22] (Trend Micro Inc.)
R2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [342288 2011-07-12] (Trend Micro Inc.)
R2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [2077456 2011-07-12] (Trend Micro Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 21:13 - 2015-03-29 21:15 - 00024225 _____ () C:\Users\Sarah\Desktop\FRST.txt
2015-03-29 21:09 - 2015-03-29 21:13 - 00000000 ____D () C:\FRST
2015-03-29 21:08 - 2015-03-29 21:04 - 02095616 _____ (Farbar) C:\Users\Sarah\Desktop\FRST64.exe
2015-03-29 20:55 - 2015-03-29 20:55 - 00000732 _____ () C:\Users\Sarah\AppData\Local\d3d9caps64.dat
2015-03-27 03:29 - 2015-03-27 03:29 - 00008706 _____ () C:\Users\Sarah\Desktop\HELP_DECRYPT.HTML
2015-03-27 03:29 - 2015-03-27 03:29 - 00004296 _____ () C:\Users\Sarah\Desktop\HELP_DECRYPT.TXT
2015-03-27 03:29 - 2015-03-27 03:29 - 00000304 _____ () C:\Users\Sarah\Desktop\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\AppData\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\AppData\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\AppData\HELP_DECRYPT.URL
2015-03-26 23:47 - 2015-03-26 23:47 - 00023552 _____ () C:\Users\Sarah\AppData\Local\hgmreas.dll
2015-03-26 23:47 - 2015-03-26 23:47 - 00008706 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-03-26 23:47 - 2015-03-26 23:47 - 00004296 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-03-26 23:47 - 2015-03-26 23:47 - 00002772 _____ () C:\Windows\System32\Tasks\task432902228
2015-03-26 23:47 - 2015-03-26 23:47 - 00000304 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-03-10 19:26 - 2015-03-10 19:26 - 14487928 _____ (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) C:\Users\Mitch\Downloads\R78500.EXE
2015-03-10 19:25 - 2015-03-10 19:25 - 08874624 _____ (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) C:\Users\Mitch\Downloads\R87461.EXE
2015-03-07 02:55 - 2015-03-08 14:03 - 00005120 _____ () C:\Users\Mitch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-05 23:44 - 2015-03-22 17:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-28 18:10 - 2015-03-08 10:18 - 00000000 ____D () C:\Users\Mitch\Documents\red usb drive
2015-02-28 15:07 - 2015-02-28 15:08 - 00000000 ____D () C:\Users\Mitch\Documents\mitch backup
2015-02-28 15:05 - 2015-02-28 15:05 - 00000000 ____D () C:\Users\Mitch\Documents\C bckup

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 21:14 - 2009-01-15 10:11 - 01231743 _____ () C:\Windows\WindowsUpdate.log
2015-03-29 21:13 - 2014-01-24 11:15 - 00000000 ____D () C:\Users\Mitch
2015-03-29 21:11 - 2014-06-30 22:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-29 21:11 - 2012-06-16 21:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-29 21:10 - 2009-04-13 21:20 - 00000000 ____D () C:\temp
2015-03-29 21:10 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-29 21:10 - 2006-11-02 11:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-29 21:10 - 2006-11-02 11:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-29 20:56 - 2006-11-02 08:46 - 00838784 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 09:04 - 2014-10-02 21:14 - 00000000 ____D () C:\Users\Mitch\AppData\Roaming\Skype
2015-03-27 08:28 - 2014-06-30 22:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 00:32 - 2014-07-03 00:23 - 00000680 _____ () C:\Users\Sarah\AppData\Local\d3d9caps.dat
2015-03-26 23:49 - 2015-02-18 14:43 - 00000000 ____D () C:\Users\Sarah\Downloads\comicpress
2015-03-26 23:49 - 2014-10-08 21:54 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Mozilla
2015-03-26 23:49 - 2014-07-01 21:56 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Skype
2015-03-26 23:49 - 2014-07-01 21:56 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Skype
2015-03-26 23:49 - 2014-06-30 22:02 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Adobe
2015-03-26 23:49 - 2014-06-30 22:01 - 00000000 ____D () C:\Users\Sarah
2015-03-26 23:48 - 2014-07-01 23:46 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Apple Computer
2015-03-26 23:48 - 2014-06-30 22:03 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Google
2015-03-26 23:47 - 2012-08-28 18:22 - 00000000 ____D () C:\ProgramData\Battle.net
2015-03-26 23:47 - 2010-03-14 20:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-03-21 20:14 - 2014-06-30 22:05 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-10 19:23 - 2006-11-02 11:27 - 00168974 _____ () C:\Windows\setupact.log
2015-03-09 12:54 - 2014-07-14 19:40 - 00010024 _____ () C:\Windows\system32\spsys.log
2015-03-07 12:53 - 2014-10-08 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-07 12:51 - 2006-11-02 11:42 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2014-01-24 16:23 - 2014-10-16 09:07 - 0000680 _____ () C:\Users\Mitch\AppData\Local\d3d9caps.dat
2015-03-07 02:55 - 2015-03-08 14:03 - 0005120 _____ () C:\Users\Mitch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-26 23:47 - 2015-03-26 23:47 - 0008706 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-03-26 23:47 - 2015-03-26 23:47 - 0045789 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-03-26 23:47 - 2015-03-26 23:47 - 0004296 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-03-26 23:47 - 2015-03-26 23:47 - 0000304 _____ () C:\ProgramData\HELP_DECRYPT.URL
2009-11-14 14:46 - 2014-01-23 16:28 - 0006754 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Mitch\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Mitch\AppData\Local\Temp\ose00000.exe
C:\Users\Mitch\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sarah\AppData\Local\Temp\repfix.exe


Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\aswMonFlt.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-29 21:16

==================== End Of Log ============================


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Not much we can do for your encrypted files but we should be able to cleanup the virus.

 

Looks like you have both trend and avast running.  Please uninstall one.

 

 

 

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
 
Will probably take several iterations.  
 
 
 

 
ComboFix
 
:!: It must be saved to your desktop, do not run it from your browser:!:
 
:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well.  See: http://www.bleepingc...opic114351.html
 
:!: Turn off your screen saver so you can see what is going on
 
Download and Save this file --  to your Desktop -- from either of these two sources:
 
Rightclick on ComboFix and select Run As Administrator to start the program.  
 
 
 
    * :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
    
    
    * A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.  
 
Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
You should get a log when it finishes.  If not this may mean you have the new version of Zero Access malware so run Combofix a second time.
If you still don't get a log search for Combofix.txt.  It is usually at => C:\Combofix\Combofix.txt. I'll need to see that in your reply.
If you get an error about a registry value when you try to run a program, then just reboot to clear it.
 
Download TDSSKiller:
Save it to your desktop then run it by right clicking and Run As Admin.
 
 
If TDSSKiller alerts you that the system needs to reboot, please consent.
 
Run TDSSKiller again but this time:
before you hit the Scan  hit  Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.
 
 
 
 

  • 0

#3
sarahb16

sarahb16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Sarah at 2015-03-30 22:06:49 Run:1
Running from C:\Users\Sarah\Desktop
Loaded Profiles: Sarah (Available profiles: Mitch & Sarah)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\...\Run: [hgmreas] => rundll32 "C:\Users\Sarah\AppData\Local\hgmreas.dll",hgmreas <===== ATTENTION
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"jiiie8\..\mshtml,RunHTMLApplication ";eval("cq7<odv!@buhwdYNckdbu)#VRbshqu/ (the data entry has 27921 more characters). <==== Poweliks!
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML ()
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG ()
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT ()
InternetURL: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL -> hxxp://paytoc4gtpn5czl2.optionstopaytos.com/12gtv3b
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKLM-x32 - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3003745939-3766210737-3386188188-1004 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKU\S-1-5-21-3003745939-3766210737-3386188188-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: No Name -> {C56CB6B0-0D96-11D6-8C65-B2868B609932} ->  No File
BHO-x32: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} ->  No File
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
2015-03-27 03:29 - 2015-03-27 03:29 - 00008706 _____ () C:\Users\Sarah\Desktop\HELP_DECRYPT.HTML
2015-03-27 03:29 - 2015-03-27 03:29 - 00004296 _____ () C:\Users\Sarah\Desktop\HELP_DECRYPT.TXT
2015-03-27 03:29 - 2015-03-27 03:29 - 00000304 _____ () C:\Users\Sarah\Desktop\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00008706 _____ () C:\Users\Sarah\AppData\HELP_DECRYPT.HTML
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00004296 _____ () C:\Users\Sarah\AppData\HELP_DECRYPT.TXT
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.URL
2015-03-26 23:49 - 2015-03-26 23:49 - 00000304 _____ () C:\Users\Sarah\AppData\HELP_DECRYPT.URL
2015-03-26 23:47 - 2015-03-26 23:47 - 00023552 _____ () C:\Users\Sarah\AppData\Local\hgmreas.dll
2015-03-26 23:47 - 2015-03-26 23:47 - 00008706 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-03-26 23:47 - 2015-03-26 23:47 - 00004296 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-03-26 23:47 - 2015-03-26 23:47 - 00002772 _____ () C:\Windows\System32\Tasks\task432902228
2015-03-26 23:47 - 2015-03-26 23:47 - 00000304 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-03-26 23:47 - 2015-03-26 23:47 - 0008706 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-03-26 23:47 - 2015-03-26 23:47 - 0045789 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-03-26 23:47 - 2015-03-26 23:47 - 0004296 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-03-26 23:47 - 2015-03-26 23:47 - 0000304 _____ () C:\ProgramData\HELP_DECRYPT.URL

 

*****************

HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\Software\Microsoft\Windows\CurrentVersion\Run\\hgmreas => value deleted successfully.
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 => Key could not be deleted. Access denied.
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} => Key could not be deleted. Access denied.
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG => Moved successfully.
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL => Moved successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} => Value could not be deleted.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} => Key could not be deleted. Access denied.
HKCR\Wow6432Node\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} => Key not found.
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key could not be deleted. Access denied.
HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932} => Key could not be deleted. Access denied.
HKCR\Wow6432Node\CLSID\{C56CB6B0-0D96-11D6-8C65-B2868B609932} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777} => Key could not be deleted. Access denied.
HKCR\Wow6432Node\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777} => Key not found.
IpInIp => Error deleting Service
NwlnkFlt => Error deleting Service
NwlnkFwd => Error deleting Service
C:\Users\Sarah\Desktop\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Sarah\Desktop\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Sarah\Desktop\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Sarah\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Sarah\Downloads\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Sarah\AppData\Local\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Sarah\AppData\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Sarah\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Sarah\Downloads\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Sarah\AppData\Local\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Sarah\AppData\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Sarah\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Sarah\Downloads\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Sarah\AppData\Local\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Sarah\AppData\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Sarah\AppData\Local\hgmreas.dll => Moved successfully.
C:\ProgramData\HELP_DECRYPT.HTML => Moved successfully.
C:\ProgramData\HELP_DECRYPT.TXT => Moved successfully.
Could not move "C:\Windows\System32\Tasks\task432902228" => Scheduled to move on reboot.
C:\ProgramData\HELP_DECRYPT.URL => Moved successfully.
"C:\ProgramData\HELP_DECRYPT.HTML" => File/Directory not found.
C:\ProgramData\HELP_DECRYPT.PNG => Moved successfully.
"C:\ProgramData\HELP_DECRYPT.TXT" => File/Directory not found.
"C:\ProgramData\HELP_DECRYPT.URL" => File/Directory not found.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-30 22:10:36)<=

==> ATTENTION: System is not rebooted.
C:\Windows\System32\Tasks\task432902228 => Is moved successfully.

==== End of Fixlog 22:10:36 ====


  • 0

#4
sarahb16

sarahb16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
  • Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
    Ran by Sarah (ATTENTION: The logged in user is not administrator) on KRIS-PC on 30-03-2015 22:11:18
    Running from C:\Users\Sarah\Desktop
    Loaded Profiles: Sarah (Available profiles: Mitch & Sarah)
    Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
    Internet Explorer Version 9 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    Failed to access process -> smss.exe
    Failed to access process -> csrss.exe
    Failed to access process -> wininit.exe
    Failed to access process -> csrss.exe
    Failed to access process -> services.exe
    Failed to access process -> lsass.exe
    Failed to access process -> lsm.exe
    Failed to access process -> svchost.exe
    Failed to access process -> winlogon.exe
    Failed to access process -> svchost.exe
    Failed to access process -> svchost.exe
    Failed to access process -> atiesrxx.exe
    Failed to access process -> svchost.exe
    Failed to access process -> svchost.exe
    Failed to access process -> svchost.exe
    Failed to access process -> stacsv64.exe
    Failed to access process -> svchost.exe
    Failed to access process -> SLsvc.exe
    Failed to access process -> svchost.exe
    Failed to access process -> atieclxx.exe
    Failed to access process -> svchost.exe
    Failed to access process -> spoolsv.exe
    Failed to access process -> svchost.exe
    (Microsoft Corporation) C:\Windows\System32\regsvr32.exe
    Failed to access process -> taskeng.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
    (Primax Electronics Ltd.) C:\Windows\System32\ico.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
    (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
    Failed to access process -> AppleMobileDeviceService.exe
    Failed to access process -> mDNSResponder.exe
    Failed to access process -> CTDevSrv.exe
    Failed to access process -> svchost.exe
    Failed to access process -> IAANTmon.exe
    Failed to access process -> MotoHelperService.exe
    Failed to access process -> svchost.exe
    Failed to access process -> svchost.exe
    Failed to access process -> svchost.exe
    Failed to access process -> ForwardDaemon.exe
    Failed to access process -> SfCtlCom.exe
    Failed to access process -> Updater.exe
    Failed to access process -> svchost.exe
    Failed to access process -> TMBMSRV.exe
    (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
    Failed to access process -> svchost.exe
    Failed to access process -> WLIDSVC.EXE
    Failed to access process -> SearchIndexer.exe
    Failed to access process -> WLIDSVCM.EXE
    Failed to access process -> WUDFHost.exe
    Failed to access process -> WmiPrvSE.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    Failed to access process -> dllhost.exe
    Failed to access process -> iPodService.exe
    Failed to access process -> svchost.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    Failed to access process -> FlashPlayerUpdateService.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
    HKLM\...\Run: [PMX Daemon] => C:\Windows\system32\ICO.EXE [91648 2006-11-08] (Primax Electronics Ltd.)
    HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
    HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1290504 2011-01-22] (Trend Micro Inc.)
    HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [443904 2008-06-26] (IDT, Inc.)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe"
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2010-02-15] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
    HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"jiiie8\..\mshtml,RunHTMLApplication ";eval("cq7<odv!@buhwdYNckdbu)#VRbshqu/ (the data entry has 27921 more characters). <==== Poweliks!
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
    ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
    ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
    ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
    ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...&p={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    URLSearchHook: HKLM-x32 - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
    SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
    SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-23] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-06] (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-23] (Oracle Corporation)
    BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
    BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26] (Adobe Systems Incorporated)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-20] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-06] (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO-x32: No Name -> {C56CB6B0-0D96-11D6-8C65-B2868B609932} ->  No File
    BHO-x32: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} ->  No File
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-20] (Oracle Corporation)
    BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
    DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\zl5z1r55.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
    FF Plugin: @java.com/DTPlugin,version=10.6.2 -> C:\Windows\system32\npDeployJava1.dll [2012-08-23] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.6.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-08-23] (Oracle Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2008-11-06] (DivX,Inc.)
    FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2008-12-10] (DivX, Inc)
    FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-20] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-20] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-03-14] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-03-14] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-03-14] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-03-14] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-03-14] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-03-14] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-03-14] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-11-14]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-06]

    Chrome:
    =======
    CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-30]
    CHR Extension: (Google Drive) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-30]
    CHR Extension: (YouTube) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-30]
    CHR Extension: (Google Search) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-30]
    CHR Extension: (Avast Online Security) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-07]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
    CHR Extension: (Google Wallet) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-30]
    CHR Extension: (Gmail) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-30]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06]
    CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Kris\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [Not Found]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-06] (AVAST Software)
    R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [File not signed]
    S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) [File not signed]
    S3 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation) [File not signed]
    R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
    R2 iphlpsvc; C:\Windows\System32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
    R2 iphlpsvc; C:\Windows\SysWOW64\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
    R2 lmhosts; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
    R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
    R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
    S4 MSSQL$BWDATOOLSET; c:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 NlaSvc; C:\Windows\System32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
    R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
    R2 nsi; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
    R2 nsi; C:\Windows\SysWOW64\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
    R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [820488 2011-01-22] (Trend Micro Inc.)
    R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe [246272 2008-06-26] (IDT, Inc.)
    R2 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [563464 2011-01-22] (Trend Micro Inc.)
    S3 TmPfw; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [587696 2011-01-22] (Trend Micro Inc.)
    S3 tmproxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [854280 2011-01-22] (Trend Micro Inc.)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
    S3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-06] ()
    S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [0 2014-07-06] () <==== ATTENTION (zero size file/folder)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-07-06] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-06] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-06] (AVAST Software)
    R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-07-06] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-06] ()
    R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2009-03-14] ()
    R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2009-03-14] ()
    S3 motport; C:\Windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Motorola Mobility Inc)
    S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14304 1999-07-28] () [File not signed]
    R1 tmlwf; C:\Windows\System32\DRIVERS\tmlwf.sys [192528 2011-01-22] (Trend Micro Inc.)
    R2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42768 2011-07-12] (Trend Micro Inc.)
    R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [80912 2011-01-22] (Trend Micro Inc.)
    R2 tmwfp; C:\Windows\System32\DRIVERS\tmwfp.sys [277008 2011-01-22] (Trend Micro Inc.)
    R2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [342288 2011-07-12] (Trend Micro Inc.)
    R2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [2077456 2011-07-12] (Trend Micro Inc.)
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-03-30 22:16 - 2015-03-30 22:16 - 00000000 ____D () C:\ProgramData\LadjaLkovz
    2015-03-30 22:15 - 2015-03-30 22:15 - 00000000 ___HD () C:\2c29952c
    2015-03-29 21:16 - 2015-03-29 21:18 - 00032860 _____ () C:\Users\Sarah\Desktop\Addition.txt
    2015-03-29 21:13 - 2015-03-30 22:18 - 00023905 _____ () C:\Users\Sarah\Desktop\FRST.txt
    2015-03-29 21:09 - 2015-03-30 22:11 - 00000000 ____D () C:\FRST
    2015-03-29 21:08 - 2015-03-29 21:04 - 02095616 _____ (Farbar) C:\Users\Sarah\Desktop\FRST64.exe
    2015-03-29 20:55 - 2015-03-29 20:55 - 00000732 _____ () C:\Users\Sarah\AppData\Local\d3d9caps64.dat
    2015-03-22 17:08 - 2015-03-22 17:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-03-30 22:17 - 2006-11-02 08:46 - 00838784 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-03-30 22:11 - 2012-06-16 21:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-03-30 22:10 - 2014-06-30 22:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-03-30 22:10 - 2009-04-13 21:20 - 00000000 ____D () C:\temp
    2015-03-30 22:09 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-03-30 22:09 - 2006-11-02 11:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2015-03-30 22:09 - 2006-11-02 11:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2015-03-30 22:06 - 2014-06-30 22:01 - 00000000 ____D () C:\Users\Sarah
    2015-03-30 22:06 - 2009-01-15 10:11 - 01360153 _____ () C:\Windows\WindowsUpdate.log
    2015-03-30 22:06 - 2006-11-02 11:42 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-03-30 22:01 - 2014-07-06 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    2015-03-30 21:57 - 2014-10-08 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-03-29 21:25 - 2014-06-30 22:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-03-29 21:13 - 2014-01-24 11:15 - 00000000 ____D () C:\Users\Mitch
    2015-03-27 00:32 - 2014-07-03 00:23 - 00000680 _____ () C:\Users\Sarah\AppData\Local\d3d9caps.dat
    2015-03-26 23:49 - 2015-02-18 14:43 - 00000000 ____D () C:\Users\Sarah\Downloads\comicpress
    2015-03-26 23:49 - 2014-10-08 21:54 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Mozilla
    2015-03-26 23:49 - 2014-07-01 21:56 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Skype
    2015-03-26 23:49 - 2014-07-01 21:56 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Skype
    2015-03-26 23:49 - 2014-06-30 22:02 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Adobe
    2015-03-26 23:48 - 2014-07-01 23:46 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Apple Computer
    2015-03-26 23:48 - 2014-06-30 22:03 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Google
    2015-03-26 23:47 - 2012-08-28 18:22 - 00000000 ____D () C:\ProgramData\Battle.net
    2015-03-26 23:47 - 2010-03-14 20:10 - 00000000 ____D () C:\ProgramData\Apple Computer
    2015-03-21 20:14 - 2014-06-30 22:05 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2015-03-10 19:23 - 2006-11-02 11:27 - 00168974 _____ () C:\Windows\setupact.log
    2015-03-09 12:54 - 2014-07-14 19:40 - 00010024 _____ () C:\Windows\system32\spsys.log

    ==================== Files in the root of some directories =======

    2014-09-16 22:19 - 2014-09-16 22:19 - 0079872 _____ () C:\Users\Sarah\AppData\Roaming\dvdmbtb.dll
    2015-03-26 23:49 - 2015-03-26 23:49 - 0045789 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.PNG
    2014-09-16 22:19 - 2014-09-16 22:19 - 0000000 _____ () C:\Users\Sarah\AppData\Roaming\ubchr.dll
    2014-07-03 00:23 - 2015-03-27 00:32 - 0000680 _____ () C:\Users\Sarah\AppData\Local\d3d9caps.dat
    2015-03-29 20:55 - 2015-03-29 20:55 - 0000732 _____ () C:\Users\Sarah\AppData\Local\d3d9caps64.dat
    2015-02-18 18:10 - 2015-02-18 18:10 - 0003584 _____ () C:\Users\Sarah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-03-26 23:49 - 2015-03-26 23:49 - 0045789 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.PNG
    2014-07-24 21:16 - 2014-07-24 21:16 - 0001536 _____ () C:\Users\Sarah\AppData\Local\recently-used.xbel
    2009-11-14 14:46 - 2014-01-23 16:28 - 0006754 _____ () C:\ProgramData\hpzinstall.log

    Some content of TEMP:
    ====================
    C:\Users\Sarah\AppData\Local\Temp\repfix.exe

    Some zero byte size files/folders:
    ==========================
    C:\Windows\System32\Drivers\aswMonFlt.sys

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    ATTENTION: ==> Could not access BCD. Check to make sure user is administrator or see Addition.txt for additional information.

    ==================== End Of Log ============================


  • 0

#5
sarahb16

sarahb16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Addition Notes (No clue why it's not in English).

 

ᷨᜠ멖芝虬哖僕Ă껀命늇⍿ὒ렿秕鞨剐떺੠쓻⟾၊ꅑ띱㠕蹛鸯䭖㼷㉻ͥ찢蜼渥岤Ɡ蝖˯戓賱⌛涻荇ᢏ㧏哊ʞ壗䘝組莨붓ⷂǮ᭙⮘䜠텗㒚ꛝ爊ꊻС鴑壁誋먑踓種╱ⴹᱚ웼޹凄띜㓘겶嘷덏ṩ纟觹顽袲㒉릃蔶⧪㉄虄≮荣柬歩⎝혍⎼븐ꀌ紑乨揜媻藪ꏟ쭛뻐ᲊ⓰5制ȧ멐⺦ꚩ詒彃퓕䡷ⷋ䬆逸숇졞ᡠ衃谠훀幂徟ᆨ댬夋膾뭨෮ὣ뼂붐ٝ磛ᯅ紭릘悕혱ꤖ븄᜼ဨ活擇ᔦ콇ꋾ㗭摊Ớ規䵨Ⲹ蜔䲖됧᤭㔾瞹穥梁쐝劜勴뚰鰈䛛훊ᖺ唪萰홌縨堭죻姉碢班耹Თ諁莃쒃냬즃ꎍ⢹덡ꢱ᥼毟ᚠ멞D磌漾㠯蝵Ù̧訉龌IJꥵ់ဩ萠믚痊瑚飖᪺鄅鵈㔈铃怂ୃ鉘䣓휹∆☗햞҃譁᦭歰詔妃㯑汘乐㕕໙灁搌猘㪴ꩋǂ딚寒ᬪⵁ纺뀵䚲唲꙾෥Ⲑ㜟툯⠽ꁏ钰銪醣ड緩틶Ᵹ谢푁듙烖ꐌ餙멶麬㤱虨⋮쬦듟껲꺿籕銿莜燧甖嫗ⵀ껱臮祻㛃㭗燑菺ꆩ硱붉⠣廽Ⳋ䙍暣凓ܐ弋綂⍔ꚍ䎡ᣚ폷硉ᨺδ扑ꊥ臜醰ኀ唴괇獜ꮟ샦藱暎㏲똎ꁖ㭹첖㑴곌ꍈ쯗慴癜웘乔脊䜙炿㖭䶧变婦蹟둹笘ᖚ誉ට♞冡銜魩૏ま炖ؐ䚄ِ䝇篴ᵐ낏㨎葋⼭甴ⅸ␿泦䛤饵౰ꙓ䨌⿖듎ᖶ㖅৷喜㌴粃尠ኚ⤷὿⿠ヒ긮蝢ጪ䱚됉쬂ᬼ酌㽘蓂穘猌뚾㇎웍ꃽ厪뤸濵笏ꔐ△ꇔ㐐슛臩⿦뀵힄䥳ꃚጽ謥氺坉✀ᚋ蓉䜍末뙟ᮨ缯໢歌鶽쾁뇷ޱ襐떁䲣᪞㿨䋍ᗠ䑂묶찷뱥䡮ꎯ錽诱総꠫य䘚⋆딶࣮奞ꌣ겥辖岪뱩缬란䘽袅㲞쑷膹瞥ℋዎ裘잰柳ǩ杔莹▯醷ጁ苖敪扫䯢胕䳼끂亩冷桜࣭蛑⌢莤䵀鰗벦ᩨ鱮اஹ鱈쏮㤌梒쾌鶛蝯埮㺑衪‴羑ᤸᥦຶᴊꚰ惢⿺φச닄䔨뽓꣒吧ꢌ଱挮Κ괆탰鑮쏼暮器㴲ḕꀙ땛径؀緐⯓銔郟ᅦ霺쾠苲㾿ቐ䢇좉븙벎蘯俆ㄉ꼇좻牉툜׹⊵靜Ӻ람둚᢫价ᜇ駻讒ፆ偃ས✺瘽࿪济陂ᡅ씁ㅹ썆傘褞抸츋괧䐣瓾吿箓徚唎ዩ变嚢ᒀㆈ嗽쥭畼ラ潣웅뗕ሓ㭱䬊ؓ셰뭇⾄丞ꯑ욝쉭䬭ჴᢨ푟뗇痬䅬䘺ᑘ覡⊲뛹ꯆ檮眻ᐋ玕옊蓅Ყ褓꟫ꅂ洶襜矌ઠ꾰刣커擂蔷榊쯱≔凿쯥絣威寙ᢷ鿛쩁䌻鯾䒪꺺훿㓦膜ⴠᯡ㞍ꆟ辯迋ꕸ퍇睔䟜㝶㧷餚ܦ궾錄Ŋ⢖焮雛䶢Ꙝ⾩敘ꓵ愆쇎㺺⑼柯┓祑ꮵ٣ṙ톟밾⬟뭸⁰뙠轊戱矔罼머ᑗᯏၓ℁㑠⩩鉽№ꬽ⑱왙ⱕ淽분넰屋뎂띮ऐ鿌儁ꂵꏼ谏爿妩쐮폅䜃鰨댺ꆌዲ阓暀킵讄Ꚍ묭酫쨠귿梸ꀄᅊ鴜烨爐Ⰱᆾ圲䌝㺵繍쟺⎘䆁턂ቺ쓼韩搬ụଞ樆⠈ʊ滩脝櫾矑螎ꔍ발溒玚䲚ڐ匁谽倥膒蜻枏먘呩扒✫ꢹ僔䋓노쾄浅餐仱獇㩪ⴜ崙磭钆퉚ჸⰆ액暭룏⎚瑵身릷롤ᓳꅔ뿺묆툇㧉Ŷꝡꕩ碗羼뜇ꥏ㑾耘Ꮌ频㝺䍛⢠鱏됪瞛처ಈऎ襛櫺푦ⱖ␓䘣ଓ蒭儙຋簔齡瞨௛ྱ낅ግ嘋᪣ƕબ̛ࣗ聑㩂绞嫿䕼莳骽褏岜दᚃ껵镓⁦Ԫ⻕鶀㉙睹뀆倸☊毷㇁쒁쁩ꃜ桧ᮞ羧펅姩ꀒ禁槤숓檂髌ਟ変坣ꫀ댭뫬塀ޤ춨嘙쁢⑇캮蒞澵蹏吪麳宅癨粃娵쮄컁큐䌨獧쟉끜߲訏᥽Ҏᕈ唊㟳凉ڜ߼蠛∲홒蜉덢쉩䑶定ᴚᔘ鎹몛傁▶ް㚝繭䞭朵囍쒴펉ⴿ뾋䅿ꚺ吸囙꯰Ⱇ倖쨟䵣㹷࠺痖懊씭덆ᴿ說躆嫂퓟죟蠛壐鸝꜠봧句ꪹ쀗샴惯梺藸訜ꌷ쬍͝ⰽ余鯝ṟ箣彍腡㛰‽馣췸鸡頦꽔뿶蟁ꂃ뗢ᒎ撩퀓ȓꥧ⍦ⵯ䮚⼤鑨ဏ곤达캉蚧⇋῰鏄ª♐뎦耕␀Ψ拠《韢◂눢拙쟏஼觯䪟桬൙᭠뫘꒦灻煽䆃㣥▨⟩騊殀ㄿ뢪륱쾊뙏眷鈆拑盡̷㜜簿睨洙ᣍ넦璂⃐摍ᒓ㫲颢商鐗㏂㚣ꅴ숆糍뫌뛶砐頊틤ኽ璇当仙덎華蒣繠᪆ᯏ䣖姡癧걙ퟟ餑롭コ贆诽뼯瞱嬠鹄뮬韝吪痚ไ鮩軱몔⧻浇킢鞙躉㧸륅촹셛蔶寿쏭狌ⰴһ뻛ꑂ㖭휂┢倏暾冱㖂鍈㌵瑱઱麽㐓找鲭퉰ḉ푣뮊㋬⁎᤻烁芈틮숙濣逸⽉䧼䑧腘쵰멸ₓᆬ߹㬁驂ㆄ텧痄⊪䙲ꌖ迕ҋ⁾ᖚꇹ鏧䣬禼렰騀羝㗈䋧汜붐넜་ॺꡩ彚힢묙遺䜐宮괱겆귵䃛ᕾ䮥仺ૅ☗鍵璔ⶶ퇿噅僑쵎悃싛⚴⽸ꛍą겻鉐梴⎫锰ẩ敫䜾䳢逢깼母呧⛛䮸ᰓ癓㆔⦅엃䳙禉ᠯ๗㩧懡뿖츀猈곿貘啱᫿姁㞔擸벫㑌쫰黛찲슫뉇妷鋊艗鰥䢟힥᪲顟䷂箚☸䠍먯黟㗥诏惮칊麁ࡸർ틥츉憭㻒ꋰ坵江㡱ʑꗞ闑姺Ͷ䈲儼喥๿ꍡ姲ꡋڬ럱푂낒嗳ꪣ湧蜠曈塖蚚뷃쩌橸浔滑ѝ踡㘵뤝ᣃ嗒㘐퓟㩫栛馁㘣짓玠꓏堎忑ᙳ樇뇖䵕锫췪圏픐栝☦ҳ䋊㘽겈鱇ꉺ蠋ọ鰘邫呑ʎ埵ퟨ凋舓瀳똠銔궘浯ᙝ榱≪몸ő┖὾එ땳巻ᾞϝ᎜瑃怭꾥僕쏔䃪笖帓愛宭퉚ͯ뤣牆暈ᒢ銃檖ካ粢ퟡ쉓戁Ꝃ䦩縵ₑ뙷⾠શ杏뫦⡰ꍭ銡慃璮か轲ꈐ휾뽰䁡ᇙ䬻㢯ୈ溦速࢈䁽ꌁ祡跽㓡䙁ᣓ䞓簍맰䫗팔籍Ԝ䫏칊꯫゙賹鵼춞䇄溒ⓗ傡ᢠ╰鰧鏺연襟뎖忭뼻ꢯ蓆聚퇙헮픪⊠ᐉ쎴踳纞案Ꝝ⿎瘪ᘨ밮뚁짌浱杨树꒗毁甅о㺤젬뢒瘎স迺뗚ꍩⵍ䏈庤抲쩸疽⃶卿첣ꂦ췕甘럥姙㍇댱얇㾯虥࢏્쑼៓陂菄쓜梒泬⠈渰鐳Õ䞐᭜駗죀蔤臂蔹᮫ᅏ窅흣⃥蝄좖ԕ◂⒱؄౨⹎惵櫸囎్⥆㚴ἤ坎㚀潽芆谱懏퍶愘로끦ᫎ㖼Ď柳ȱ尚澔펚掤䝾Ԇ䐂辖柮ꑌ◣㿤訡w㳆㫵㨜㯪䥊⠫䓴쩔⛛뷼缵隗ꆦ͛왙؉랛䣆뾆釠㗎瓰跈ቘ䴏嘊릺᥊♎嘡糂檲껧ẏỽԏ契ഋ⌎ꀒ▎咹펵譤ꋝ䣒煵თ닩㾩ꇋ⦩䊟睉閩뺜⼚졾仗毵ᘠꃓ瞷ư䜚鞶橞ᠽ먁╡蜭쉠䁾续⡬묯ᤅ๡簚ꗇ돿쇮董抰⣠㒂〾銶뻣⴦Ḏ偝㰷퉚鼃럅ಡ砾헖ꨕ䱐頫♉ᐖ嵍殙ꧪಁ蘫폿ਵ育뎚侶胥➍뉵๷莊䅨ঙ㭓௫翱༎뫚橱쮺藸䎃圈騩ഋब轻⫷㱸ڄ웓䨱ෝ껇ᗷꚭ훅䩪푿獺鴦俰⪻启쑌䩛汤爟슋밉㣛⣭ℱ悷⼥ꩅ풥䔅̛䥭澄㠸烋彑꡽僯挰㺌콊簗▟剰᪕℺ῗ齌㝦੽⨘ꊘ恍筼⧗䬡ᘦ瘃✋뺢恧嘌㨄㊏喾⣾唸㋳ྍꐧ퉀钲酆ᅑ䀥찯鲞廣훧越턞ᖍ몳淿嘌伦䲀᥽漎楸跎耢䯚祿鄤㗘ꘝ䐬鲘값㶡⷏퉗ׅ勰Ả湤讟䈁뫓ꕸꈋ컟싼古젨᠉䤅鹚龂뎕騤Ἓꑯ㎝Ꞧ풭Ø꟮숧䪐竿炨㋝⍠∑쯇Ⱨ䷽샳桅鏨蔄읬怵⠥ꥒ⾭럲䍬碜쎂覴蟽攰ἆ≪紹椄䆌⹽삍ଝջᆱ䂪붕ᇈ碮旀ꗗ蘙㻲ᗘ弥旃㨪䷼ድ᧱짖ꗱ睽㝵캘蘿♴겊ᅗ闘뷈籑岞ꭞ肬㱂ܢ唣ጼᗬꏅꏭ쏸潙坽퇖서䅺뺚閬鎸楸夋뿡浑䘩㥋붡₌딮栂昤蒰돀ꅔᅡ橃배䈛㿋胉絰甴롢늫湊䶑莉껶䣩洩잉䜏饞쀚緩ꈣ쵹脽ꯨ壷ꜣಯ᥿ත宇ῴტ䌉뵌픤⡭쑱喜譓릊쟖䨈뫄롍젰ꨍ띹釼╌槩Ễ浉헑㍇䵭ᣉ⋻窺㼡㚧덾ꍣឫỂ鏊목爒蓔ጢ긒䤬䪜ⁿ伢嚣䔐䬳೒뤰軉죶涼セ臔ꏓ惃࢟呡㤹ꬾ᪺쉍釱㝥旰陾峑㵸敜튕嫂댪蹼ᖣㅚꍀꗅ㖳䪎纥줇᧨ᚸڤ覡汈銕覊剙譽ӓ䀿꩔▖᧹엉昜뜆뎚廸㰣못탾肰࣌讫{쑶钥哘灁깎ᚱ佟ꈛ圙먖霅픏᱑埤㈋轫軏槀櫭组苛퇽赞獄抵ꪾ㗎䒪㯒娽ᯏ忹靶圌涣韆촮岐쫮걜蜪೘긏즠茾₋癉䗯ᢜំꑽr윫瀏≊㐅䮮໭韹㙆㘹꟒ⷾ摆⹶Ƶ䫜姩ꓮㅤ퀏㚨鈉슎䤲矦㔼ܣ쥕挄핽᳃땯ฎ彙⚸ⲭྕ対ꙶƩ윿夭謮ꦷ錶董ü⭃ꪊ葔顺訖䱭腫簥೓ॽញ톰Ⅶ牨髪몴⁒砆랦둾䪥혹ᯜ蓱Ԯ季늨꒘㭈퉥癚婝䏇檼紌ց潏䤴쿇ҁ亏圤歍럝ᝲ믪᭼榘煵栙퇿胰㪏敯鳣㦊聟യ䨚ṧ㴰宨㪒Ⓧ䋑⇑瑀檞懌汉䬪승푞䗃甲捺䔻陦㰒⸇쇊㪤袆붛萮腶ᢇ큡佪씉쵊十浚수뼖珖呔俶曫鐞Ꙛ켴迧䄊㶾ᷕ䟨ꔹັ钸楤⚞썏䤪㰙柎큏ⓕ頻坣⋧푲諈甬⸫걣蝲㎂餸㚭㵹岜㙒犯鱂욲襣繏痱靱쑟쀁汨䳒煅긵嗺畐䤆䝪뿿唁昖箔䵾蠯狋狇崱뺺ᇓ쐺錐ቺ䋺꽸訑懑᪩设낙ば⊸ꃊ㧞ᣢ啮혋랐턘絗宩고ꖠ莸푢牱玌旁䤌ꫣ蹴㶍া阽㕚ᰯ껽曰鯢䛣໠㮞ꇈ鐄٘ቑꁝ餄捌뱃൥꺀ț෤该鑾䓣ߙ솅ӡꓺ‌ᾪ雭ꤘ∑ኲ䜎쥂澝༺⋠迖忽ㆺꁥ㍍뻅駞ᢸ컵彦簩䦁峱䖛⇟㋁彪유觤㦏隩ᇤ屹૟續䋒ଽ鵢満ᢄ橾ᝣ㑈窎苩᳻挆밉吆嘳ρ憯橴餳㱚삹ေ挲롩䋇㭮꾸⁨蠖昧薆⚳㧚픠౱ᢵ檗삮䯼铛ꛌ謢엚엒硬쇐൫ꏽ췇룆庹ࣉ哝鄼蛫ᱤ뙪摏跍댞⺐셸뎜゗噬뻲㨾敛䈉층꾡溇篚㋷ꈘ䇽膡쒷ꂦ鱠ꓯ⶞ၛࣞꕉ䌮≽鮩桱붏선趜툉욤ᗘ鋵ꃱ䐬ꗌ埓淮⺕災㯇䌪☘與⏿ᇫ鞖礑〳瘵襲냈渕㬏窢鳿ᥛ已ꤨ臲칈啛궁즽뛧ߞꢗ닳껎ᬾ닻쥆⊁猣ꬊ綍潄렪砮澋勇暰镽㞡娃籶푅㄰좈떓复ꂹ䘻䜝ݙБ㩵嘔귣硻ࠓฬ쥕ᆊ瑄꣊繗℠岾⋎졘␪谙⦣㺊뗜艼땤蜀௢풖๫䣕㒔윑㷼됓闻燲嗽袂揩鷕竱霁ꛜ⇽豟℠뷱萑쿽諂㙆띗䒺慻쇗ો⛸氟棄溍ԥ歒腙ᣐ긓륩䌳ꟼ㚐风鐅屑㊧壏標祯庁䃣ᰕ䡘鳋젚羠㘐꾟ᵷ팪茏뻮ᕏꠙ뢛鄥䜟ꀑ㟬刓겧诨릭ᚶ巠흺₥膫쀔鯤쀮ᖏこ咿䰊㤓᧥㋃뾜쌋㢓蚯忬ſ始筀갃釬虢᳹쑅톤퉼圇䧈事先钞ᔩݒ鰪인ᙔꈢ꿷눥媬盐塠끊艧辟踛頗᱅兞ꏲ៤픣⾿칍큕䐨흖느젋곻伒튣뇷꜠䩧죈ሐ笎㮅섇爛怗Ꮆ钛ἆ뵀覽ꁻ䕭䐗莯梛徍乪䊕켝쐖摝炒搴틂쇝擬삄뭧ᾃϤ訍肓䳯䊩ㄲ㺋ํᲃꖪᬀ쎈ᑘ钺᫃弊宠垪갬ⱞ뚶
ጫ厖ῦ헱奎̎퀲獾㯅凋턶睰Ⱏ᭯㓽꿄ꣀꢑ逕喥࿪됮ꒋ濢阿帀깥ී嵢泆뺼৬⫚浨螠羹礑蠦럜ᱽ贤㭊娴㩔㞏ᕑ싫덧鮤ᶢ宗᭎㵸왶밦뛥ꡑಬẚ뎲꾤躄픀뢵
蒎鳓톿뢅㼎听飋闆혊嘥쀷輏㝱拓쌳ᩳ匇䊽⼿쫃僃璉趀ܣ䄯塖쎗Ԟꪳ遗鹈௉⇔㱟䓕㹝䏝谘⍮൩疩쐝䚼๺㔳褠뱠禫鑽屛䯤餤竑ꃑ갱撖攞씤㢎⾱굍魴⦾≙姡타㋭ᕤƱ衴懙튴䇆挽췲㛡銏敱෕㸁嬥䶜⬮鐕十메蚗⩼승瑏䁤磟쨠啽설걬λꈡ圝ꗡ멥蓃䧪ɖ⟿ⰺ瓯歖喽㵀붯鯈Ń뀱τ亪ၴ굗阬ᡑ下ᆶ튀১ᅶ엘ꉟ짳⓶Ⓢ角鐶쁫ຐգ⚲恬诠Ա鐛띫ᣒ삱ಊ僐ჶ㨧桰㌏뀽콡᜙뤧⿩ᷰ䊥银告廕쐺➃Ū߈˃脖硰ꂀ鞘霑ኢ쒩呓쀌蕰놖絨ŭ䌚꺞꣧అ嶦蕢扩㼵亟鼢筯㯩껝饏䠅㡨⌘彣ㄧ孯̅낖Ⴐ븨퀯쫄د뫀抖㏬᷉䭭㴻슩ણ硩蔳먩柘反臨骸㧓ᛵ箓涋銞훃蓔꾤剖ꑑ鮧瓤蒣돛厚䐳⇎ၡڸꀜἣ鍮ṁ藪缥ᙲꟈÔj䖭憗좌衍喢뛖籀䫨ݼ껤ㅌ⨂썂ⶰ剘못䥟햨ᠩ鸀也Ꝼ⹞몷麯晜歋븞ࣔ䓔㦩Ʃ㶥⎋᜕㊸஛견驲㝃뭉ᵋ㾊愮燬稕ᬇ蔻햗拹Ẅ锥䜑䚠ṗϨ撌⨚职ꍖ䦷ꖉ䬵왍仜쓕ᕎ끆雋뒻璁Ĥ㧪纓伏藱㮜畮墩꼂銺ⶪ醓豗䫊켎じ쭶䱃踅馛₊菏ⷣ揽䎒茗윃焃⾓ま⽐飏熎牃᜝⁼磩䮎钫돘㣝㱭ꂳ좘으彳飷褲䧅驓苝ꡈങဩͱ渃㭯跸磟觼需뛥ˣꞲ犲퀨鈠ᾭ蝴ꥐ倮录ꍵ舔횁ㅵ稥㞡艖⯃ᖫℽ뀌홲ϵ霩㸫拝衖샍촹䵚쥀稡꠮뜞訛잲邐阂炛ꑱ㶦晅Ἶ㡄뜶හ통ґ੶腫ᜡ≂눉턃쵙풳ᙤȍ椱畾馐읢靍⌓蛇殒䁈녋⸾梙降ᙙⰘ뺺᝖ꈈ盵秨ꋵ㩝ପ웴磟ੱퟂ૤ꯠ춰ᄺ뗐ᙸ梫敞퇥趾࿐봘飮ꪡ띋ኽἓ⫣餽㐋⯦㔤⡐䱤鹊砟匜䝞坝챓ꕦ쓼㍻䰷ˣརᝳ蔙庒㈰⟏ˮᰎ괝ㅵꫬ皫䳫찛㦯뭨頒禯閫淟ᔥ糹뤁⏽ӝ␖嗛꒬昺㞲焉ꭉᨓ≀⠗귧ꗠ嚏趍稍䑎嫯쇘鋏⻣兓纯啜∱ߘ坭帣ᘻ辄౧ḩ鋷ⅰ嶹歊퀡䘼탡ᒍݖཧ귟䚀䣕땼臞콲Ꮱ骮䐔댅遥莽촰᫟䷖惴잊Ң鮕䐺ᦼ풍炃ᔍ泗勬濅憽愀坰㙲䕁䡟ਲ쏆質⣼롄쨺ߋꉧ挌Ԕᗖ鉉鱬⿱鏩૷袾ỳ휧᫸ℰᡩ䳵氣뙓己敎䝹舔瓞榘ݓ撲舼馋࠺쌗띲䉒珶↫㦯ⅴޑ褊為㚆覐咻飺Ӝᗺꪰ笀湰鍑踫駉昳恀芆⭬殈㯡늁呯㌈먎Ҋ펃ᐃ㭸뙶㢘㩰뼩텫⩨蒦寡蒨轇遳裣娬莅뭲꘩ᘚᩱ姉圃퓖蓶䧋蕪㈒卵샧睿䇙≊櫹ꡦ㹱㔊㉀㨌蒳ᣛ춾㘥鹲ⴏ䒅㢒껾兿⾿芇흀ⵉ⁲꫌脵줖ಳ㶍㲣㝮ᥪꗺ䜯⢅歲쑝綦梖蟫⟿戎눈걚᜘助꾅鄃堘꒡栁ᤣ䬿ཥ㏂담ꙡ曀ㆄ몭⒔깹䓫흃㺡揶㋶ꬦ浣深茑퍞✒㲜↸崠窞༁綪摄䡧堬헼峋鳬ꟼֵ⨿葀橖䬊ප쐚扝ൻ怭䞦뗂㌙岡䮥깱Ȣ袮痿Ϊ띨ꫛ碈涗԰䉾넛୥녢ᛏ鼐䑡⢴놥詜픞䄩씝ᩈ頾譠垥皰냒Ր觾橻赞ꞛ圻⾘鶺ࡒ폿顮澔䈖╒븮鍑㑃ꊅ衿㶒ോ좰땝縞㙵汀샇ꑺʅ䥲À൩䛢孋೐㻻ⲫ̞픮媊ⵂꛑἡ鏄퇻鈍킻®䫩颋ƾ홐ذ蓲퉥稘倓랼뚪ℙ໲蛣嬃쒧ؾ⠾겨썬얈탸㭥ꃓ뚦鏊둔←㻐ਭ胓⤘흈오ဇ햌娛髶맼៏䟆틴ᳱꅿ뇬쥋羕ූꌉ顩薵ⴼ勋됂ꠋꉹغ賍氌☐淤蚾穌䗩䨰ᩭ梻ꔔ㎯ᦡ꜊藼ꬽᷤ疳ᷩ揰傣磒踣릺퓃箓峢즠櫈ឱ氉攃ᝲႥ율ꁻ볎갚ᗈ皦꣰㽫肚栾跫䑾澖頶◝収槮擮ⵕ녩躚ꃰ챚쩰䅻ꥵ턑ى袃签 蜄繅୫䘏澖㎞츿⁵馣蠤옶ϵ뒗细铵ꖶᢍ皬駥๹㴳绛∋碗祶ണ⌂쭘倩ꄺ㹭у欗䬻嵀䚢纇ꎺ䍚늪옐睰辷櫩㦢ᔟ㝫붏窻赾蚰봱뎶㸤✝麧힖ゎ浤蓰ꡃ霦噦ት條拱娺㘆圶뾰༪ꕾ䴹▯酞⨤딥㤯쐴齇᱈ᗶ婶猂௲誋ꓮ㵷⿠↥茽㝝ப뱱䋒翶籈ꀂ唷樑믹屋丞ꏃ䈗胲淂䱇ꤽ臏뷙洣됯ᲸḐ䥪痫씆ܗ뉗䂇맛䆨⸣ɀ̇柃좷괜㟔̠糿錷硲⌑춍䞀ퟧ봡爞혭ໜ镲뚚¨韎⍖뭗螐㜅0쀛翜棲ꌺ캡샩韷膘䃔熾쪑茅ꄍ╆朊ダ೩踮놹鮩띶뾵꘰ꌚ玹樜컉ᇂᒧ◬┦棇扅⿧䕧뾨͹噬ӣ웨툷๒黇歷쀍뫉席瞐뿪胍뺳痳鳾孫쯄䘖᭻ 쓷蜱鴺륥㠶娰둃ᆜ迂貴縮쁀鐪ᅨ䓘쬯䘼⌦艠䒷Ṯ렌䰒㶠昰餵鶬퀩蝻籈䵪蓼鿚꣉ཅĝ絗훺ꃭ蹑쇻䝁䟾肠蛡垗窏䞙Ე퀲앤┲쟔鶉鈥沷⥑㾪ꊍ㽁稿㘣됿돐皗赫줹㄃퓯ⶾ듮䆺溻ۧꇊ͚褥诲뛽⨫䡧恥፣㿇ᄬ☧♃␌粛∅숫奧澷ꋶ炪贮쓠瞐跃ᜌ孴ↅ鈃쇒諊⠖쟒맫穴玬嶤慈夝捔蠃擴䊽뻣墅ꉯ㟛峘⫞举ਬ닅㓸塷恅ꥢ趌퉴壜귺ꭵľ몒瀩⟀ញ⩂地噿ܸ抁鮮È펠譧윭앾蚀뙾赀勌넲㡎賮㏅힇첸埗蝸ぅ䅶欤ꖌ뾫嵎觍֛譎幬妆儷⯦艱偌ဃ쪿ᮩ豥综ꢁ톁秏៉堾敖⣶焗꾝Ť鳹磋脺ᱻ雬蕞鶨⦩▲橁䘛떻㼺퉫찾᭽䝹抰娼μ懬깜욢ꢌᷝ낑䜒霯쒠졂釞ዢⵤ霜㥏䰴녗귶츩㰎濆㗃緃Ҳ갘㇟蛬ꁾ蹱ꃢᗁ汤⡧㙆爍쭽枠֯첉끌윹ꩺꈎ¬๝䟲孱쑖啍ᴡ쏨ⴉỼ珙倄檦ᔭ빱㈕跟誚ª⨞䜢빾맄셩콤敩䍒幃擉ࣂꆏ吒垹屦瞹忳鉾䱞㓮櫓玔껍녏쯬㸃矘咡䕨뻂譀蝮藙濰딟噴꡿苯证墫瓫攖쌼⿦]茥ᬮ뚾ກ뒙僢싇㛡崨斎瓋誆᎟猈筤ꀗ䞾丨鲲ు1鱊㑽檗⍝䧖ܖ뻕쑮ᯥ揗䆳린ఆꭱ翹½陨栱巊쬯జ嚤싩뢷⤾*睸㱰綕㧧措㳘╫㋩甒욀肎纆ይ겑䲹礤렸캂潟๹ণ烺皲丹⛼壏ꊗ艒㲴䠙ص㍴灕햫괺奘ᔯቧ巊䥾剳宲뿏燇懢꧊䛏ꐠ੊閟웬脐൚㳯醫ⰾ룸앳禑寽ᐖ쑢ꙁ玩଄춆㼎슱哉꧜忽ⴀ✷㾼푃굅犝鰑펨쀞獃灬럌䇯燙ۺₜ돍梷ꃐ냖슀섁뿪䇹홖驿೵ࡿ薹Ռૉ娒僚過熂뱪兡৏擣À튨㥒Ƃ糙ள⚞窵鬋ꊡ뚠彃쏄㚳㗳欞ꍔ윳죙쨁뜪䂏땕䡦寁佻ग颷꼑অ܍홪旅ꬿ☜촉ଖ糂鱍쒧캳뒮篐獬᫜㸽ꦨ꼳秡燮鄮曌꼧㳡䨽止࣊枤ᓥ䟘䎧깜鮦諂᯺浵ખॲ算⸻ɠ긎ᑂ뭑摕쫻ு䖗풐㦚슿髹잀篤嬿橥嚂勞뺙὏謘鸥칒봇⺑쨰㫏䇤챐⸒띇뭮찗퐄ॴ䧁漆뻂˞泰ᜎᧄ᪏쯆뉍㸒䅉䶵麀㬰圽䱄覲㫥䜷ᬬ⋀铯ᄊ䘗ዐ紃盰穿骈꟪祀쀤핪꜋纝ὑ鉦蜛䫸澏坋➉퍨⠯ၴỺ럮ँ㛇㣷㪫㣩ㆽ鳲ㆇŞ侟읩黏讖᧷ꭴ槲₯君꺤]ס믺ⷝ踊♜㊝㉮筑ↈ흢菻죒覝ꈠ뛔ᅗ⑲࠯⃞ᖫ䌰埧诡㞁䚆០뛁榅䂧鍹㮻ᗮ쐇頫䩧呭烼Ꙛ㢄駻갫꣎ꀷ푥╝㰭蜰㭠喭᧴澒♯⪍챎㳿놃䵸ᝑ䔚訰⺐춤ᆕ椢̛賎⻩磐᧍閵仮뀒펊ᥟ㍭籤笭㬺倐碂鴶艾싲厛ṗ瓇楥쭔톧⬸跮谬ꝳꋉ粟8츬围ᄊ剠줘뤋몐ꇠⰹⰠᖤ⭙穈됔鎕ន೫ạ却櫄㗺ꭲා䏝黰븳礕蘸Ǩ贃맵㛃㥺拨紤꺒ꔬ删瞾薤戈멆痨塜罜끚⡃௙承훊姤錒鰘騅꠭⟿띬㥯䭀鄺羈ˍ퇏뫈ꖪkꉏ⮊㫐ᑗ㫫䙄醬㻱摡✆⨣䱗쳦ၶ⋏∨딹쫃菢ႛ뺨硠⛨鑨䌔㗩욲趹぀䜩˲ᵭ㧬凶ⲣ౧텣첊⪞⚦暹슶댢᫞谒䞀墫搝ᑼ촯箃ࠆප닷頦蔨먤뾜䳼ᦓ雎쒲礗ᄴ沒ጂ뒓㟨툌⒪Ⰸ瀥㾮탛荦犯ㄚ셐죃ꎎ낥邏౦鏗䟲皲ᅁ요챻汖巗ᗨ㻫⑴懺㻺祺쬣ᔗ뻷끨썖ꅖ끌୆ᔟ呔쾨⠃務孁毜꧝⌑餽䖸毯럝뜦⠪쟅왎颖耖뎔條꠳漴䰀⇹챻㟧ꦞᥠ럔岋垁䒓⒆믳죷㷐岘酼涾螓瑾퐧磳ꎽ瑪鏎뻧詚뱳䋽륦黆䘹֜鶛̨矤鮘ㄾ䧕㷶勠潥완嗍廞餼㥄ු쨊஢ꖚ帚奅뇴讓鸥鉍ᩢ㴹⢍듳᭺기鿬뎒꘭뵀䠳甅㬏烼⓯釆큖䝮᭣ݮ욍旭뵡㻭罝처妱̆૩ቪؕ敬렖☀䈋ퟜ袧霖鼮䰲眨ߕ藠ꠇ⎼띿ং顣蝏 쎓寛茧ใɚ᰽睈麗饹⩣靓楸玖邊ꐾ槵瘡䨋匝ꤼꅣ澖૩㌒ុ檷␃菷襞ᓽ䐀ⷕ酨璵녋ㅆ୵㲎䗒ᚸꋥ䗍짌㌎鎁⿛렺똼䬬콞ꬾ㡽륇迩멩謸㒙鲤⓿Ῡꈜ땏᛬법ኑꆱ鿚₩ꋱ꤅⼤彪豯❣澋⇹曉姺씦臈먙耐玞궍灆硅霰ᔭ闾ᎹᏒ㩤ꨄ؆쬐倵㉍ླྀ⊰罯塰✤뾰␠䝪춢汬꥗㞧䁒ꑢ䉆磮旬씍酡浻튌ꅈร窮斕ⴘ훎器껄㝣況촲형䐍ῢ톬観☏鈝斩征㨔䳷튲ữ㌧輓醕વ绱ቶ䚺쁱뼔š꺬䷠ꔞ椓눘؍堵Ŕ葄읐没庍滬堆ᡂ쑞泭踮暷雰༬簚ቕረ⢞쑦籭ԫ뀔㯡횉⣑폩喽れపૌ蹑致鑂짇륯晙渃쳷ꈀ㹴ể䬐쁷牋泄⃭穭矽꓏⑛䦬Ř儎铡㐓ዮ믜왾ᶻ鬨亲ᶋ㜟穷붮ろ㚼⚋憇ꩴ䮡켮㛊噬◇姰뱒똇숅盰擎돫䶌ꥪ꺀歙띾슍䭅秿㎩为㒱켯۾힪썜⛴⏹ꦍ衢୒㵜陾變盇湷䍈눂露俪븍岆璃륾翐ь媣瓋눈澅䠼⧉ၲ☃ߊ磚匑쫨ᒴ㤩砸㬉䡄宱ⳍ窚蟻肜煰酹ퟩꎧ興케እ䪂狭츥㋌咡쏵솣₝윪彛뭾뻶騪▇↨뇅宥䂊⹜뀴쭎旜肎즥⁞⋧Ꙅ㬰視舲톊ു೾騣퇚웶鷍㮠묦ᆳ䝇⟸햳ㅋ쾐쏩滧싻骄⾪׏̽ꪡ솉饞尊訧빩궣誴䵣稂࡮볘돌㢛锪ꡳ㷻ᣔ㐰ӊ뛜䛛庴뤙㙮鱄ĭᅿ唇頔踛钱靃俭鏞㐊⃷슚䟁妩胸ᘬ⨻핶ꓔᑮ꺮㊧嗞낸뎽䌕뙷櫡⑇쏥묮髦롞칟勱ꎾ憴譑䫉䔤˕者ȇ謤榸꽣홞켷虓⛱䇁븸䁰뛱쟨䥻궞ꨶ㮠酊Ɍ뱛膔쌃挓ꩂᓵ艬चޞ졛끶廑І壀훌࣪鸀쀚૨䟤䌹馫챚រ庢树痡ⲧ蹣ᾮᇘⓏ켢颀误Š쑩묏ᵀヨꍘ멕퉼秾픋㔴О숡躗齫❍꾪榹ڌ뭾퍙媛兌؅盕♿ꔵ茡泪鶎楇倠屰䮽⅜뇛Á쭉ᕃ鮑겅찼抗趯與ᆓ洒轖牉㳫勡纻Ɍ䀑ꤼ섍ꖁ곻訏頖ജ೼㲛䬇㨰園莱筏㺞纃䶒근둶躣甄ꗙ榍껢캯馞䢐듳㊝緱崨䎩졠⻴쀒Ɦ䭸껁ሥ覶憄᱙䊧堀᧰䛶팕㥹뉋技胗嗥䞂銤綐㉮⯛앷娫㒓甑ڹ阖檘瘹녈멨ꤶ櫓㠚캙䵨錐蚸鰯謷吳겋岳噌ꔚᦃ넪鉾房蓋瘙亿㘪錋쑛즣쭶䰇埝죫學푾轄宛ꢙ㔘瑆쫦샲⠫广丛槬ौ脪ᄝ햊魽剪탇籋刄螨羾∗ꄑ退酏麷璲ⓣ傣稨⭶㳇ቾ䴆茽⇺岲릀㥻✉䔸⿋撹垭ኽ큷ᯄ遜宨৭飗뜌聜⵶둁긩酫蛀䦵읁酯멎䰲㈜ꎶ捳浀ߔ䙠ᡙ퍯䓥轚蜜婓歵蕨뾈쐿璻腒ꧭ᪚튱䎔㍮ࠩ쫰꣮Ꙡ뫫넾銘腢邪㴘鎈ꖗ걄ꬵ䘶䔧椱㉶ⴕ콟Ҹ໔۽뫲稤夝ᱱ衘놻麑愙ꓒ딛成䪏㹧࿔㋻梒❓♆룵뻍ⴹ嘉㞙ꝳ碴蟓ᓁ쬀킃Ო푱塖Ʌ槡ஸĨ⁖팈疒훣玓铗撿껒ⲩ販⪹Ἁ剺ꕿ섵릞ꪨꇉ栀荨栀㳜䗻뫛挀헻驹팺Я笈䴷蠐➘䵹뵏桺炙➣⠆슫蹖Ṻ喑⡔ꆓꍂⵃ弸ᗴ⪌廩懬扐묗䘛窛֦䫗⺨糬梳餎蛴ࣻ棴鋡ℓ闸ꕾጕ蛼ⰘNJ礿곇揂Ꞓℙ닐證閗㋴⛺ય쇭䱓ꤕ珊熌Ẁ䑱뤭踒렆꽃퀺⸃蚶䮆琄禽닠뻋∰穃◷蜂繻ᝇ訝랅ǔ刭ᄥ홀⳽뫫䌸ꅻ褈囤뚖䞬凅뀹쫸엩▅饿캞됂꒩Ϙ깲蠮Ṙ蟉蟟韙禤㣘遢뫴횐Ͱ椾ଶꭹ糏꿒ᖠ䬶帋샎獵䛺⧾㍢僀齨湎јꨣ㗿付恅岶ꕟ厅䢃狞茄匪ڞ嵉ᴔ빏絪柭礃Ⱍᐅ別棶ⲧ¬꥝ࡵ佴愺⬗㣙㧩枡瀮흾퐛軰ꎐܼߊ씟ᙻݕ萭朽竀⺆濲劀䥐뱌탈儚♽㉸搸恓㏒継ꗹ垕ᲆᖭ鷘盩잋၆➅圶っἶ⤍衪죆Ⴃ빃꜇⃊ᚳꮨ䌙蔘跈磍ੇὕ퉞蒚㍝䡖辥럾퓪깔䄪괹숈㧼疈숍പ箂ࣝ籒벆ퟹ倖ᩭ羟プ蹖렅⭸ອ᳁㷵Ơ툿쑆㱽蠙䄎垈鑏ᜲ눻섥摪☞鎑邔Ḙ箴땓♖鋆⪢縎菬饸櫪丹鳯穰힛渊係飅쿣呛砢迈掣഻២爃万䂿跷培ᶘᣁ㯛죔漕颈㿞鼤䱤䅶Ⲇ佰竹뱢ʧ⒗獪䘚ᬚ搔ễ맲獓―Ⓦ革婆屡䈥닱涷ӭ떜읳压ퟭ戃䯵घଡ଼Ꞓ푇窈脰睙튡ꑪ휧킌⟰程桶䇶븩Ⱔ㦾㟮虂錉䝁挷➔㈤䃪땍龞䤣䭴༆ਠ懷嚉矶厙銐帟瓔䨞欞広ᠸ薔䧟缝᜽캬练ᒀ딖ꈶ륐濛쟥ᫎ柷쵻၈䗱왅養᎖Ꮽ坫硓⳦桭Ẓⓜ업囆끑꒝应㎏垤ꄌ젼翛㣹㼌⠉츁삁툀朦̀៧푛痪럩䙄쮖鷀裶渶㙚従ἱ̇閺ꬨ쎩䧗犑麽䱨₊┒쾳莦踬妋뛐짣썭藺屮㘌䟁胅측ᶢ澰쏿ᏦꪑṮ宖퐸敌䑊䬺嬲颯녌嗵랞댂ॉ꡺龡䉶낪ꈉ䁵輻཮僺覸䵢♙߼훹ꑛ➅἖ꬥ⃝혢⑙칺褒ꟲ鞋瀗㶜翃䉸˘ힱ찷鶿ᡞ窺櫑趟鸘⇧숄蚬⥒珇튕৥땝諺俴죱ૂ瓃㝷팰㶽༢߅㤭궝ේϗ⥠辗ꀴꒉ㵠퉜㙶㍒夸䜥圁恂轕劺若ⓒ虜∏圡䣧掵㨇࿗뷛⾿आ䦼ٴ门㿫䉄粜ᶺ䩵榧䨅ᒵ쭲㐥괒㠯縋伥舅쀍䑾泴뉽쀛뺉뿲ᨣꍏ俕Ẃ摑ȕ゠ꝝ躅ᫎ둻㪓⻡梠Ẓ鵀ไ뷅ヒ븼ט틀⹴ࡔ團蔖≽腘킗쌵僷ㆷ➵뺖瞉㐻㮆聿ᱸ鲛䧌蝍쓍룪⥟㻏ꏣㆸ粒ꠇ⮯迸矾뙁羙疀ቼῘ塜㙋뵇煏弡Й剆빛쑸졆㸫祈詭ᖕ챟䲆ꎈ즣䋯갻͍ᰭ園잜뗟襐㨮ᵗ뚮溼䦵鞔ব컿쁉巂賤렧㱕ର嘱냿䫥允從锤칐嶄Ɠ菓霏盵톲췾㕣䷂⽼⠶꯰꧄㟒큣㋎〬ꐈㅓ퓖㢐五Ռ䝃윚ಷ䫴ꥐ藚붒뱁♢㺝᱑蛳䢦ซ὆텽㪖힝럱黠弃떗噯訵ᚴ孯Ĝ㮒湼ᰓ䗱ꈊ썊ᣰޗ褷핱髿ꚼ鍔銿䥥᪜ᥡ攬᝻홇键ᴤ朐Ⓦ譒塗铵ꪚ犞텈鴇㷂䪀らᣴ嶏뮢龷砳躴镙⶝鲾૿꾧≿蔽뛸卄횜盬限铯ἡ蜶㬰✍鯳楴鄢렝᱐킮曲톭슾次䐻෭뜦䂞죡扇偩弋ዅᙏ鍂忇洜䮿໰屗ෙꀢ᳾寎軾蠗溋ࢉ鎎릝酌工곀ℛ鳁ᘴᦶ螳孳᫲슨烙亷庼㌧⼍諟丳俦쒇娶걳쏤췅쫐遥륅夓挺鄏蹏꤉쀌嵡飤産먏㊫紓楰ꭳ㞋嗭ᴎ꼹သ딺䜰輴把鋠㫓뜒縐ꮁ䠛䳴얾쿽矢鸘髩笘炃뼬鯵ᎋ城궘좦᫯睏䃼釤곉랢玮楱壬岂┱锗䞳ḛᚧⱪ횞㈹ӥ吷퉸எ낺罓篇倖麠Ć╞鱘ꋞ烺糊ᱩꏧᒞⰥ䵶曯먋⹢㗩濒衸ꮜ濳纞콓탍㩒≈랣跅矬㳙ῐ䈬똫⨼ᗁ쯼赽븟船挱츁뵴ꭲ莭뎚ꠥ퉆뛪贉昆㡄ଁ䒈㮾찪䧞න䳚݃밻康㇙롉뗟꜈㺛⾏쌕ᴂ젉눳軀酵⋃擑㷗ӄ숴㈐螝ණ뫝踸㟽섧ꙋཐ諱왵襫둪腜ꥧա⬱詐⊑맛꼳됂奠ϓ⸣扵♹밵U⦫郡徔䐻蓯鱙普鮃睝뢄奭鮿쇎呶钒ꉃዔ荚ႊ骶쫣뗹㯧ု緩숃उ挮턱蚸蜸弛엏⻢땩㮸愣邴踶햷徦ꕃꅑᒠ╬舵⠼矪玉ኔ뒙ຼ닫ር妜䳄듌ไ묩뺴㶩䪱뎕倥㫛暺硷䗵雁댔俛ᢠꃦ蘆ꙷ턗♦ਊ絓乢䐢뿰ᑶ̻蒣শ萭琺퀜嫜祭렀䗝僢뇸␯災ꒀ띰賿ᒖ覺됤扞뎩Ꮖᴓ火ᩂ顑춇觋웼㳎揝뗫⥤㧭螗玸焴偷쫢⋗庢瑵龯ФᬳЉ鞁⹮쥝渠䦾ꈆꡩ媘껈㰀՗醅⩳羞痡旟ꈍ쏢嶯ᖈ썺퍯貥黳띥ሂႂ숪떍艮㖌峽Ȳ퍊꒹䃙莠㦕䒂翨᳿쉧᳚찼㱺ꃩ퐇釦ô螑潡迈겸䃣佫漞⟧㧁双㺉ጽ㌟蝫Ꟶ벡췧彏♯뚋욈臮䕣襶氘뉆踢௟㳗ฑ狽鸏^㑍⮉宮돗냢꘾┋ꃎŬ襝綺䍸탞쇍旦央ఠ䷊懪ʫ뗓惞攉ꩧ⻷垺柶ꦙᜤ挬གྷ셦샻࡚끀艐뀶干䤕鍙᢬鐍躨펥䞪⩷条䛛瀣嫫㖌ꌞ鮺욜퓏ꀴ嚪㳔넣躛拐쨑좞傉鹻ꓢ쀽삞덹耦紗䐺꽝袱䈻품쉔ꕕ镶怫Љ烋貼᫟ヷᵊ性㼽띹왈啷鹢呔㎸蠆䥇掔䇿싆塣ꀦݯ睐輥궛Ỿ⎐▥榏ࣶ岿蛉༄ේꁹ슀믧錼贁넕抵䫦ąᾩ鍷掲鈹싢◂嶝ᙣ迋固豧๚掷횻ㅋ㰒懈檭榢躤틔甲먏쏨횭膼❴舯驁ӛꢶГ蜺眖巷됺ꕡ⠆ 垆㲵괨ᖑ뭰๲䌔Ē↛꧷匦Ⳏ၌岼뫡㘃Ђ虻䆣ݖ頒؊쾳骗Մᦩ삳锬⑋쿅᥏ᖩᝧ㬱읍롕ꆫ辳駖尬燕댅渎蜥獬犌⪋눵幍പႬ旙⥊浫䑐藃읏甡뗀뒦▽廾Ⴜ덾羏稃ょ옧묡抜훽뱅ช᭖䥼巸䰖琬攗궼囚ܳ੻熁⸔㩋㈉唑㱽榵ꛖϑᶒ킷⽗䀄쾤Ꝧ濨ᡳ캜㜟⚊燤凐뿥멃ǹഥ᭵煛⪀禑ም⏣煐鸤㷒뽉㣾푵툘Ų맺޼鋓廔䏶ꙶ鲖웧Y븆酎⭚宸杧댚陨殟挾鳭⿹ŭ㔁㊃⊽ᵾꭨ疋獵蘉ૂᦜ淞節ᮼ݌㬉⦾䥜ർ茑퀞⪊籧됓츧Ӓไ䌠级룽䛻ꊜ눩丼噬㋡⨠촵现邜䯥춃豲゚넜雑궷莸烏㒢Ꟁջ謍咃⩅흷荥艦韜纃໫艬鄔ؚ坯㗚璋㐅膩圧㕱図渽翰ྥ컞뜧姾䪿悴㤗褒奯욅⹲荃䇵㘑恗堁岻⩱鹅壧籋䠉ꄖ䫰榦ꊾ舤⎠璐奉恲䳊亹낂榾鰆⹲痣ᷓ槄䰿垻䗺ʀ臊ㄼ恙෤ࠁꪋ跧ꖉฤߩི舁ⵯ簓౒鴹ಮ鞝ஶ鳩專揔ꖓἵ鶜☍璊㶙嘿깦ቝ♖璥딷鍭츨鐡䜔鿜˭飭ꋼ镝㟃ឯ팭팻⥡쮘雜ԕ嬄͂뿇╜ᆔ뤚꽿깨ᯇ퍞旓壐Ⓤ⤞⯇ꂵ赴㍮ᓦ䯄퓒ល㖮筬ꗾ㧂ꬺ趍涑闱억傺㗊Შ꺈䡑쇘㦯웺ꗲⶈ笄弑⓾᫒濬ퟍ苆臘๕듵耸쳗Ԍレꥨ쾯慚꺢䈀鏄䟘確ꣲ꺋⃵꽐땒ථ㝓㼽渥죵㢏⸄ḉṜ巚沥ϧ瀨话塶䌾䜐簆旘㡾⤿蕯ꦲ瘯臭᳸공덬흔ា폭㍄줭鸨䳐钁㹹ᚯ፜㭒Ꝧ뫏괴ெ褰軔䠣ⶹꔹັ⺺㜙轭惚븷몕錣蠔膠횟ꬋ碂胛눢얡緅䅛옿큰ゑ쵊카⠆뽚㞾갍蒉악ꭥ침‌꩓蠫떠퇠輦秽癰꿬ꋮ㩥됇ꎚ劺縒醳溜㸴륟柘燀⼒厍泆릞鱱ꘔ⟽ഹ㬽ᝂ྘챹폻䞰똬钤賗ⵯ겤꒶俊飕銦♵抂甅ꉼ䥛슙ᾅ섊拷喜ᘍ븲疖䑏쟗힀鯏슈೦睴蕋䯬懐懤쁫㻚柚ゅ瑺淪ꚫ饺읦뤍萎⍷瀔Ꮅ硉馌⬇➩ꄌ口´䚜抯샐⽒㲉藘炞ꯗăꡩʚ꜈刜뼌葨੔뗿㌃瓕▕俴펿訋遇怳寛亞⭙㖋缠䥤貸⑀苷㤙搌얗㹃䤵琵汖쐰鵍ገ袣㊩ꠠꮕ椼䍵꾒鮜꾌螧潠帥ٗ鸷䪭烁橭㞦⥕쥟摲嬫឵햦輆컭熬േᪿ揘ų앇㵏槰⑾뱆ꦞᏑ㨌ᡮ❇혱⫋㈑瘼ȫ撲桵䇟降뎉珍쒸ꙺ壾騸墐鼎댒泳뗵齸㱛㜘讄㑇뿫朌체㥄ᚹ桎쫰吶俁移쨬乕찏溪㼊◄⭭ᢡ쑛ꡀꊯ氍ᱣ찲駄藂斬셬ଁ屺淬ԧᎣ斂䉤⧫蛲ᴀ⇃蝆ꈰ⠃钪鳨筣剅漣₁점쵉㱌✐ؠ钽㦅럄属쌽㰂夵铱醩屋펷峵㽵扛톎ꓞ퇇ſ゜㨖롥䨪ꐃ瞒닧㲃쿀寨嗴狕ᤧ㘈ѡ瞆ꀅ걗⩵隣築吥Ԡ㰦䷳䔦쑹ᐔꃾ蒀蜀忮妃쭿뗏雌ⶫᢹꜤ韬幦ǔᡙꌍ⋉怎䁣Ϛ㔕찱ᳫ蕾耴ѱ䓺畸蓭瓅몍╠꿇痃쫋졖⿻܌菎힤삙ᥠ辧뾦듐쬀ᭉ⪢뵍鏯⅃됛鳨ὶる岠뽼濻낪脌㵐켇琝廂墴ꍥ藝哬랩䢦螦ቊ谐䊴ֲՁ㉴ⶁ섈滯삨怊멫覴鞁㣟앉睃਍텔螐伵眖㗌읺䱎觷⌬텔鑪撚ꊈ툘흾㌍죁棽ꀬ嗗鈻뚗ⲑ躟큑诬泭䐚꧂㋏⩠ꏂ䴽䋄⃾꺐㳼醗㟨뺒䟑䅡츳䘶㋗嫭曭ᴧ㏧7ྦ㵒弣엘垈齾ᓶ甲触ꊪ铽ꟲ䉇痭눡躑᷸䆘섢䖈쌿讹阝炫㶐꥝뀻酒鴦䁗委짡዗搊䎠黥몯厄엄쌌᫷犒螗㔫ⶖㄜ䨛욕폝牮돼⁞䜀ꘫ릤ज़쇃餁军焀锭睐쭘ᵨッ갥ↁ퀶ጸ߄觴㵿뿘扁捇ꊪ妨ᕘㄽ裔∧䃛負⏦듖㪚竂刪巪෦䳺⵽곊툩紻횷苙嘯퍈퉽偣뚑֖꼦㘳䞏퍿穁陼遃죛섖띱䉢ፃ繫ν劽뎞俶䧀ᇷ䫁츏躱৉쎢੥뼞㏳뚖䔮糐㽎᪕媕瀶䑀䯻噚뽧䜰渐卓끟烞螜芕ꪜ⵭䃁⾣㪹뷐亘᤻蕠窷찑넜姩璟ꪗ샻ᩴ䏓ዾ菁蕞且메毦싛உ럝ᨳ瀜ꛂ̺℧ോ겪࿖速檦툑酽쵔껬痁禧ᬣ쐸ᶔ敵吸渔찟࢕搱갵昐㐝뽶㱯舍䋃子鶧꽼ח顐ⱺ틦㻖嚜み톛ᷡᇥ嶘ቬ鍒暞⩐᪜ꭑ峕볧ጹ搢眖५눨䡝楈獚錍裗ꤘꡇ麫阮㾰㱉პ兠베補櫐ꚛ濤ꥼ舭ᗝ誹嵪黤ೣ墜㏛「碅納펂䯩駩䭠〾秪㩛綫䞜⭥눕䅁趇瓬棸뉈ꂁ얧ጠퟗ㈋횈⃠設댮俲ḣⴄ回෰醔桇ᾬ⫃값观폸ᾴ얼癞課崿뵒꽸ᇽ̽䣣銱斢⊶ꤼ႘컐锹麺擋瑻䁑⒞疤懸贁携ਰ秵茄췯蠅ː샋蜔ᇚ櫽祉扟㊣븠뛪⪮綬榅᳀椆旮멤捌㻂勺轹⑌⒲ᄩ㻵଒ꇦ⣝啛޳禴ǂ鷿㉓䧀ᡦ⋡毱ꍁ磾鍻續裬⍖쑣侒胔걓뾏◈⧔햓㡪鉃ꅈ썌蠮袙个秦령Ɪ脢⺶ힶꠢᆱ眀駊蹝褢䏝痗薊톮팴严ם㭿羸┖比㸏ꇄ䆐櫑৘嗳꒙⾛썍跠窌䎹鶯謵嗬륒䛔焫来萸܉蘊⏦㲣暑岏塰鲟ꉔ噋䱥洅్좕髢쓃銇㛍㹶ꤑ劌қ붆㲅㏃쐒㔰ૌ棂䒽Ꝺ䗠䜓敆⫠沣䫨㩅዆䦔亭䄄部鍽磮ᢎ뀻昕埛撢ꛥ垵ট腻澦躦鮵趕觃唅惃僒૰ꀱཛྷˍ⊡艒쫃ࢫꠄ歩떘汫软Ĉ왲闎怌ٰ耛쏃∠ᙙ苵䢍賂◾병籤퍼⼹ꂖᠨ裪⎋瀤琲ᔿ稽ㅞ㈳볳蹦訾襤焰ೠ㫍㹭竆㾴査闬읠楤Ꝿ⢘ቻ꓌ᤦṔ敩⽾좼욌긣ᜢ輱㌐獐많梔ᷦᄎ䙬嘚侻桿㊇⧖ꈹع煉ꨥ回麂覕鷯㎋옏ꅴ뻦㋉ᾷᘦ砢溌촲옲螎循렉潪謭幷ᩖʝ韁뮑㾼Ѫ綤ဲ梳᛻앝ᇱ鬱럵ꃺ꼧섕莁镒怜ὣ齇쇶阹篴ꖕ掛玗젏滏握쟩콜뎇얞蛕৩쐩誑큶쉱⢊䡕ꕦ씓迧党ᩐ傆貁烌笇뇤㕾ꦫ葀㦘ꅟ줘뫣钀涓벸݁殹ᓌ飌甪䣹煉⪤楣밧⠫᫼∗悆瞝⡠㣗렩䥋咇톪뵟秇僶㍺燎犠嬘먦杕点㉗㚐뿀เ邝佲鸤屋៬⚒뛿ိ폌훻㻞尨햘ᘛ⾑慎尩䱗跉䔕蓭鉙᠐㙒샰ٱ藉態㙞捩㦔◚膒焝퐛쎫妓購宽䯕ាٖꛓ೹侀藵꺇勴羞㤇蓝ᔩ㾶㰹ꛆ䲝䮛ꢦ䉚㥽푷踮轜꺒씻ⷖ祏⥗楲꒪塑蚣䘎⦳뼖퀌眯䡄磾Ѳ䖸ᬚ氠◕啣밖쪺⹢껗눊娀疞伌㚺ퟟꀴ믳䒼뼌뤆旯貭ጭ뼖ܮ₩ꮽ⋪曾䁫ןᚈ킇ّ琜䔫뾴쫞颕젅⚊돖ᵝ큱᪈꒏粕捽篙磓뻻뭁ԧƫ㰫㶂昂㼖뼴縹ܬ㊡攛뱵⽲춎왕擩喳㡭⋻뷎썱領킕훱蠯쥍핑쳌唲쉖屋Ḧ㹺禚鹔眳ٙ軎⡛鬽嵜㇎珻礤㒍慊剝䀲桝䞻瞠휇뽋ॴ懘萦ʊᘦ縆ࠏ㖷䀍㊒냴嚬傉蟋뺅谘꭛᧿ꔒ䑖츖媧켖삲伴죥⅃䌂姲禖ᄱ氠ꬴ​ꘜ攔읟⟾ᗔ擵開๒氩覥岺夢춑樴掊ᵓ⊁蝞藻ꢍ罉沌킺縙븖昏ꆙᖏ귮퉱斡磎⡔犧ꐶ壌뗽踔삑ฉ襈偺ᗛ᧝亼吒맪亠锖絃☼鑆㿐폵悗㏧⠿襲篓欽囊퐬Ṝ泖ⓣᅦ㑨᙮ờ됸뛚❅쭲鉟爭戟탟壨꧌歫ꟕ틙칕ૃ鸎ᰔ鲖㑙糅㇙錙竿★㌝敓酠➂擰౸짼初쳚먉饈䮚ꃵ坊誹籐惠꺁鰓䁈钹⫕勄ˁ啍欴ᬿ娬디㌘갱鋓穽ꁊ᭧愅ᐺ䨋黝⣤ͷ륨쇕গ瞡け팼ੜ䬺籊즔㽀扁㹔⥙蠫㲹뽱甋ྮᥗ엡뒣鐄뎨傭⽮㊴⺞㤴㪃뿮奤飤㞇㬞鄖࠺淁劶ࣩ롖䮚㈂髩㍮灻㍄죗᠑᱿᳐㇟牼䐫ጅ΀数꜁ヂ垔耷蝒읋ু匁㈤쀕዇鲺Ἠ䓞ໟ糱祛䈚郭ఐ柜綊늒꿼⍼꬛願䣒曚瑙袯졆穬⫙䇊즶理溤뜎║釯ॡᖪ댹躌晥笀њ铓㊄旀삊렭ᩓ䛯઎矎ꋝ⺖鄣剄ⶉ㩢砚㎰䋼쁮豢짼㜊礅蘞㴳휍㙑៸꜔揭迃톹㠋ᠣ돡⃾Ⳡ护䬪业밊⛦Ἷ㙨䷥覎ꛃ蘇鍰ᴟ㎜聽鷛歐㳼蛼ˠ挤㪴幀盗辡날䝥䥒銌⠺ꆑ뺙鮆㤆韃㗖퐄㚑譍偞䲋◕鲁맾֤낰⺮튦골ꔽ苸ც薂멇빼㈺W혆뷫푊ࢤ厛읟밽⇭᭓ᵜᙀ齱졻㦈酋佞ꬮ⟦⚪찵拣ৱᲆ娑㚰忰═蔆뻤歐嬊춭꺋쬌뙋駍萪藨ᗃ઎遧ꪕ狡嘪쾊㨙駳傚້ᓏ⋢薖餌璐첣甏땮㑄ސ劘溰긾贊䇊㍙꤫獉顲䛠쩡퀰斥ㅴ詂螌껿⹥쮲ᐥᜋ섯括묏잢퇝绚涿텖吃⮝䑣껛䯔桩償Ƌㇱ⼃닿嬦㢢䓳䛠ᦍ耊䌭੪鑗喞༠ᴩុ㗠屓齪엏㶼ꂷ堇ᚠ㙊ᗳ凃◨℆㤽㻨쌒᱋禖聘ᛲ唄旾ꦊ蟷띪ꑧᶺ蝾㝤税狼浣ꦆ㱪愠敳ހ哯ꎭ⳹즢ꡭ亐ꂆӒ⽰㈚䫆붴ꖣ画⇦昒分旼翠ꔨ壚ั따毙飾쐎뢸潽市ゐ㾘ቦ逖ㄽƦ瑻種᭭깍垍膜茿ᜓ䖛㞬榔ㅟ뻉띊㘧꺸썥炄⡁㟦ᦈ澿땰紲㨚㽯㰌僞婕⩚ㅖꕼ愨㫂匄Ƿ˧嶖姍迟묳쇍喟蔯猸탥톭樱㷚샺ષቃ묃䔖씍⋣昮䩆㚒왯뤃ᠲ瞴⌓좀⪂褽훔翏ದ቎祧鱳勌㾈搮䀐鲃닖䎮巔뇜鷦瞖ꁋ䕎堇겉ȕꊮ뀞籪㱆뽤塓श邠유춺찻㹪೗숿셫铬댲薡绝䚄ꕠꇼ饭쒸깞噑졗┒彦瀋턁㢟钶殎譴亟㸋䯠埸竾備开槬⩝詹怹ඥⰄ眃☯෻亡宎䰘샅앝鋦蕣䭡㨦䚸탩늩ᙹ袲긞뵫喐㟄篫궝엘쪱큣斠問候чむ㾑뱗쫚࿗᭓쒺ㇱ팬쭿䒑䯔頢정샑氬〿䧋濋܅鎫ᡣ⠃洵⻾龱位덧攼脏瞜∝绖窝頏ཹ㸃랾窻醙潺ǟ㾬斳ꝏー骽Ⓜƍ懾䍺솔ꗙʘ쁔༓쒬푤筰횀깁㭱뻜婦ྣ攴欌殫譢鷫ዤ쪁흰죅օ긳鉸庑㒅䨰㿧䥫뉎쎴섚閚ؔ巌卿㼍鴟䤒뼪௓틯䎎禲塦㲧紊忁䥸ꊦꦂ⮸⃀娊慩㫜ꟁ䕜䜵萲딽샍鏋㱢脶ᙪ鞞⳯蔡ᘫ锛졍ᜩ픮䱥䁊겕깺彠踖ࢎ쭎䛳؏䒞渑焚ᬵ涊荀頷㛬콨ᩎ᪠⿉끎䲽ꃬ駕媨⻮⏥젍ᐋ꬈䞆୙鋡萯㬚ஐ금锣垎䒳│̎㴤ଌ傩穈稢▎땑Ʈ㦤生쮌㞥뻔〿䈵號愹㛇錔᮹哽悒៺䎣ꖜ櫾푙䚙㎙䄥үỽ냳ԥ恀⪬봈꒔뚸ጀ凚㹣ሎ롖넼ꗬྡྷꂙ䰑으㦆白㓋卸눹첌ы霄泆ܜ圫ꟍ짪潡♌䜍밡㈬왧龛믲錚葚㙆↤᱙磖⍋哿ᦏḜ㘻ꘒ⿵ṻ흤ᚽ홂Ɛ鹛뺮䏮字䩓䵹콤됚睻햙謹ᡁ銚왳⽝됂概㍯閏鼻倱〓翲⾁ヺְ픥퐄譺闦맧ু淩䦿䤜뾲찾纣淗録勿⬣禓ᬖꭽ좧㰖௳珑䡲ꦠ웏㱃ᶊ鴷ᠣ̖憐෰≺挟⋲桊밖㌒퐤燹둳⏴볳낰娼㶣⽩딗뼡痛淠⬛ؐ뵷꩷䍐酜ꍊ컽鸢鼃좷哎퍆ἚΞ㒈즇䠈⠣虎ᣴ執ᇡ㛉෹⩦讍Ꞿ驕⻐羐욌䔾烮㿃煵핅㩪ꘙ⨕ӽ姕ㆥ릺頇탸锯ꉉ᎔큾䫄䵒덊⑑쭮襷䵓┡䛘紗噏ꖗ봅딺ᾫ蚝䲼࠺燌쬹펇ᚨ틈튕庩棧㠡갗坬䫎᭞튋솉벫番⹿헳⏶a귱쓅Ú곡胃㎁놟蓇䘐蠆릸ퟋ摏낶⎦䜙₦鱥仂Ḣ稅뼠㎤䌿픥촭坠♹馾╻㕑ᥭ鬹៖䀺굑옛嬐쇌댌싁ᑗᘷ⚰গⶸḮ깃Ẑꃯᔴꮮ粮孶Ꭶ㦤恶ಊ뼹惞Ũ闢羅⩥㊣㘺䋳ឹ孀⦀꧕块霞Ⲩ큵ᕴ⸿⪡鲄堟枞蓲꾈᜚⒈ᘜ➞圛詹䄵Ȇ䅌옘ꁲ偍삹ਬ쟤㧅࡬譿㘳ꤟѲ웽瀒ㆺ螙尯団⽏껶䵇䷑ㆷ侊縬埴䚸渨聝阿宼첢뽊䠡걋暆⋎Ⰼᛞ쏹퐔竚䘜䦠퉸ᰦ뾃׃呆頲љ಑앮텷緡ਲ⾺ਗ਼닞츁෱䙗ꣁࣃ퀮稰㣁ḗ㳃쁥ス㵙⎿禍嘼ꎏ鱙餆黟鋵ɴ譨᪢沃鎊鸷굓꫓ᑧ炮⧾米튖춤귕耤瑌ᬚ㦦횋⿭ၚ慭䬸큮셤䀇ꛗ漪菌光鎇손邊நဉ쟢䤦敻배꼴쏣㬉ꓧ빀◐ꂃ杂✷薕ⴰ氎ᨺ攈毻옎퀚륮⮽욶ᖓ≘凉☨㖡؁斺쑟踈賢潝篷⭱宋⼴눈ᇓ뵨猯ꇕ菼雫ꕁ諬⻁붐ႾⓃ೙ಉ꽤⡖ดꏯ୿랈᡾짆ᒇꀾ૖纛䐰跻벡㜲༊顰枃暑쒷䴒쥋彇᭕⯸ꌠ㡛녨枊쳽硭₰喅陖䏟紶検먀겑ԋ㤴똰䋂鞫㨶舺ꅮꠒ毵ॺ㙛䐣蔪鲂䥢ր㎝⡷훒୩砶舍烐䅐竕⇁▇Ꜩ嶩1㲔⪟츼醐໿㘩ῼՋ鬤շ灮葧캛騎貊はൣ夛㕢䅽Ή苯반䫶躣▍㍵뙛⑕ۙ㮲觅ސ缫蠮䛭嶲喉썯닰㊼⤐䶬ṝ聥䕎銴챏惁헚뼀ꯙཨ゛牲脳鎰辜돉婱В運嗛켧꼠탖续䚉唛舙J셧첢汋ᮊ✄쉙繻簝끲뇈鎡嚕猖鎍䱌㷮侠珃ꐛ庵麍춼Ԏ뉆緢᪠渠⏋潙㓰ꮯ艃ƀ츟♗켽頩篮ꋑ貢꽇ᥤ泖੫魟ᷗ쥓榮䋨쪜்쿒쨷◢̞粻츝䯶瓿ᄁ邾ꬍ璭ꍯꔉ쁾⨡虠殌拋셜㳻䍤諦峳틎哿塁悿ᤳ螽䒨䙵֫ੀ♧뒄篅톆Ỷ劓⩭ꇂ仨䗽鰑ࣦŐ큪瓀偔饷ⷷ豳ꗕК量꞉袺膷烶㼪瓮圐➉偼Ⲅ䠨壔꬗糏昲ཤ텵㳲郖༖ꎷԬ䚙蹩겁꺩☲瘯虢捊副兝诰뉞⪛ᐺ娢瀜㇛掰欀⚸ꇙ췺做絽烢㍗횧쿆㱴ס쳁谠椙휢貨衢烗㛩⧖祘ፙ狂喭㊶꧚欪ਗ਼⃕鬉뱗缝ᱞ浼㩌⥙佽䞧䯘쎘혁험픎製呁ꇯ硈澏橣螄먶䙊됫䉛屙謊긶搈峁媣遾댵揲툤虛쿇煞莅릶냂它ᣦ缛뮊䧣땹昐쎪쿻睖ᐩ찊⼸⬡컈₃ᗈᲉ魦蠨ḕ㕦얊ㆵ鐩璘웰雍媚傍뒼鈗ẛ倜∹려뮝眔醅㑝㍟爟⦧孑Ꮶᅊ䥗鰹녌県狴ͧ쿧͂巋臡ⲑ讨ሆ㞞뭧ቢᾦသ鐬謉⓿㬄⊥驱걺즘Ł耗쪿紶딓咯၍ꮒ門⩑诜土财缑揎2缪싌齞ݔ쫲漞ꄌᗛ얱찬栬駻౔ꑡ䟟졫㻼챐㘼瞣ᾭϊសꅬ㜣ꃅ衢얮甯꒵똹呉ඣ꠯⭔⬩혰⽎㕬䌟澀ꐏ᨝˿딯낗✱䐇ֆ”췓섦㪡䐤䀀惶∧抿㟐Θ╺쿄澩叅꺴賨蟮ྋ띶Ʝじ㙌气ꦐ꙱뺎䨤숳钤㘢ⲑ驞㦂鈳埚愸䭛ꕑ᪾Ὺ䁰ᤷ秤霑⬝襪樲啧ꖲ⛇鮭흜혃䗄꾬㊸꤂偢黒⤂鏉௫挞뇇繃摠闔צ瀶쁮栵颞邴儎妒Ḍᮍੂ傸굃蔃㴦碒쩻⻝ꎠᦛ퍴䨬㎻穌닮Ể诲ᙈ릛覀ꦍ宓岝㮭蔝幇Ä⹉饐㞢瞔寇ퟑ흫췓ች孕ퟭᶖໝ朅塵㯖糰糌됑․ҟ揪ۤ딶ڢ똬鶲䥧㗂愃楛䶁䖾諭㋩䄤䇎쫴ᇬ㸖㓿繓凓쾼ࠊ蘒굵㣉猈応垴芻劲늊⚎霕봿㓅糊꥝⊽룣ᔇ郼㮳䎲鹳ѐ槛迓꾯荥᭕蜎좵䤱줒诿䟐⁈䅘ᝃᔻ쪑㡸문Ꮓ⇵攍ᠢ濬稩볩오崮ꖮ遧拠舖왙앧¾챖窙퓦蝽ໜ퓿慬肩赚ᨣ痢遠䤹ꋺ꪿瓃胉➓↞謖ஶ뱸칝嵟靆⭶坨뉓빽ꮶ墎樃鬒隂烽沯镵쫃黂ᕮ逿쯕婫팇䳤䎱뷦坜ᵫባ뮤䮹쉵ȩ썟莔뫂鍦哷鮷㸱꾓ⷁ儯㷫焏眯ꩊꚚ౏⸤ओ㛞쑲ᢖ犑삌쉚ဂ⇯漛뻮硃㟿뒔吳絾산㗇뾉瞺ꋻ淳㕁딙悝몇泬跟㒦职㜕慵㉹킹즰퇥⋴蟫熓Ӗ韫혍㕿쨣ꇧ꧱ឬ넪꒷駝뗘ᗌ㠡㰌؆䲞楯ଁᎌ嚅♃鵄⭙ȔꞐ粈퍼諍듐揮鷝ퟁꕔᛃ鶹樷籕䒼ᯐ㰅⬎ᨒ⣓ꊭꋌ鸠旃篶宣抣⠠ʊ栮⫉椞砛ྏ瓠魡ᄪ낣挟⽦俘鑞㲰Ѓ⾦⤐휎썜吺呺蕖ꝍ䀿⿏鮐⯨勇鏨苔븕穐邉℔餟邬韑济䒈녁붿㣏琕䵈㋁㦉䅇炠乣ᔎ鐼涤员ꄋ೤㹱尬佒於䎉ᨏ픷磕盳荛䭀魐鳦哌⣃ғ໺⯍隂瀳蒄ꇢ劓縘⨜呺鼉⚇莐ᦿ숲웒࿟䡖寅늅⠈㣘铈擊惘间풄 瓮᳷崛狋建ꉑ켗蕦╲鸊ꁳ㐱配ɹ⡿ᱤㄤɃ洹꽵투룗悷뤙삹椇ғ耾ౝ剉幛ᔮ쉒㡾챝袢쐫媅웒信떎淈饣⣎⍲趞蟔剱췈嵼݂菉㽑콳䤼䝔跡䔢밣殗꽌䫀家䧅㢯쫰㺟憝፻֑b蕫툁韙㪛뾡ଔ䲲텳oꠀ㌻妊덬히짲鮴뻂萨훪쾡埾迖ຼ᠛払⢔盯ꓨ暥蛏뿋뿸஋䬸쭗挤偆꿩㌤땩䢉㥉ᵡ닚嫖ᕠ沯增쩅왚퐼法闊შ蜃炊꫹䐆ꦦ㶹厨ᑹ奫듴␯䴬뼣瞒뼲쪬├⻜⟥썌饤㗞ШꝎಈ鱪Ŵ錇쵻ꛋ刎뺴䆭ꍙ独쉫첆猍憄Ꙣ綱솮馄㞝珩飗뺊崵啴稵ꐴ톑䗫电✾걲洁랈湏쵹塒퇟野斿禒䔫文⶯⽶菢禋鮲吿䰆爖ᳲ갢㨇껲궡뎦銭悍ົ菿㷁檿녁즉ࡓ腣青㇇춀슂펪軕㋏ϼᣏ鋮媴⠐ࢀ퉗⧒瘀댰Რ뤨확닡魼䂪鷉禪೐᪦轸ꀈ䖷㽡啚絤锴줓ኄ蓒
鋬肯Ⴃ䧭継ౘ᰻蚄爺雏落얐䙏逓䂑ᎁ篡඾襠莀흖ݪ卙꿴筼ᕛ펑ᴫ禃鍋Ʈេ风聬燪ᑪ炫㳏纩췷㍋꾚㹜堹팒൅੢ᨩ黊ꄥ轺㡭䐢偵쪡ᮿ鈔鏖嶔눿ᜨ⣣㩧쐂㨾䃨ⵟᓰލ䴌駌喜봩오፫꯵≒엫除ޔ땑愘琠ॺ꘹관咭鄊ܝ适


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

It's just garbage characters and not really Chinese.  Probably because the infection is still active.  FRST claims you have Poweliks and it wasn't able to remove it.  See if ESET's tool will work for you:

 

http://kb.eset.com/e...ent&id=SOLN3587

 

Normally we have to use a boot tool to bypass windows in order to fix Poweliks but ESET claims they can do it so let's give it a try.

 

If this doesn't work do you have a USB drive we could use or some blank CDs that we can burn to?


  • 0

#7
sarahb16

sarahb16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Oh I've been using CDs for FRST64, ComboFix, and TDSSKiller. I'll burn the program to a CD and do what I've done with the others.

 

Also, I've tried to run ComboFix and it keeps getting stuck on "Completed Stage_4" and then nothing more. I've tried running it twice. Same thing. I did run TDSSKiller. It stated that it did not find anything.

 

I'll continue on with trying the ESET.


  • 0

#8
sarahb16

sarahb16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

[2015.03.31 20:52:49.313] - Begin
[2015.03.31 20:52:49.313] -
[2015.03.31 20:52:49.333] -     ....................................
[2015.03.31 20:52:49.333] -   ..::::::::::::::::::....................
[2015.03.31 20:52:49.335] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2015.03.31 20:52:49.336] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.4
[2015.03.31 20:52:49.338] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Mar 25 2015
[2015.03.31 20:52:49.339] -  .::EE:::::::::::::SS:.EE..........TT......
[2015.03.31 20:52:49.340] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2015.03.31 20:52:49.341] -   ..::::::::::::::::::....................    1992-2015. All rights reserved.
[2015.03.31 20:52:49.341] -     ....................................
[2015.03.31 20:52:49.342] -
[2015.03.31 20:52:49.342] - --------------------------------------------------------------------------------
[2015.03.31 20:52:49.342] -
[2015.03.31 20:52:49.343] - INFO: OS: 6.0.6002 SP2
[2015.03.31 20:52:49.343] - INFO: Product Type: Workstation
[2015.03.31 20:52:49.343] - INFO: WoW64: True
[2015.03.31 20:52:49.344] - INFO: Machine guid: F7A83454-F29F-471F-8574-1F7D50F5618F
[2015.03.31 20:52:49.344] -
[2015.03.31 20:53:04.907] - INFO: Scanning for system infection...
[2015.03.31 20:53:04.909] - --------------------------------------------------------------------------------
[2015.03.31 20:53:04.909] -
[2015.03.31 20:53:04.909] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2015.03.31 20:53:04.910] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2015.03.31 20:53:04.911] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2015.03.31 20:53:04.911] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2015.03.31 20:53:04.911] - INFO: Processing classes...
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.915] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.916] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.917] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.918] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.919] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.920] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.921] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.922] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.923] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.924] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.925] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.926] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.927] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.928] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.929] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.930] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.931] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.932] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.933] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.934] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.935] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.936] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.937] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.938] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.939] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.940] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.941] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.942] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.943] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.944] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.945] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.946] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.947] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.948] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.949] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.950] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.951] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.952] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.953] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.954] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.955] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.956] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.957] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.958] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.959] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.960] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.961] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.962] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.963] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.964] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.965] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.966] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.967] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.968] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.969] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.970] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.971] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.972] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2015.03.31 20:53:04.973] - WARNING: Found suspicious classid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.973] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBB}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBC}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:04.974] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2015.03.31 20:53:04.974] - WARNING: Found suspicious classid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2015.03.31 20:53:04.975] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.03.31 20:53:04.975] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.03.31 20:53:04.975] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.03.31 20:53:04.975] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.03.31 20:53:04.975] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.03.31 20:53:04.975] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.03.31 20:53:04.975] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.03.31 20:53:04.975] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.03.31 20:53:04.975] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.03.31 20:53:04.975] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2015.03.31 20:53:04.979] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2015.03.31 20:53:04.982] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2015.03.31 20:53:04.982] - INFO: (XSW) Scanning for XSW variant...
[2015.03.31 20:53:04.989] - INFO: (XSW) Processing users subkeys...
[2015.03.31 20:53:04.992] - INFO: Win32/Poweliks found
[2015.03.31 20:53:24.624] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2015.03.31 20:53:24.625] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2015.03.31 20:53:24.626] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2015.03.31 20:53:24.626] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2015.03.31 20:53:24.626] - INFO: Processing classes...
[2015.03.31 20:53:24.629] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.629] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.629] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.630] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.631] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.631] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.631] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.631] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.631] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.631] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.631] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.631] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.632] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.632] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.632] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.632] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.632] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.632] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.632] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.632] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.632] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.632] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.633] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.634] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.635] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.636] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.637] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.638] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.639] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.640] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.641] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.642] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.643] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.644] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.645] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.646] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.647] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.648] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.649] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.650] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.651] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.652] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.653] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.654] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0066-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0069-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.655] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.656] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.656] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.656] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.656] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.656] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.656] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.656] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.656] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.657] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.658] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.659] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.660] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.661] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.662] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.663] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.664] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.665] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.666] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.667] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.668] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.669] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.670] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.671] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0078-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0079-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.672] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.673] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.674] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.675] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.676] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.677] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.678] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.679] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.680] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.681] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.682] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.683] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0060-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0061-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.684] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.685] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1004\SOFTWARE\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
[2015.03.31 20:53:24.686] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[2015.03.31 20:53:24.686] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2015.03.31 20:53:24.686] - INFO: Deleted classid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2015.03.31 20:53:24.686] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.686] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.686] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.686] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBB}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBC}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.687] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[2015.03.31 20:53:24.688] - INFO: Processing clsid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2015.03.31 20:53:24.688] - INFO: Deleted classid [\Registry\User\S-1-5-21-3003745939-3766210737-3386188188-1005\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2015.03.31 20:53:24.688] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.03.31 20:53:24.688] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.03.31 20:53:24.688] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.03.31 20:53:24.688] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.03.31 20:53:24.688] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.03.31 20:53:24.689] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.03.31 20:53:24.689] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.03.31 20:53:24.689] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.03.31 20:53:24.689] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.03.31 20:53:24.689] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2015.03.31 20:53:24.689] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2015.03.31 20:53:24.689] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2015.03.31 20:53:24.689] - INFO: (XSW) Scanning for XSW variant...
[2015.03.31 20:53:24.696] - INFO: (XSW) Processing users subkeys...
[2015.03.31 20:53:24.700] - INFO: Cleaning status: 1
[2015.03.31 20:53:30.830] - End
 


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Looks like it did something.  Run a FRST scan again and post the log.  let's see if poweliks still shows up.


  • 0

#10
sarahb16

sarahb16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sarah (ATTENTION: The logged in user is not administrator) on KRIS-PC on 01-04-2015 20:42:54
Running from C:\Users\Sarah\Desktop
Loaded Profiles: Sarah (Available profiles: Mitch & Sarah)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> winlogon.exe
Failed to access process -> atiesrxx.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> stacsv64.exe
Failed to access process -> svchost.exe
Failed to access process -> SLsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> atieclxx.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> AppleMobileDeviceService.exe
Failed to access process -> mDNSResponder.exe
Failed to access process -> CTDevSrv.exe
Failed to access process -> svchost.exe
Failed to access process -> IAANTmon.exe
Failed to access process -> MotoHelperService.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> ForwardDaemon.exe
Failed to access process -> SfCtlCom.exe
Failed to access process -> svchost.exe
Failed to access process -> TMBMSRV.exe
Failed to access process -> svchost.exe
Failed to access process -> WLIDSVC.EXE
Failed to access process -> SearchIndexer.exe
Failed to access process -> WLIDSVCM.EXE
Failed to access process -> WUDFHost.exe
(Primax Electronics Ltd.) C:\Windows\System32\ico.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
Failed to access process -> taskeng.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Failed to access process -> iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
Failed to access process -> svchost.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
Failed to access process -> WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [PMX Daemon] => C:\Windows\system32\ICO.EXE [91648 2006-11-08] (Primax Electronics Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1290504 2011-01-22] (Trend Micro Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [443904 2008-06-26] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2010-02-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\d9c80677-32e3-4c2c-83a0-f524e2ab9f9b.exe [183232 2015-03-30] (AVAST Software)
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\...\Run: [LadjaLkovz] => regsvr32.exe "C:\ProgramData\LadjaLkovz\GomajDuxec.rvm"
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe [960688 2015-02-05] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML ()
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG ()
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT ()
InternetURL: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL -> hxxp://7oqnsnzwwnm6zb7y.icepaytor.com/4j730
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3003745939-3766210737-3386188188-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-23] (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-06] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: No Name -> {C56CB6B0-0D96-11D6-8C65-B2868B609932} ->  No File
BHO-x32: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-20] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\zl5z1r55.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 -> C:\Windows\system32\npDeployJava1.dll [2012-08-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-08-23] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2008-11-06] (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2008-12-10] (DivX, Inc)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-11-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-06]

Chrome:
=======
CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-30]
CHR Extension: (Google Drive) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-30]
CHR Extension: (YouTube) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-30]
CHR Extension: (Google Search) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-30]
CHR Extension: (Avast Online Security) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-30]
CHR Extension: (Gmail) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-30]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Kris\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-06] (AVAST Software)
R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [File not signed]
S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) [File not signed]
S3 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\SysWOW64\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S4 MSSQL$BWDATOOLSET; c:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NlaSvc; C:\Windows\System32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [820488 2011-01-22] (Trend Micro Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe [246272 2008-06-26] (IDT, Inc.)
R2 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [563464 2011-01-22] (Trend Micro Inc.)
S3 TmPfw; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [587696 2011-01-22] (Trend Micro Inc.)
S3 tmproxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [854280 2011-01-22] (Trend Micro Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
S3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-06] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [0 2014-07-06] () <==== ATTENTION (zero size file/folder)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-07-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-06] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-07-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2009-03-14] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2009-03-14] ()
S3 motport; C:\Windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Motorola Mobility Inc)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14304 1999-07-28] () [File not signed]
R1 tmlwf; C:\Windows\System32\DRIVERS\tmlwf.sys [192528 2011-01-22] (Trend Micro Inc.)
R2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42768 2011-07-12] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [80912 2011-01-22] (Trend Micro Inc.)
R2 tmwfp; C:\Windows\System32\DRIVERS\tmwfp.sys [277008 2011-01-22] (Trend Micro Inc.)
R2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [342288 2011-07-12] (Trend Micro Inc.)
R2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [2077456 2011-07-12] (Trend Micro Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 20:52 - 2015-03-31 20:53 - 00632536 _____ () C:\Users\Sarah\Desktop\ESETPoweliksCleaner.exe_20150331.205249.9828.log
2015-03-31 20:52 - 2015-03-31 20:52 - 00000022 _____ () C:\Users\Sarah\Desktop\ESETPoweliksCleaner.exe_20150331.205249.9828.zip
2015-03-31 20:51 - 2015-03-31 20:47 - 00221384 _____ (ESET) C:\Users\Sarah\Desktop\ESETPoweliksCleaner.exe
2015-03-31 20:18 - 2015-03-31 20:25 - 00000000 ___SD () C:\ComboFix
2015-03-31 20:13 - 2015-03-30 23:26 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sarah\Desktop\TDSSKiller.exe
2015-03-30 23:09 - 2015-03-30 23:09 - 00000000 ____D () C:\Windows\erdnt
2015-03-30 23:09 - 2015-03-30 23:09 - 00000000 ____D () C:\Qoobox
2015-03-30 23:09 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-30 23:09 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-30 23:09 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-30 23:09 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-30 23:09 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-30 23:09 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-30 23:09 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-30 23:09 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-30 23:08 - 2015-03-30 23:05 - 05617067 ____R (Swearware) C:\Users\Sarah\Desktop\ComboFix.exe
2015-03-30 22:24 - 2015-03-30 22:24 - 00008546 _____ () C:\Users\Sarah\HELP_DECRYPT.HTML
2015-03-30 22:24 - 2015-03-30 22:24 - 00008546 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.HTML
2015-03-30 22:24 - 2015-03-30 22:24 - 00004210 _____ () C:\Users\Sarah\HELP_DECRYPT.TXT
2015-03-30 22:24 - 2015-03-30 22:24 - 00004210 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.TXT
2015-03-30 22:24 - 2015-03-30 22:24 - 00000272 _____ () C:\Users\Sarah\HELP_DECRYPT.URL
2015-03-30 22:24 - 2015-03-30 22:24 - 00000272 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.URL
2015-03-30 22:16 - 2015-03-30 22:16 - 00000000 ____D () C:\ProgramData\LadjaLkovz
2015-03-29 21:13 - 2015-04-01 20:43 - 00024436 _____ () C:\Users\Sarah\Desktop\FRST.txt
2015-03-29 21:09 - 2015-04-01 20:42 - 00000000 ____D () C:\FRST
2015-03-29 21:08 - 2015-03-29 21:04 - 02095616 _____ (Farbar) C:\Users\Sarah\Desktop\FRST64.exe
2015-03-29 20:55 - 2015-03-29 20:55 - 00000732 _____ () C:\Users\Sarah\AppData\Local\d3d9caps64.dat
2015-03-22 17:08 - 2015-03-22 17:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-01 20:25 - 2014-06-30 22:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-01 20:11 - 2012-06-16 21:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-01 18:54 - 2006-11-02 11:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-01 18:54 - 2006-11-02 11:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-01 17:15 - 2009-01-15 10:11 - 01573792 _____ () C:\Windows\WindowsUpdate.log
2015-04-01 07:25 - 2014-06-30 22:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-31 21:00 - 2006-11-02 08:46 - 00838784 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-31 20:54 - 2014-07-14 19:40 - 00010280 _____ () C:\Windows\system32\spsys.log
2015-03-31 20:54 - 2011-01-22 11:16 - 00058400 _____ () C:\Windows\PFRO.log
2015-03-31 20:54 - 2009-04-13 21:20 - 00000000 ____D () C:\temp
2015-03-31 20:54 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-31 20:53 - 2006-11-02 11:42 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-30 22:24 - 2015-02-18 14:43 - 00000000 ____D () C:\Users\Sarah\Downloads\comicpress
2015-03-30 22:24 - 2014-06-30 22:01 - 00000000 ____D () C:\Users\Sarah
2015-03-30 22:01 - 2014-07-06 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2015-03-30 21:57 - 2014-10-08 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-29 21:13 - 2014-01-24 11:15 - 00000000 ____D () C:\Users\Mitch
2015-03-27 00:32 - 2014-07-03 00:23 - 00000680 _____ () C:\Users\Sarah\AppData\Local\d3d9caps.dat
2015-03-26 23:49 - 2014-10-08 21:54 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Mozilla
2015-03-26 23:49 - 2014-07-01 21:56 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Skype
2015-03-26 23:49 - 2014-07-01 21:56 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Skype
2015-03-26 23:49 - 2014-06-30 22:02 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Adobe
2015-03-26 23:48 - 2014-07-01 23:46 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Apple Computer
2015-03-26 23:48 - 2014-06-30 22:03 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Google
2015-03-26 23:47 - 2012-08-28 18:22 - 00000000 ____D () C:\ProgramData\Battle.net
2015-03-26 23:47 - 2010-03-14 20:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-03-21 20:14 - 2014-06-30 22:05 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-10 19:23 - 2006-11-02 11:27 - 00168974 _____ () C:\Windows\setupact.log

==================== Files in the root of some directories =======

2014-09-16 22:19 - 2014-09-16 22:19 - 0079872 _____ () C:\Users\Sarah\AppData\Roaming\dvdmbtb.dll
2015-03-26 23:49 - 2015-03-26 23:49 - 0045789 _____ () C:\Users\Sarah\AppData\Roaming\HELP_DECRYPT.PNG
2014-09-16 22:19 - 2014-09-16 22:19 - 0000000 _____ () C:\Users\Sarah\AppData\Roaming\ubchr.dll
2014-07-03 00:23 - 2015-03-27 00:32 - 0000680 _____ () C:\Users\Sarah\AppData\Local\d3d9caps.dat
2015-03-29 20:55 - 2015-03-29 20:55 - 0000732 _____ () C:\Users\Sarah\AppData\Local\d3d9caps64.dat
2015-02-18 18:10 - 2015-02-18 18:10 - 0003584 _____ () C:\Users\Sarah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-26 23:49 - 2015-03-26 23:49 - 0045789 _____ () C:\Users\Sarah\AppData\Local\HELP_DECRYPT.PNG
2014-07-24 21:16 - 2014-07-24 21:16 - 0001536 _____ () C:\Users\Sarah\AppData\Local\recently-used.xbel
2009-11-14 14:46 - 2014-01-23 16:28 - 0006754 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Sarah\AppData\Local\Temp\repfix.exe

Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\aswMonFlt.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

ATTENTION: ==> Could not access BCD. Check to make sure user is administrator or see Addition.txt for additional information.

==================== End Of Log ============================


  • 0

Advertisements


#11
sarahb16

sarahb16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Sarah at 2015-04-01 20:43:40
Running from C:\Users\Sarah\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Trend Micro Internet Security (Disabled - Out of date) {48929DFC-7A52-A34F-8351-C4DBEDBD9C50}
AS: Trend Micro Internet Security (Disabled - Out of date) {F3F37C18-5C68-ACC1-B9E1-FFA9963AD6ED}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Trend Micro Personal Firewall (Disabled) {70A91CD9-303D-A217-A80E-6DEE136EDB2B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAC Decoder (HKLM-x32\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader 9.5.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.1 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.0409.2230 - )
ATI Catalyst Install Manager (HKLM\...\{9C81B8DC-A1C2-56E3-A22B-FC00C0DE1454}) (Version: 3.0.719.0 - ATI Technologies, Inc.)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM-x32\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
Browser Address Error Redirector (HKLM-x32\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
ccc-core-static (x32 Version: 2008.0409.2231.38463 - ATI) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant D850 PCI V.92 Modem (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.74.00 - Conexant)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
Creative Centrale (x32 Version: 1.03.01 - Creative Technology Ltd.) Hidden
Creative Software Update (x32 Version: 1.01.02 - Creative Technology Ltd.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.0.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.0.0.19 - DivX, Inc.)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.2 - DivX,Inc.)
DJ_AIO_05_F4400_Software_Min (x32 Version: 130.0.448.000 - Hewlett-Packard) Hidden
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.01 - Electronic Arts, Inc.)
DVDx 2 (HKLM-x32\...\{4EC8B911-98AB-4819-B5EE-D32E8A0A8AAA}_is1) (Version: 2.20 - labDV®)
EDocs (HKLM-x32\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version:  - )
F4400 (x32 Version: 130.0.448.000 - Hewlett-Packard) Hidden
Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
Game Elements PC Recoil Pad (HKLM-x32\...\Game Elements PC Recoil Pad) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GTK+ Runtime 2.14.6 rev a (remove only) (HKLM-x32\...\GTK 2.0) (Version:  - )
H.264 Decoder (HKLM-x32\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.0.0 - DivX, Inc.)
Hauppauge MCE XP/Vista Software Encoder (2.0.25296) (HKLM-x32\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25296 - Hauppauge Computer Works, Inc.)
Hauppauge TV Tuner Driver (x32 Version: 2.0.25312 - Hauppauge Computer Works) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5 (HKLM\...\{5AEBB4A3-6878-4CEE-AD34-0F6958A983F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 6 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417006FF}) (Version: 7.0.60 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java™ 6 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216013F0}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java™ 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java™ 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 1.3.1.6 - Juniper Networks)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Player Classic - Home Cinema 1.6.0.4014 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.0.4014 - MPC-HC Team)
Memorex exPressit Label Design Studio (HKLM-x32\...\MVApplication1) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{86A4C6D9-29EE-4719-AFA1-BA3341862B83}) (Version: 3.4.54.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{1FDA5A37-B22D-43FF-B582-B8964050DC13}) (Version: 3.4.18.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Meeting 2005 (HKLM-x32\...\{AB6972B2-CF5D-4CC8-AF4F-B5D6888AB120}) (Version: 7.9.3812.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MKV Splitter (HKLM-x32\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.0 - DivX, Inc.)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.24.0 - Dell)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mouse Suite for Desktop Computers (HKLM-x32\...\{448E2D77-E504-4221-B2C2-93646B344729}) (Version: 2.50.025 - Dell)
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NetWaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.53 - BVRP Software, Inc)
NVIDIA PhysX (HKLM-x32\...\{9530AE42-DAE1-4619-9594-B23487285D17}) (Version: 9.11.1107 - NVIDIA Corporation)
Paint Shop Pro 7 Try And Buy (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.4.0000 - Jasc Software Inc)
Philips Retractable PC Controller (HKLM-x32\...\Philips Retractable PC Controller) (Version:  - )
QuickTime (HKLM-x32\...\{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}) (Version: 7.65.17.80 - Apple Inc.)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
RiffTrax DVD Player (x32 Version: 1.9.8.8 - RiffTrax) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SDP Downloader (HKLM-x32\...\{B547CB8D-549A-436E-97B5-E79F911B11E2}) (Version: 2.3.0 - SDP Multimedia)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skins (x32 Version: 2008.0409.2231.38463 - ATI) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Super Mario Bros. X (HKLM-x32\...\Super Mario Bros. X) (Version:  - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 16.60 - Trend Micro Inc.)
Trend Micro Internet Security (Version: 16.60 - Trend Micro Inc.) Hidden
uTorrentControl2 Toolbar (HKLM-x32\...\uTorrentControl2 Toolbar) (Version: 6.8.11.4 - uTorrentControl2) <==== ATTENTION
Vista Codec Package (HKLM-x32\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.1.3 - Shark007)
VistaCodecs x64 Components v1.7.0 (HKLM\...\VistaCodecs x64 Components_is1) (Version: 1.7.0 - Shark007)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 08:34 - 2009-09-08 06:32 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>

==================== Loaded Modules (whitelisted) ==============

2014-08-27 10:56 - 2014-08-27 10:56 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\8e096e2e926e5c3322b933ec71be999a\VistaBridgeLibrary.ni.dll
2009-01-15 17:42 - 2009-03-16 16:26 - 00120320 _____ () C:\Windows\system32\atitmm64.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8B4F37E5

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3003745939-3766210737-3386188188-1005\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: dbWIMgmt => rundll32.exe "C:\Users\Kris\AppData\Local\SysMain64\dbWIMgmt.dll",Devobjmm msGL80

==================== Accounts: =============================

Administrator (S-1-5-21-3003745939-3766210737-3386188188-500 - Administrator - Disabled)
Guest (S-1-5-21-3003745939-3766210737-3386188188-501 - Limited - Enabled)
Mitch (S-1-5-21-3003745939-3766210737-3386188188-1004 - Administrator - Enabled) => C:\Users\Mitch
Sarah (S-1-5-21-3003745939-3766210737-3386188188-1005 - Limited - Enabled) => C:\Users\Sarah

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/31/2015 09:00:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application IEXPLORE.EXE, version 9.0.8112.16563, time stamp 0x53d14764, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e00, exception code 0xc0000005, fault offset 0x00030226,
process id 0x10f8, application start time 0xIEXPLORE.EXE0.

Error: (03/31/2015 08:55:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2015 10:50:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 9.0.8112.16563 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 2460
Start Time: 01d06b5c9e4e4837
Termination Time: 0

Error: (03/30/2015 10:48:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16563, time stamp 0x4549b470, faulting module Flash32_16_0_0_305.ocx, version 16.0.0.305, time stamp 0x54cff11b, exception code 0xc0000005, fault offset 0x0065cd8c,
process id 0x1e98, application start time 0xiexplore.exe0.

Error: (03/30/2015 10:43:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 9.0.8112.16563 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1028
Start Time: 01d06b5ae18b0777
Termination Time: 0

Error: (03/30/2015 10:27:58 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SARAH\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\HELP_DECRYPT.URL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2015 10:27:58 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SARAH\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\HELP_DECRYPT.URL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2015 10:27:58 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SARAH\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\HELP_DECRYPT.TXT> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2015 10:27:58 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SARAH\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\HELP_DECRYPT.TXT> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2015 10:27:58 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SARAH\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\HELP_DECRYPT.PNG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

System errors:
=============
Error: (03/31/2015 08:55:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: avast! AntivirusaswMonFlt%%193

Error: (03/31/2015 08:55:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: aswMonFlt%%193

Error: (03/31/2015 08:17:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqcxs084

Error: (03/31/2015 09:11:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqcxs083

Error: (03/30/2015 11:10:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqcxs082

Error: (03/30/2015 11:09:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: HP CUE DeviceDiscovery Service1

Error: (03/30/2015 11:09:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqcxs081

Error: (03/30/2015 10:14:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (03/30/2015 10:11:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: avast! AntivirusaswMonFlt%%193

Error: (03/30/2015 10:11:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: aswMonFlt%%193

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-09-08 20:13:56.761
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\TIS17.5pro_dell_en_setup\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:13:56.612
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\TIS17.5pro_dell_en_setup\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:13:56.465
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\TIS17.5pro_dell_en_setup\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:13:56.291
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\TIS17.5pro_dell_en_setup\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:08:52.176
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\en-US_TISDell_Download\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:08:52.028
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\en-US_TISDell_Download\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:08:51.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\en-US_TISDell_Download\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:08:51.709
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\en-US_TISDell_Download\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-01 21:25:08.895
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\DisplayFusion\DisplayFusionHookx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-01 21:25:08.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\DisplayFusion\DisplayFusionHookx64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 74%
Total physical RAM: 6077.03 MB
Available physical RAM: 1547.8 MB
Total Pagefile: 12365.08 MB
Available Pagefile: 10326.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:683.57 GB) (Free:395.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:8.39 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

It looks like it got it but I can't really be sure because your login does not have administrative power so FRST isn't right.

 

Can you log in with Mitch and do another FRST scan?


  • 0

#13
sarahb16

sarahb16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mitch (administrator) on KRIS-PC on 02-04-2015 15:14:58
Running from C:\Users\Mitch\Desktop
Loaded Profiles: Mitch (Available profiles: Mitch & Sarah)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Primax Electronics Ltd.) C:\Windows\System32\ico.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Mitch\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Primax Electronics Ltd.) C:\Windows\System32\pmxmiced.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [PMX Daemon] => C:\Windows\system32\ICO.EXE [91648 2006-11-08] (Primax Electronics Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1290504 2011-01-22] (Trend Micro Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [443904 2008-06-26] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2010-02-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\...\Run: [Amazon Music] => C:\Users\Mitch\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML ()
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG ()
Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT ()
InternetURL: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL -> hxxp://7oqnsnzwwnm6zb7y.icepaytor.com/4j730
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...&p={searchTerms}
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl
URLSearchHook: HKLM-x32 - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3003745939-3766210737-3386188188-1004 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-23] (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-06] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: No Name -> {C56CB6B0-0D96-11D6-8C65-B2868B609932} ->  No File
BHO-x32: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-20] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mitch\AppData\Roaming\Mozilla\Firefox\Profiles\aj64lc09.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 -> C:\Windows\system32\npDeployJava1.dll [2012-08-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-08-23] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2008-11-06] (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2008-12-10] (DivX, Inc)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-11-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-06]

Chrome:
=======
CHR Profile: C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-06]
CHR Extension: (Google Drive) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (YouTube) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06]
CHR Extension: (Google Search) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-08]
CHR Extension: (Google Wallet) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-06]
CHR Extension: (Gmail) - C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Kris\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-06] (AVAST Software)
R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [File not signed]
S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) [File not signed]
S3 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S4 MSSQL$BWDATOOLSET; c:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [820488 2011-01-22] (Trend Micro Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe [246272 2008-06-26] (IDT, Inc.)
R2 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [563464 2011-01-22] (Trend Micro Inc.)
S3 TmPfw; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [587696 2011-01-22] (Trend Micro Inc.)
S3 tmproxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [854280 2011-01-22] (Trend Micro Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
S3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-06] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [0 2014-07-06] () <==== ATTENTION (zero size file/folder)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-07-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-06] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-07-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2009-03-14] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2009-03-14] ()
S3 motport; C:\Windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Motorola Mobility Inc)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14304 1999-07-28] () [File not signed]
R1 tmlwf; C:\Windows\System32\DRIVERS\tmlwf.sys [192528 2011-01-22] (Trend Micro Inc.)
R2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42768 2011-07-12] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [80912 2011-01-22] (Trend Micro Inc.)
R2 tmwfp; C:\Windows\System32\DRIVERS\tmwfp.sys [277008 2011-01-22] (Trend Micro Inc.)
R2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [342288 2011-07-12] (Trend Micro Inc.)
R2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [2077456 2011-07-12] (Trend Micro Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-02 15:14 - 2015-04-02 15:15 - 00023819 _____ () C:\Users\Mitch\Desktop\FRST.txt
2015-04-02 15:14 - 2015-03-29 21:04 - 02095616 _____ (Farbar) C:\Users\Mitch\Desktop\FRST64.exe
2015-04-01 20:43 - 2015-04-01 20:43 - 00028524 _____ () C:\Users\Sarah\Desktop\Addition.txt
2015-03-31 20:52 - 2015-03-31 20:53 - 00632536 _____ () C:\Users\Sarah\Desktop\ESETPoweliksCleaner.exe_20150331.205249.9828.log
2015-03-31 20:52 - 2015-03-31 20:52 - 00000022 _____ () C:\Users\Sarah\Desktop\ESETPoweliksCleaner.exe_20150331.205249.9828.zip
2015-03-31 20:51 - 2015-03-31 20:47 - 00221384 _____ (ESET) C:\Users\Sarah\Desktop\ESETPoweliksCleaner.exe
2015-03-31 20:18 - 2015-03-31 20:25 - 00000000 ___SD () C:\ComboFix
2015-03-31 20:13 - 2015-03-30 23:26 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sarah\Desktop\TDSSKiller.exe
2015-03-30 23:09 - 2015-03-30 23:09 - 00000000 ____D () C:\Windows\erdnt
2015-03-30 23:09 - 2015-03-30 23:09 - 00000000 ____D () C:\Qoobox
2015-03-30 23:09 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-30 23:09 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-30 23:09 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-30 23:09 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-30 23:09 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-30 23:09 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-30 23:09 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-30 23:09 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-30 23:08 - 2015-03-30 23:05 - 05617067 ____R (Swearware) C:\Users\Sarah\Desktop\ComboFix.exe
2015-03-30 22:24 - 2015-03-30 22:24 - 00008546 _____ () C:\Users\Sarah\HELP_DECRYPT.HTML
2015-03-30 22:24 - 2015-03-30 22:24 - 00008546 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.HTML
2015-03-30 22:24 - 2015-03-30 22:24 - 00004210 _____ () C:\Users\Sarah\HELP_DECRYPT.TXT
2015-03-30 22:24 - 2015-03-30 22:24 - 00004210 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.TXT
2015-03-30 22:24 - 2015-03-30 22:24 - 00000272 _____ () C:\Users\Sarah\HELP_DECRYPT.URL
2015-03-30 22:24 - 2015-03-30 22:24 - 00000272 _____ () C:\Users\Sarah\Downloads\HELP_DECRYPT.URL
2015-03-30 22:16 - 2015-03-30 22:16 - 00000000 ____D () C:\ProgramData\LadjaLkovz
2015-03-29 21:13 - 2015-04-01 20:43 - 00032325 _____ () C:\Users\Sarah\Desktop\FRST.txt
2015-03-29 21:09 - 2015-04-02 15:14 - 00000000 ____D () C:\FRST
2015-03-29 21:08 - 2015-03-29 21:04 - 02095616 _____ (Farbar) C:\Users\Sarah\Desktop\FRST64.exe
2015-03-29 20:55 - 2015-03-29 20:55 - 00000732 _____ () C:\Users\Sarah\AppData\Local\d3d9caps64.dat
2015-03-26 23:47 - 2015-03-26 23:47 - 00002772 _____ () C:\Windows\System32\Tasks\task432902228
2015-03-22 17:08 - 2015-03-22 17:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-10 19:26 - 2015-03-10 19:26 - 14487928 _____ (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) C:\Users\Mitch\Downloads\R78500.EXE
2015-03-10 19:25 - 2015-03-10 19:25 - 08874624 _____ (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) C:\Users\Mitch\Downloads\R87461.EXE
2015-03-07 02:55 - 2015-03-08 14:03 - 00005120 _____ () C:\Users\Mitch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-02 15:14 - 2014-06-30 22:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-02 15:14 - 2009-01-15 10:11 - 01665465 _____ () C:\Windows\WindowsUpdate.log
2015-04-02 15:13 - 2009-04-13 21:20 - 00000000 ____D () C:\temp
2015-04-02 15:11 - 2012-06-16 21:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-02 14:54 - 2006-11-02 11:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-02 14:54 - 2006-11-02 11:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-02 14:25 - 2014-06-30 22:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-31 21:00 - 2006-11-02 08:46 - 00838784 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-31 20:54 - 2014-07-14 19:40 - 00010280 _____ () C:\Windows\system32\spsys.log
2015-03-31 20:54 - 2011-01-22 11:16 - 00058400 _____ () C:\Windows\PFRO.log
2015-03-31 20:54 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-31 20:53 - 2006-11-02 11:42 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-30 22:24 - 2015-02-18 14:43 - 00000000 ____D () C:\Users\Sarah\Downloads\comicpress
2015-03-30 22:24 - 2014-06-30 22:01 - 00000000 ____D () C:\Users\Sarah
2015-03-30 22:01 - 2014-07-06 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2015-03-30 21:57 - 2014-10-08 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-29 21:13 - 2014-01-24 11:15 - 00000000 ____D () C:\Users\Mitch
2015-03-27 09:04 - 2014-10-02 21:14 - 00000000 ____D () C:\Users\Mitch\AppData\Roaming\Skype
2015-03-27 00:32 - 2014-07-03 00:23 - 00000680 _____ () C:\Users\Sarah\AppData\Local\d3d9caps.dat
2015-03-26 23:49 - 2014-10-08 21:54 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Mozilla
2015-03-26 23:49 - 2014-07-01 21:56 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Skype
2015-03-26 23:49 - 2014-07-01 21:56 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Skype
2015-03-26 23:49 - 2014-06-30 22:02 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Adobe
2015-03-26 23:48 - 2014-07-01 23:46 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Apple Computer
2015-03-26 23:48 - 2014-06-30 22:03 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Google
2015-03-26 23:47 - 2012-08-28 18:22 - 00000000 ____D () C:\ProgramData\Battle.net
2015-03-26 23:47 - 2010-03-14 20:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-03-21 20:14 - 2014-06-30 22:05 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-10 19:23 - 2006-11-02 11:27 - 00168974 _____ () C:\Windows\setupact.log
2015-03-08 10:18 - 2015-02-28 18:10 - 00000000 ____D () C:\Users\Mitch\Documents\red usb drive

==================== Files in the root of some directories =======

2014-01-24 16:23 - 2014-10-16 09:07 - 0000680 _____ () C:\Users\Mitch\AppData\Local\d3d9caps.dat
2015-03-07 02:55 - 2015-03-08 14:03 - 0005120 _____ () C:\Users\Mitch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-11-14 14:46 - 2014-01-23 16:28 - 0006754 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Mitch\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Mitch\AppData\Local\Temp\ose00000.exe
C:\Users\Mitch\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sarah\AppData\Local\Temp\repfix.exe

Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\aswMonFlt.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-02 09:23

==================== End Of Log ============================


  • 0

#14
sarahb16

sarahb16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Mitch at 2015-04-02 15:15:33
Running from C:\Users\Mitch\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Trend Micro Internet Security (Disabled - Out of date) {48929DFC-7A52-A34F-8351-C4DBEDBD9C50}
AS: Trend Micro Internet Security (Disabled - Out of date) {F3F37C18-5C68-ACC1-B9E1-FFA9963AD6ED}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Trend Micro Personal Firewall (Disabled) {70A91CD9-303D-A217-A80E-6DEE136EDB2B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAC Decoder (HKLM-x32\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader 9.5.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.1 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.0409.2230 - )
ATI Catalyst Install Manager (HKLM\...\{9C81B8DC-A1C2-56E3-A22B-FC00C0DE1454}) (Version: 3.0.719.0 - ATI Technologies, Inc.)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM-x32\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
Browser Address Error Redirector (HKLM-x32\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
ccc-core-static (x32 Version: 2008.0409.2231.38463 - ATI) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant D850 PCI V.92 Modem (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.74.00 - Conexant)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
Creative Centrale (x32 Version: 1.03.01 - Creative Technology Ltd.) Hidden
Creative Software Update (x32 Version: 1.01.02 - Creative Technology Ltd.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.0.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.0.0.19 - DivX, Inc.)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.2 - DivX,Inc.)
DJ_AIO_05_F4400_Software_Min (x32 Version: 130.0.448.000 - Hewlett-Packard) Hidden
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.01 - Electronic Arts, Inc.)
DVDx 2 (HKLM-x32\...\{4EC8B911-98AB-4819-B5EE-D32E8A0A8AAA}_is1) (Version: 2.20 - labDV®)
EDocs (HKLM-x32\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version:  - )
F4400 (x32 Version: 130.0.448.000 - Hewlett-Packard) Hidden
Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
Game Elements PC Recoil Pad (HKLM-x32\...\Game Elements PC Recoil Pad) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GTK+ Runtime 2.14.6 rev a (remove only) (HKLM-x32\...\GTK 2.0) (Version:  - )
H.264 Decoder (HKLM-x32\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.0.0 - DivX, Inc.)
Hauppauge MCE XP/Vista Software Encoder (2.0.25296) (HKLM-x32\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25296 - Hauppauge Computer Works, Inc.)
Hauppauge TV Tuner Driver (x32 Version: 2.0.25312 - Hauppauge Computer Works) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5 (HKLM\...\{5AEBB4A3-6878-4CEE-AD34-0F6958A983F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 6 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417006FF}) (Version: 7.0.60 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java™ 6 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216013F0}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java™ 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java™ 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 1.3.1.6 - Juniper Networks)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Player Classic - Home Cinema 1.6.0.4014 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.0.4014 - MPC-HC Team)
Memorex exPressit Label Design Studio (HKLM-x32\...\MVApplication1) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{86A4C6D9-29EE-4719-AFA1-BA3341862B83}) (Version: 3.4.54.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{1FDA5A37-B22D-43FF-B582-B8964050DC13}) (Version: 3.4.18.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Meeting 2005 (HKLM-x32\...\{AB6972B2-CF5D-4CC8-AF4F-B5D6888AB120}) (Version: 7.9.3812.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MKV Splitter (HKLM-x32\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.0 - DivX, Inc.)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.24.0 - Dell)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mouse Suite for Desktop Computers (HKLM-x32\...\{448E2D77-E504-4221-B2C2-93646B344729}) (Version: 2.50.025 - Dell)
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NetWaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.53 - BVRP Software, Inc)
NVIDIA PhysX (HKLM-x32\...\{9530AE42-DAE1-4619-9594-B23487285D17}) (Version: 9.11.1107 - NVIDIA Corporation)
Paint Shop Pro 7 Try And Buy (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.4.0000 - Jasc Software Inc)
Philips Retractable PC Controller (HKLM-x32\...\Philips Retractable PC Controller) (Version:  - )
QuickTime (HKLM-x32\...\{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}) (Version: 7.65.17.80 - Apple Inc.)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
RiffTrax DVD Player (x32 Version: 1.9.8.8 - RiffTrax) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SDP Downloader (HKLM-x32\...\{B547CB8D-549A-436E-97B5-E79F911B11E2}) (Version: 2.3.0 - SDP Multimedia)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skins (x32 Version: 2008.0409.2231.38463 - ATI) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Super Mario Bros. X (HKLM-x32\...\Super Mario Bros. X) (Version:  - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 16.60 - Trend Micro Inc.)
Trend Micro Internet Security (Version: 16.60 - Trend Micro Inc.) Hidden
uTorrentControl2 Toolbar (HKLM-x32\...\uTorrentControl2 Toolbar) (Version: 6.8.11.4 - uTorrentControl2) <==== ATTENTION
Vista Codec Package (HKLM-x32\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.1.3 - Shark007)
VistaCodecs x64 Components v1.7.0 (HKLM\...\VistaCodecs x64 Components_is1) (Version: 1.7.0 - Shark007)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

20-03-2015 23:20:22 Scheduled Checkpoint
23-03-2015 05:21:56 Scheduled Checkpoint
24-03-2015 01:59:07 Windows Update
25-03-2015 00:00:26 Scheduled Checkpoint
27-03-2015 04:02:24 Scheduled Checkpoint
29-03-2015 21:30:48 Windows Update
31-03-2015 22:10:16 Scheduled Checkpoint
02-04-2015 00:00:06 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 08:34 - 2009-09-08 06:32 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02ADC3D5-095C-48E9-B11A-2339776498CF} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {0A7C9C56-BCC7-4C52-BBDA-370E3619CF6C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Kris => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {1372F740-5389-4AC5-938D-F1EC737F64E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-30] (Google Inc.)
Task: {26C5F298-465E-4F7F-9FDF-A9ECBC66A15C} - System32\Tasks\Leader Technologies\PowerRegister\Seagate NA0LH4H4 Product Registration (Kris) => C:\Users\Kris\AppData\Roaming\Leadertech\PowerRegister\Seagate NA0LH4H4 Product Registration.exe
Task: {2CE3C139-BCB0-42D3-829D-86EABB78AF18} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-30] (Google Inc.)
Task: {3858CBB8-7B4B-4FAE-914C-56BB9591A536} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {3958734D-F6E2-449C-96FC-CF43A70D9EB3} - System32\Tasks\93c88880 => C:\Users\Kris\AppData\Local\Temp\\setup2290491264.exe <==== ATTENTION
Task: {3FDFBEEF-8F6E-42CE-89FD-9A19136A7245} - System32\Tasks\task432902228
Task: {3FFE5F48-FAEE-4C27-A54E-9F1E080987FD} - System32\Tasks\{C154E818-EDC2-4ECC-89F8-10F33599A2B4} => pcalua.exe -a C:\Users\Kris\nesten-061b2pre.exe
Task: {4E36648C-4E9E-4CEE-B083-D896AFE34512} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {650F69E6-2E52-43B3-9904-096245C6B1FF} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {B5906F45-97AC-4A14-B4FD-CA71CE1480D1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-06] (AVAST Software)
Task: {C03D36FD-FC1B-49B9-A519-924ABEF8C52A} - System32\Tasks\{F39E13D9-1AC7-48FF-9C87-E9196BBC483C} => pcalua.exe -a C:\Users\Kris\9-4_vista64_win7_64_dd.exe -d C:\Users\Kris
Task: {D31EC254-4B82-4328-99D2-4BA7E1FE1804} - System32\Tasks\{AB2BCA31-D4A8-B05D-6BDA-F2CD77AC0341} => C:\Users\Sarah\AppData\Roaming\dvdmbtb.dll [2014-09-16] () <==== ATTENTION
Task: {F4123A61-6A81-41F9-B7E3-0C7924AE46C8} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-01-22 11:34 - 2011-01-22 11:34 - 00205064 _____ () C:\Program Files\Trend Micro\Internet Security\UfPack.dll
2009-01-15 17:42 - 2009-03-16 16:26 - 00120320 _____ () C:\Windows\system32\atitmm64.dll
2015-01-16 00:41 - 2014-12-08 02:27 - 06277952 _____ () C:\Users\Mitch\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-08-27 10:56 - 2014-08-27 10:56 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\8e096e2e926e5c3322b933ec71be999a\VistaBridgeLibrary.ni.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-31 11:05 - 2013-10-31 11:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-07-06 17:16 - 2014-07-06 17:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-06 17:16 - 2014-07-06 17:16 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8B4F37E5

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3003745939-3766210737-3386188188-1004\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: dbWIMgmt => rundll32.exe "C:\Users\Kris\AppData\Local\SysMain64\dbWIMgmt.dll",Devobjmm msGL80

==================== Accounts: =============================

Administrator (S-1-5-21-3003745939-3766210737-3386188188-500 - Administrator - Disabled)
Guest (S-1-5-21-3003745939-3766210737-3386188188-501 - Limited - Enabled)
Mitch (S-1-5-21-3003745939-3766210737-3386188188-1004 - Administrator - Enabled) => C:\Users\Mitch
Sarah (S-1-5-21-3003745939-3766210737-3386188188-1005 - Limited - Enabled) => C:\Users\Sarah

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/31/2015 09:00:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application IEXPLORE.EXE, version 9.0.8112.16563, time stamp 0x53d14764, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e00, exception code 0xc0000005, fault offset 0x00030226,
process id 0x10f8, application start time 0xIEXPLORE.EXE0.

Error: (03/31/2015 08:55:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2015 10:50:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 9.0.8112.16563 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 2460
Start Time: 01d06b5c9e4e4837
Termination Time: 0

Error: (03/30/2015 10:48:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16563, time stamp 0x4549b470, faulting module Flash32_16_0_0_305.ocx, version 16.0.0.305, time stamp 0x54cff11b, exception code 0xc0000005, fault offset 0x0065cd8c,
process id 0x1e98, application start time 0xiexplore.exe0.

Error: (03/30/2015 10:43:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 9.0.8112.16563 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1028
Start Time: 01d06b5ae18b0777
Termination Time: 0

Error: (03/30/2015 10:27:58 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SARAH\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\HELP_DECRYPT.URL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2015 10:27:58 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SARAH\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\HELP_DECRYPT.URL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2015 10:27:58 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SARAH\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\HELP_DECRYPT.TXT> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2015 10:27:58 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SARAH\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\HELP_DECRYPT.TXT> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2015 10:27:58 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SARAH\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\HELP_DECRYPT.PNG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

System errors:
=============
Error: (03/31/2015 08:55:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: avast! AntivirusaswMonFlt%%193

Error: (03/31/2015 08:55:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: aswMonFlt%%193

Error: (03/31/2015 08:17:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqcxs084

Error: (03/31/2015 09:11:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqcxs083

Error: (03/30/2015 11:10:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqcxs082

Error: (03/30/2015 11:09:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: HP CUE DeviceDiscovery Service1

Error: (03/30/2015 11:09:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqcxs081

Error: (03/30/2015 10:14:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (03/30/2015 10:11:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: avast! AntivirusaswMonFlt%%193

Error: (03/30/2015 10:11:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: aswMonFlt%%193

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-09-08 20:13:56.761
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\TIS17.5pro_dell_en_setup\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:13:56.612
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\TIS17.5pro_dell_en_setup\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:13:56.465
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\TIS17.5pro_dell_en_setup\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:13:56.291
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\TIS17.5pro_dell_en_setup\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:08:52.176
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\en-US_TISDell_Download\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:08:52.028
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\en-US_TISDell_Download\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:08:51.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\en-US_TISDell_Download\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-08 20:08:51.709
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Kris\en-US_TISDell_Download\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-01 21:25:08.895
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\DisplayFusion\DisplayFusionHookx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-01 21:25:08.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\DisplayFusion\DisplayFusionHookx64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 73%
Total physical RAM: 6077.03 MB
Available physical RAM: 1625.35 MB
Total Pagefile: 12365.08 MB
Available Pagefile: 9729.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:683.57 GB) (Free:394.82 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:8.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 90000000)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=683.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

There are several tasks that I can see now that need to go plus some deadwood so let's do a FRST fix again.

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that. 
 
 
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
 
Your Avast is out of date and probably broken so right click on the orange ball if you can see it and select Update then Program.  If you can't see it then start Avast from All Programs, Avast Software, Avast Free Antivirus then Settings, Update and click on the update button under Program.  Once it updates it will probably want to reboot.  After the reboot it may offer you dropbox and/or an upgrade to the paid program but decline them and stick with the Basic program.
 
 Run FRST again (remember to right click and Run As Admin) , check the Additions box and then Scan.  You will get two logs.  Post them both.
 
Reboot and then:
 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
sfc  /scannow
 
(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then do the stuff in the box below.  In either case continure with VEW below the box:)
 
Copy the next two lines:


findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 


Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.
 
Some people object to the voice notification of updates in Avast.  To turn it off, click on the Avast ball then on Settings then on Appearance.  Then on Sounds and uncheck Automatic Updates OK.  (It will still update it just won't tell you about in a loud voice in the middle of the night.)
 
They have also started using their info popup to try and get you to upgrade so I go into Settings, Appearance, Popups and change the first two to 1 second.  Their Browser Cleanup is not so user friendly since it wants to reset your home page and search engine to Yahoo so I go into Settings, Tools, and turn it off.
 
If you haven't registered already then right click on the orange ball and select Registration Information and click on the link.  (They just want you name and email address).  The registration is good for 12-14 months then you will need to register again.  They will, of course, try to talk you into buying the product but you can always register again for another year free tho it may not be the default.
 
Tonight while you sleep let Avast do a boot-time scan.  Can take 6 hours which is why I say let it run while you sleep.:
 
How to do a boot-time scan while you sleep:
First mute the speakers so it won't wake you up when Windows loads.  Click on the Orange ball.  Click on Scan, then Scan for Viruses and wait a couple of minutes for the page to change.  Change Quickscan to Boot-time Scan.  Click on Settings.  Where it says Heuristic Sensitivity click on the last rectangle so that all of them are  orange and it says High.  Check both boxes.  Then change When a threat is found ... to:  Move to Chest.  OK.  Now click on Start.  Close the Avast window and then reboot.  The scan will start.  It will tell you where it will save the report.  Usually it's 
C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.  When Windows loads Click on the Orange Ball then Scan, Then Scan History (at the bottom of the page). Click on the last scan and then Detailed Report.  If it found anything then open the aswBoot.txt file and copy and paste it.  If you can't find it then take a screen shot of the Detailed Report:
 
 
Ron

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP