|Just googled & skimmed through the read me using the keyword > log in search, shall leave the detail reading up to you.|
Here are a few items that may help.
This is necessary to find out what software is
responsible for the hive handle in processes used for many purposes (e.g.
svchost.exe, dllhost.exe, winmgmt.exe). To enable call stack logging use the
registry editor to set:
HKLM\System\CurrentControlSet\Services\UPHClean\Parameters\CALLSTACK_LOG to 1.
Logging the call stack is computationally and memory intensive. You should use
this option to collect information and then turn it off. To get more accurate
call stack logging it may be necessary to get symbols installed on the
computer. You can read about getting symbols at:
Here are 2 Event programs that may help.
Event Log Explorer