Application errors potentially causing crashes in services is this due to a malware/virus? Attached the Attach.txt instead of pasting it because errors come in every 3minutes and have made the txt quite big and fill with lines of the same error messages about services being terminated unexpectedly. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.23.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16721 rems :: REMS-PC [administrator] 23-Oct-13 21:49:48 mbam-log-2013-10-23 (21-49-48).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 250806 Time elapsed: 2 minute(s), 30 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720 Run by rems at 21:54:20 on 2013-10-23 #Option Extended Search is enabled. Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8190.5773 [GMT -4:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} . ============== Running Processes =============== . C:\\Windows\\system32\\lsm.exe C:\\Windows\\system32\\svchost.exe -k DcomLaunch C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\avguard.exe C:\\Windows\\system32\\svchost.exe -k RPCSS C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\avshadow.exe C:\\Windows\\system32\\atiesrxx.exe C:\\Windows\\System32\\svchost.exe -k LocalServiceNetworkRestricted C:\\Windows\\System32\\svchost.exe -k LocalSystemNetworkRestricted C:\\Windows\\system32\\svchost.exe -k LocalService C:\\Program Files (x86)\\Common Files\\logishrd\\LVMVFM\\UMVPFSrv.exe C:\\Windows\\system32\\svchost.exe -k GPSvcGroup C:\\Windows\\system32\\atieclxx.exe C:\\Windows\\system32\\svchost.exe -k NetworkService C:\\Windows\\System32\\spoolsv.exe C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\sched.exe C:\\Windows\\system32\\svchost.exe -k LocalServiceNoNetwork C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe C:\\Program Files\\ATI Technologies\\ATI.ACE\\Fuel\\Fuel.Service.exe C:\\Windows\\system32\\CISVC.EXE C:\\Program Files\\Common Files\\Logishrd\\LVMVFM\\LVPrcSrv.exe C:\\Windows\\SysWOW64\\PnkBstrA.exe C:\\Program Files (x86)\\Common Files\\Logishrd\\LVMVFM\\LVPrS64H.exe C:\\ProgramData\\Skype\\Toolbars\\Skype C2C Service\\c2c_service.exe C:\\Windows\\System32\\snmp.exe C:\\Windows\\system32\\svchost.exe -k imgsvc C:\\Windows\\System32\\svchost.exe -k secsvcs C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WLIDSVC.EXE C:\\Program Files (x86)\\Spybot - Search & Destroy\\SDWinSec.exe C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WLIDSvcM.exe C:\\Windows\\system32\\Dwm.exe C:\\Windows\\Explorer.EXE C:\\Windows\\system32\\svchost.exe -k LocalServiceAndNoImpersonation C:\\Program Files (x86)\\DAEMON Tools Pro\\DTShellHlp.exe C:\\Windows\\system32\\svchost.exe -k NetworkServiceNetworkRestricted C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe C:\\Program Files\\Logitech\\SetPointP\\SetPoint.exe C:\\Program Files (x86)\\Spybot - Search & Destroy\\TeaTimer.exe C:\\Program Files (x86)\\HooTech\\NetMeter\\HooNetMeter.exe C:\\Program Files\\Common Files\\LogiShrd\\KHAL3\\KHALMNPR.EXE C:\\Program Files (x86)\\NEC Electronics\\USB 3.0 Host Controller Driver\\Application\ usb3mon.exe C:\\Program Files (x86)\\Logitech\\LWS\\Webcam Software\\LWS.exe C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\avgnt.exe C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\MOM.exe C:\\Program Files\\Logitech\\SetPointG\\SetPointII.exe C:\\Windows\\system32\\SearchIndexer.exe C:\\Program Files\\Windows Media Player\\wmpnetwk.exe C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CCC.exe C:\\Windows\\System32\\svchost.exe -k LocalServicePeerNet C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe C:\\Windows\\system32\\svchost.exe -k SDRSVC C:\\Windows\\system32\\SearchProtocolHost.exe C:\\Windows\\System32\\svchost.exe -k WerSvcGroup C:\\Windows\\system32\\SearchFilterHost.exe C:\\Windows\\system32\\svchost.exe -k netsvcs C:\\Windows\\system32\\wbem\\wmiprvse.exe C:\\Windows\\System32\\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: vShare Plugin: {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\\Program Files (x86)\\vShare\\vshare_toolbar.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\\Program Files (x86)\\Spybot - Search & Destroy\\SDHelper.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\skypeieplugin.dll BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned> TB: vShare Plugin: {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\\Program Files (x86)\\vShare\\vshare_toolbar.dll uRun: [SpybotSD TeaTimer] C:\\Program Files (x86)\\Spybot - Search & Destroy\\TeaTimer.exe uRun: [NetMeter] C:\\Program Files (x86)\\HooTech\\NetMeter\\HooNetMeter.exe mRun: [ATICustomerCare] "C:\\Program Files (x86)\\ATI\\ATICustomerCare\\ATICustomerCare.exe" mRun: [NUSB3MON] "C:\\Program Files (x86)\\NEC Electronics\\USB 3.0 Host Controller Driver\\Application\ usb3mon.exe" mRun: [LWS] C:\\Program Files (x86)\\Logitech\\LWS\\Webcam Software\\LWS.exe -hide mRun: [avgnt] "C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\avgnt.exe" /min mRun: [StartCCC] "C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe" MSRun mRun: [Adobe ARM] "C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe" mRunOnce: [Malwarebytes Anti-Malware] C:\\Program Files (x86)\\Malwarebytes' Anti-Malware\\mbamgui.exe /install /silent dRunOnce: [SPReview] "C:\\Windows\\System32\\SPReview\\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\skypeieplugin.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\\Program Files (x86)\\Spybot - Search & Destroy\\SDHelper.dll DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\\{1708A6BA-952D-4915-8B01-B1FD90BF62D9} : DHCPNameServer = 192.168.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\Program Files (x86)\\Common Files\\Skype\\Skype4COM.dll Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\\Program Files (x86)\\vShare\\vshare_toolbar.dll SSODL: WebCheck - <orphaned> x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre7\\bin\\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer x64\\skypeieplugin.dll x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre7\\bin\\jp2ssv.dll x64-Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s x64-Run: [EvtMgr6] C:\\Program Files\\Logitech\\SetPointP\\SetPoint.exe /launchGaming x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer x64\\skypeieplugin.dll . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer x64\\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - <orphaned> x64-Notify: LBTWlgn - c:\\program files\\common files\\logishrd\\bluetooth\\LBTWlgn.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\\Users\\rems\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\m8tfr5z0.default-1379057056181\\ FF - plugin: C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\ ppdf32.dll FF - plugin: c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.20913.0\ pctrlui.dll FF - plugin: C:\\Program Files (x86)\\Pando Networks\\Media Booster\ pPandoWebPlugin.dll FF - plugin: C:\\Users\\rems\\AppData\\Local\\Google\\Update\\1.3.21.165\ pGoogleUpdate3.dll FF - plugin: C:\\Users\\rems\\AppData\\Roaming\\Mozilla\\plugins\ pgoogletalk.dll FF - plugin: C:\\Users\\rems\\AppData\\Roaming\\Mozilla\\plugins\ pgtpo3dautoplugin.dll FF - plugin: C:\\Users\\rems\\AppData\\Roaming\\Mozilla\\plugins\ po1d.dll FF - plugin: C:\\Users\\rems\\AppData\\Roaming\\Mozilla\\plugins\ poctoshape.dll FF - plugin: C:\\Users\\rems\\Program Files (x86)\\DNA\\plugins\ pbtdna.dll FF - plugin: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_9_900_117.dll FF - ExtSQL: 2013-09-13 03:28; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\\Users\\rems\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\m8tfr5z0.default-1379057056181\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-09-13 03:29; jid1-xUfzOsOFlzSOXg@jetpack; C:\\Users\\rems\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\m8tfr5z0.default-1379057056181\\extensions\\[email protected] FF - ExtSQL: 2013-09-13 03:33; {b749fc7c-e949-447f-926c-3f4eed6accfe}; C:\\Users\\rems\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\m8tfr5z0.default-1379057056181\\extensions\\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi FF - ExtSQL: 2013-09-13 03:33; [email protected]; C:\\Users\\rems\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\m8tfr5z0.default-1379057056181\\extensions\\[email protected] FF - ExtSQL: 2013-10-22 22:51; {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}; C:\\Users\\rems\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\m8tfr5z0.default-1379057056181\\extensions\\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;C:\\Windows\\System32\\drivers\\Lbd.sys [2010-6-20 69152] R1 anodlwf;ANOD Network Security Filter driver;C:\\Windows\\System32\\drivers\\anodlwfx.sys [2010-8-28 15872] R1 avkmgr;avkmgr;C:\\Windows\\System32\\drivers\\avkmgr.sys [2013-6-13 28600] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\\Windows\\System32\\drivers\\dtsoftbus01.sys [2011-2-5 254528] R2 AMD External Events Utility;AMD External Events Utility;C:\\Windows\\System32\\atiesrxx.exe [2013-3-28 241152] R2 AMD FUEL Service;AMD FUEL Service;C:\\Program Files\\ATI Technologies\\ATI.ACE\\Fuel\\Fuel.Service.exe [2013-3-28 361984] R2 AntiVirSchedulerService;Avira Scheduler;C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\sched.exe [2013-6-13 440392] R2 AntiVirService;Avira Real-Time Protection;C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\avguard.exe [2013-6-13 440392] R2 AODDriver4.2;AODDriver4.2;C:\\Program Files\\ATI Technologies\\ATI.ACE\\Fuel\\amd64\\aoddriver2.sys [2012-4-9 57472] R2 avgntflt;avgntflt;C:\\Windows\\System32\\drivers\\avgntflt.sys [2013-6-13 105856] R2 cpuz135;cpuz135;C:\\Windows\\System32\\drivers\\cpuz135_x64.sys [2011-1-12 21992] R2 LVPrcS64;Process Monitor;C:\\Program Files\\Common Files\\LogiShrd\\LVMVFM\\LVPrcSrv.exe [2010-5-7 197976] R2 SBSDWSCService;SBSD Security Center Service;C:\\Program Files (x86)\\Spybot - Search & Destroy\\SDWinSec.exe [2010-6-20 1153368] R2 Skype C2C Service;Skype C2C Service;C:\\ProgramData\\Skype\\Toolbars\\Skype C2C Service\\c2c_service.exe [2013-10-9 3275136] R2 UMVPFSrv;UMVPFSrv;C:\\Program Files (x86)\\Common Files\\LogiShrd\\LVMVFM\\UMVPFSrv.exe [2012-1-18 450848] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\\Windows\\System32\\drivers\\AtihdW76.sys [2013-2-14 96768] R3 CompFilter64;UVCCompositeFilter;C:\\Windows\\System32\\drivers\\lvbflt64.sys [2012-1-18 25632] R3 Darusb_win7x;D-LInk DWA-160 11n Wireless LAN device driver;C:\\Windows\\System32\\drivers\\Darusb_win7x.sys [2013-10-16 786432] R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\\Windows\\System32\\drivers\\LVPr2M64.sys [2010-5-7 30304] R3 LVRS64;Logitech RightSound Filter Driver;C:\\Windows\\System32\\drivers\\lvrs64.sys [2012-1-18 351136] R3 LVUSBS64;Logitech USB Monitor Filter;C:\\Windows\\System32\\drivers\\LVUSBS64.sys [2007-5-9 50208] R3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\\Windows\\System32\\drivers\\LVUVC64.sys [2010-7-27 4865568] R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\\Windows\\System32\\drivers\ usb3hub.sys [2009-11-20 75776] R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\\Windows\\System32\\drivers\ usb3xhc.sys [2009-11-20 177152] R3 RTL8167;Realtek 8167 NT Driver;C:\\Windows\\System32\\drivers\\Rt64win7.sys [2009-3-1 187392] R3 usbfilter;AMD USB Filter Driver;C:\\Windows\\System32\\drivers\\usbfilter.sys [2010-6-20 38456] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\mscorsvw.exe [2010-3-18 138576] S2 cpuz133;cpuz133;C:\\Windows\\System32\\drivers\\cpuz133_x64.sys [2010-6-20 20968] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\\Program Files (x86)\\Lavasoft\\Ad-Aware\\AAWService.exe [2010-7-12 1405384] S2 SkypeUpdate;Skype Updater;C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe [2013-9-5 171680] S3 amdiox64;AMD IO Driver;C:\\Windows\\System32\\drivers\\amdiox64.sys [2013-6-13 46136] S3 arusb_lhx;D-Link DWA-160 device driver;C:\\Windows\\System32\\drivers\\dwarusb_lhx.sys [2010-6-20 558080] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService64.exe [2010-7-26 1038088] S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\\Program Files (x86)\\Lavasoft\\Ad-Aware\\kernexplorer64.sys [2010-8-13 17152] S3 lvsels64;Logitech Selective Suspend Filter;C:\\Windows\\System32\\drivers\\lvsels64.sys [2010-7-27 68064] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\\Windows\\System32\\drivers\\rdpvideominiport.sys [2013-6-13 19456] S3 StorSvc;Storage Service;C:\\Windows\\System32\\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\\Windows\\System32\\drivers\\TsUsbFlt.sys [2013-6-13 57856] S3 WatAdminSvc;Windows Activation Technologies Service;C:\\Windows\\System32\\Wat\\WatAdminSvc.exe [2010-6-20 1255736] . =============== Created Last 60 ================ . 2013-10-24 01:43:30 -------- d-----w- C:\\Users\\rems\\AppData\\Roaming\\Malwarebytes 2013-10-24 01:43:21 25928 ----a-w- C:\\Windows\\System32\\drivers\\mbam.sys 2013-10-24 01:43:21 -------- d-----w- C:\\ProgramData\\Malwarebytes 2013-10-24 01:43:21 -------- d-----w- C:\\Program Files (x86)\\Malwarebytes' Anti-Malware 2013-10-24 01:43:10 -------- d-----w- C:\\Users\\rems\\AppData\\Local\\Programs 2013-10-24 01:40:29 75888 ----a-w- C:\\ProgramData\\Microsoft\\Windows Defender\\Definition Updates\\{08316790-1EC9-40C9-AEAD-9FE023D3E3A1}\\offreg.dll 2013-10-23 15:56:16 -------- dc----w- C:\\Users\\rems\\AppData\\Local\\MigWiz 2013-10-23 15:44:45 10280728 ----a-w- C:\\ProgramData\\Microsoft\\Windows Defender\\Definition Updates\\{08316790-1EC9-40C9-AEAD-9FE023D3E3A1}\\mpengine.dll 2013-10-21 23:58:09 -------- d-----w- C:\\Windows\\System32\\sppui 2013-10-21 23:44:14 -------- d-----w- C:\\Windows\\CheckSur 2013-10-19 16:09:39 -------- d-sh--w- C:\\$RECYCLE.BIN 2013-10-19 07:15:03 98816 ----a-w- C:\\Windows\\sed.exe 2013-10-19 07:15:03 256000 ----a-w- C:\\Windows\\PEV.exe 2013-10-19 07:15:03 208896 ----a-w- C:\\Windows\\MBR.exe 2013-10-17 02:39:33 786432 ----a-w- C:\\Windows\\System32\\drivers\\Darusb_win7x.sys 2013-10-14 18:51:44 -------- d-----w- C:\\found.005 2013-10-10 07:17:17 -------- d-----w- C:\\found.004 2013-10-10 00:11:57 124112 ----a-w- C:\\Windows\\System32\\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 00:11:57 102608 ----a-w- C:\\Windows\\SysWow64\\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 00:11:56 99840 ----a-w- C:\\Windows\\System32\\drivers\\usbccgp.sys 2013-10-10 00:11:56 983488 ----a-w- C:\\Windows\\System32\\drivers\\dxgkrnl.sys 2013-10-10 00:11:56 7808 ----a-w- C:\\Windows\\System32\\drivers\\usbd.sys 2013-10-10 00:11:56 52736 ----a-w- C:\\Windows\\System32\\drivers\\usbehci.sys 2013-10-10 00:11:56 461312 ----a-w- C:\\Windows\\System32\\scavengeui.dll 2013-10-10 00:11:56 343040 ----a-w- C:\\Windows\\System32\\drivers\\usbhub.sys 2013-10-10 00:11:56 325120 ----a-w- C:\\Windows\\System32\\drivers\\usbport.sys 2013-10-10 00:11:56 30720 ----a-w- C:\\Windows\\System32\\drivers\\usbuhci.sys 2013-10-10 00:11:56 25600 ----a-w- C:\\Windows\\System32\\drivers\\usbohci.sys 2013-10-09 14:58:02 4879744 ----a-w- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\\components\\SkypeFfComponent.dll 2013-10-09 14:58:02 4879744 ----a-w- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\\components\\SkypeFfComponent.dll 2013-10-05 03:28:03 -------- d-----w- C:\\Users\\rems\\AppData\\Local\\Blizzard Entertainment 2013-10-05 03:28:01 -------- d-----w- C:\\Users\\rems\\AppData\\Roaming\\Battle.net 2013-10-05 03:28:01 -------- d-----w- C:\\Users\\rems\\AppData\\Local\\Battle.net 2013-09-26 18:00:39 208760 ----a-w- C:\\Program Files (x86)\\Mozilla Firefox\\plugins\ ppdf32.dll 2013-09-26 18:00:39 208760 ----a-w- C:\\Program Files (x86)\\Internet Explorer\\Plugins\ ppdf32.dll 2013-09-25 21:34:56 -------- d-----w- C:\\found.003 2013-09-19 04:20:17 -------- d-----w- C:\\Users\\rems\\AppData\\Roaming\\OpenOffice 2013-09-19 04:05:55 -------- d-----w- C:\\Program Files (x86)\\OpenOffice 4 2013-09-11 04:59:21 -------- d-----w- C:\\found.002 2013-09-10 01:59:08 -------- d-----w- C:\\Users\\rems\\AppData\\Local\\ElevatedDiagnostics 2013-09-09 02:49:48 199579136 ---h--w- C:\\Users\\rems\\AppData\\Roaming\\Microsoft\\Windows\\Templates\\cscservice.exe 2013-08-28 23:11:42 -------- d-----w- C:\\HammerAutosave . ==================== Find6M ==================== . 2013-10-24 00:33:31 71048 ----a-w- C:\\Windows\\SysWow64\\FlashPlayerCPLApp.cpl 2013-10-24 00:33:31 692616 ----a-w- C:\\Windows\\SysWow64\\FlashPlayerApp.exe 2013-10-07 12:27:27 83160 ----a-w- C:\\Windows\\System32\\drivers\\avnetflt.sys 2013-10-07 12:27:27 28600 ----a-w- C:\\Windows\\System32\\drivers\\avkmgr.sys 2013-10-07 12:27:27 105856 ----a-w- C:\\Windows\\System32\\drivers\\avgntflt.sys 2013-09-22 23:28:06 1767936 ----a-w- C:\\Windows\\SysWow64\\wininet.dll 2013-09-22 23:27:49 2876928 ----a-w- C:\\Windows\\SysWow64\\jscript9.dll 2013-09-22 23:27:48 61440 ----a-w- C:\\Windows\\SysWow64\\iesetup.dll 2013-09-22 23:27:48 109056 ----a-w- C:\\Windows\\SysWow64\\iesysprep.dll 2013-09-22 22:55:10 2241024 ----a-w- C:\\Windows\\System32\\wininet.dll 2013-09-22 22:54:51 3959296 ----a-w- C:\\Windows\\System32\\jscript9.dll 2013-09-22 22:54:50 67072 ----a-w- C:\\Windows\\System32\\iesetup.dll 2013-09-22 22:54:50 136704 ----a-w- C:\\Windows\\System32\\iesysprep.dll 2013-09-21 03:38:39 2706432 ----a-w- C:\\Windows\\System32\\mshtml.tlb 2013-09-21 03:30:24 2706432 ----a-w- C:\\Windows\\SysWow64\\mshtml.tlb 2013-09-21 02:48:36 89600 ----a-w- C:\\Windows\\System32\\RegisterIEPKEYs.exe 2013-09-21 02:39:47 71680 ----a-w- C:\\Windows\\SysWow64\\RegisterIEPKEYs.exe 2013-09-14 01:10:19 497152 ----a-w- C:\\Windows\\System32\\drivers\\afd.sys 2013-09-08 02:30:37 1903552 ----a-w- C:\\Windows\\System32\\drivers\\tcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:\\Windows\\System32\\mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:\\Windows\\SysWow64\\mswsock.dll 2013-09-03 18:35:10 278800 ------w- C:\\Windows\\System32\\MpSigStub.exe 2013-08-29 02:17:48 5549504 ----a-w- C:\\Windows\\System32\ toskrnl.exe 2013-08-29 02:16:35 1732032 ----a-w- C:\\Windows\\System32\ tdll.dll 2013-08-29 02:16:28 243712 ----a-w- C:\\Windows\\System32\\wow64.dll 2013-08-29 02:16:14 859648 ----a-w- C:\\Windows\\System32\\tdh.dll 2013-08-29 02:13:28 878080 ----a-w- C:\\Windows\\System32\\advapi32.dll 2013-08-29 01:51:45 3969472 ----a-w- C:\\Windows\\SysWow64\ tkrnlpa.exe 2013-08-29 01:51:45 3914176 ----a-w- C:\\Windows\\SysWow64\ toskrnl.exe 2013-08-29 01:50:31 5120 ----a-w- C:\\Windows\\SysWow64\\wow32.dll 2013-08-29 01:50:30 1292192 ----a-w- C:\\Windows\\SysWow64\ tdll.dll 2013-08-29 01:50:16 619520 ----a-w- C:\\Windows\\SysWow64\\tdh.dll 2013-08-29 01:48:17 640512 ----a-w- C:\\Windows\\SysWow64\\advapi32.dll 2013-08-29 01:48:15 44032 ----a-w- C:\\Windows\\apppatch\\acwow64.dll 2013-08-29 00:49:53 25600 ----a-w- C:\\Windows\\SysWow64\\setup16.exe 2013-08-29 00:49:52 7680 ----a-w- C:\\Windows\\SysWow64\\instnm.exe 2013-08-29 00:49:52 14336 ----a-w- C:\\Windows\\SysWow64\ tvdm64.dll 2013-08-29 00:49:49 2048 ----a-w- C:\\Windows\\SysWow64\\user.exe 2013-08-28 01:21:06 3155968 ----a-w- C:\\Windows\\System32\\win32k.sys 2013-08-05 02:25:45 155584 ----a-w- C:\\Windows\\System32\\drivers\\ataport.sys 2013-08-02 02:14:57 215040 ----a-w- C:\\Windows\\System32\\winsrv.dll 2013-08-02 02:13:34 424448 ----a-w- C:\\Windows\\System32\\KernelBase.dll 2013-08-02 01:50:42 274944 ----a-w- C:\\Windows\\SysWow64\\KernelBase.dll 2013-08-02 01:09:17 338432 ----a-w- C:\\Windows\\System32\\conhost.exe 2013-08-02 00:59:09 112640 ----a-w- C:\\Windows\\System32\\smss.exe 2013-08-02 00:43:05 6144 ---ha-w- C:\\Windows\\SysWow64\\api-ms-win-security-base-l1-1-0.dll 2013-08-02 00:43:05 4608 ---ha-w- C:\\Windows\\SysWow64\\api-ms-win-core-threadpool-l1-1-0.dll 2013-08-02 00:43:05 3584 ---ha-w- C:\\Windows\\SysWow64\\api-ms-win-core-xstate-l1-1-0.dll 2013-08-02 00:43:05 3072 ---ha-w- C:\\Windows\\SysWow64\\api-ms-win-core-util-l1-1-0.dll 2013-07-25 09:25:54 1888768 ----a-w- C:\\Windows\\System32\\WMVDECOD.DLL 2013-07-25 08:57:27 1620992 ----a-w- C:\\Windows\\SysWow64\\WMVDECOD.DLL 2013-07-19 01:58:42 2048 ----a-w- C:\\Windows\\System32\\tzres.dll 2013-07-19 01:41:01 2048 ----a-w- C:\\Windows\\SysWow64\\tzres.dll 2013-07-12 10:41:12 100864 ----a-w- C:\\Windows\\System32\\drivers\\usbcir.sys 2013-07-12 10:40:58 109824 ----a-w- C:\\Windows\\System32\\drivers\\USBAUDIO.sys 2013-07-09 05:52:52 224256 ----a-w- C:\\Windows\\System32\\wintrust.dll 2013-07-09 05:51:16 1217024 ----a-w- C:\\Windows\\System32\\rpcrt4.dll 2013-07-09 05:46:20 184320 ----a-w- C:\\Windows\\System32\\cryptsvc.dll 2013-07-09 05:46:20 1472512 ----a-w- C:\\Windows\\System32\\crypt32.dll 2013-07-09 05:46:20 139776 ----a-w- C:\\Windows\\System32\\cryptnet.dll 2013-07-09 04:52:33 663552 ----a-w- C:\\Windows\\SysWow64\\rpcrt4.dll 2013-07-09 04:52:10 175104 ----a-w- C:\\Windows\\SysWow64\\wintrust.dll 2013-07-09 04:46:31 140288 ----a-w- C:\\Windows\\SysWow64\\cryptsvc.dll 2013-07-09 04:46:31 1166848 ----a-w- C:\\Windows\\SysWow64\\crypt32.dll 2013-07-09 04:46:31 103936 ----a-w- C:\\Windows\\SysWow64\\cryptnet.dll 2013-07-04 12:57:22 259584 ----a-w- C:\\Windows\\System32\\WebClnt.dll 2013-07-04 12:50:46 102400 ----a-w- C:\\Windows\\System32\\davclnt.dll 2013-07-04 12:50:39 633856 ----a-w- C:\\Windows\\System32\\comctl32.dll 2013-07-04 11:57:28 205824 ----a-w- C:\\Windows\\SysWow64\\WebClnt.dll 2013-07-04 11:51:04 81920 ----a-w- C:\\Windows\\SysWow64\\davclnt.dll 2013-07-04 11:50:56 530432 ----a-w- C:\\Windows\\SysWow64\\comctl32.dll 2013-07-04 10:11:35 140800 ----a-w- C:\\Windows\\System32\\drivers\\mrxdav.sys 2013-07-03 04:05:05 76800 ----a-w- C:\\Windows\\System32\\drivers\\hidclass.sys 2013-07-03 04:05:04 32896 ----a-w- C:\\Windows\\System32\\drivers\\hidparse.sys 2013-06-25 22:55:52 785624 ----a-w- C:\\Windows\\System32\\drivers\\Wdf01000.sys 2013-06-16 03:08:15 76888 ----a-w- C:\\Windows\\SysWow64\\PnkBstrA.exe 2013-06-16 03:08:03 291088 ----a-w- C:\\Windows\\SysWow64\\PnkBstrB.xtr 2013-06-16 03:08:03 291088 ----a-w- C:\\Windows\\SysWow64\\PnkBstrB.exe 2013-06-16 03:03:54 280904 ----a-w- C:\\Windows\\SysWow64\\PnkBstrB.ex0 2013-06-15 04:32:16 39936 ----a-w- C:\\Windows\\System32\\drivers\\tssecsrv.sys 2013-06-13 06:25:48 971680 ----a-w- C:\\Windows\\System32\\deployJava1.dll 2013-06-13 06:25:48 1092512 ----a-w- C:\\Windows\\System32\ pDeployJava1.dll 2013-06-13 06:25:48 108448 ----a-w- C:\\Windows\\System32\\WindowsAccessBridge-64.dll 2013-06-13 05:53:06 152576 ----a-w- C:\\Windows\\SysWow64\\msclmd.dll 2013-06-13 05:53:05 175616 ----a-w- C:\\Windows\\System32\\msclmd.dll 2013-06-13 05:37:29 18960 ----a-w- C:\\Windows\\System32\\drivers\\LNonPnP.sys 2013-06-06 05:50:51 41472 ----a-w- C:\\Windows\\System32\\lpk.dll 2013-06-06 05:49:52 100864 ----a-w- C:\\Windows\\System32\\fontsub.dll 2013-06-06 05:49:07 14336 ----a-w- C:\\Windows\\System32\\dciman32.dll 2013-06-06 05:47:21 46080 ----a-w- C:\\Windows\\System32\\atmlib.dll 2013-06-06 04:57:01 25600 ----a-w- C:\\Windows\\SysWow64\\lpk.dll 2013-06-06 04:51:29 70656 ----a-w- C:\\Windows\\SysWow64\\fontsub.dll 2013-06-06 04:50:56 10240 ----a-w- C:\\Windows\\SysWow64\\dciman32.dll 2013-06-06 03:30:53 368128 ----a-w- C:\\Windows\\System32\\atmfd.dll 2013-06-06 03:01:38 295424 ----a-w- C:\\Windows\\SysWow64\\atmfd.dll 2013-06-06 03:01:26 34304 ----a-w- C:\\Windows\\SysWow64\\atmlib.dll 2013-06-04 06:00:13 624128 ----a-w- C:\\Windows\\System32\\qedit.dll 2013-06-04 04:53:07 509440 ----a-w- C:\\Windows\\SysWow64\\qedit.dll 2013-05-13 05:50:40 52224 ----a-w- C:\\Windows\\System32\\certenc.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\\Windows\\System32\\certutil.exe . ============= FINISH: 21:54:28.92 =============== Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer. If you're stuck, or you're not sure about certain step, always ask before doing anything else. Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest. Never run more than one scan at a time. Keep updating me regarding your computer behavior, good, or bad. The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know. If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum. I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me. Close all the running programs Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator Otherwise just double-click on RogueKiller.exe Pre-scan will start. Let it finish. Click on SCAN button. Wait until the Status box shows Scan Finished Click on Delete. Wait until the Status box shows Deleting Finished. Click on Report and copy/paste the content of the Notepad into your next reply. RKreport.txt could also be found on your desktop. If more than one log is produced post all logs. If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again Unzip downloaded file. Open the folder where the contents were unzipped and run mbar.exe Follow the instructions in the wizard to update and allow the program to scan your computer for threats. Click on the Cleanup button to remove any threats and reboot if prompted to do so. Wait while the system shuts down and the cleanup process is performed. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process. When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt Try Revo... Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully. Please note there is a chance when you look for this program to uninstall through Revo it might not be listed because of the previous uninstall. If that is the case simply stop and let me know. Please download and install Revo Uninstaller Free Double click Revo Uninstaller to run it. From the list of programs double click on the program you want to remove When prompted if you want to uninstall click Yes. Be sure the Moderate option is selected then click Next. The program will run, If prompted again click Yes When the built-in uninstaller is finished click on Next Once the program has searched for leftovers click Next. Check the items in bold only on the list then click Delete. You may have to expand some folders by clicking the "+" mark. When prompted click on Yes and then on Next. Put a check on any folders that are found and select Delete When prompted select Yes then Next Once done click Finish. Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message. OTL Extras logfile created on: 24-Oct-13 22:14:17 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\rems\\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16721) Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy 8.00 Gb Total Physical Memory | 6.20 Gb Available Physical Memory | 77.47% Memory free 8.39 Gb Paging File | 6.48 Gb Available in Paging File | 77.26% Paging File free Paging file location(s): c:\\pagefile.sys 400 4000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86) Drive C: | 59.62 Gb Total Space | 18.38 Gb Free Space | 30.83% Space Free | Partition Type: NTFS Drive F: | 279.45 Gb Total Space | 4.50 Gb Free Space | 1.61% Space Free | Partition Type: NTFS Drive H: | 931.51 Gb Total Space | 50.10 Gb Free Space | 5.38% Space Free | Partition Type: NTFS Computer Name: REMS-PC | User Name: rems | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>] .html[@ = htmlfile] -- C:\\Program Files\\Internet Explorer\\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\\Windows\\SysNative\\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>] .cpl [@ = cplfile] -- C:\\Windows\\SysWow64\\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\\Program Files\\Internet Explorer\\iexplore.exe (Microsoft Corporation) [HKEY_USERS\\S-1-5-21-4021702413-2502217976-178378392-1000\\SOFTWARE\\Classes\\<extension>] .html [@ = FirefoxHTML] -- C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\\system32\\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\\Windows\\System32\\rundll32.exe" "C:\\Windows\\System32\\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\\Windows\\System32\\rundll32.exe" "C:\\Windows\\System32\\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Directory [Winamp.Bookmark] -- "C:\\Program Files (x86)\\Winamp\\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\\Program Files (x86)\\Winamp\\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\\Program Files (x86)\\Winamp\\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation) Applications\\iexplore.exe [open] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" %1 (Microsoft Corporation) CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\\System32\\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Directory [Winamp.Bookmark] -- "C:\\Program Files (x86)\\Winamp\\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\\Program Files (x86)\\Winamp\\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\\Program Files (x86)\\Winamp\\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation) Applications\\iexplore.exe [open] -- "C:\\Program Files\\Internet Explorer\\iexplore.exe" %1 (Microsoft Corporation) CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc\\Vol] [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center] [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\StandardProfile] [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall] [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile] [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\StandardProfile] [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile\\GloballyOpenPorts\\List] [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\DomainProfile\\AuthorizedApplications\\List] [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile\\AuthorizedApplications\\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules] "{157BB54C-E296-4269-9EB0-D15482946A6C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe | "{15A740F7-D6D7-4971-A567-64631ADDD015}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{17E2BC66-40C9-4537-9621-CA9E442EF5FF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\\system32\\svchost.exe | "{1A212C6B-218B-4D76-BE1A-08028047F5BF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\\system32\\svchost.exe | "{255B3B29-63CA-436F-8A41-3EF44BB89C6D}" = lport=445 | protocol=6 | dir=in | app=system | "{27F2E30D-AAD1-4332-85E2-22EF2FDD20E3}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{2B1AE877-CD38-4778-8B53-05C680DCCD2B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe | "{2EEEAAFE-9B81-48F9-B3CB-27E8CF385EA0}" = lport=58604 | protocol=17 | dir=in | name=pando media booster | "{303E8AC9-CB81-4C3D-AAA9-33D0228D164E}" = rport=10243 | protocol=6 | dir=out | app=system | "{3D4389A3-592C-44CB-AC6D-6A9DBC59B0F8}" = lport=138 | protocol=17 | dir=in | app=system | "{40053ACC-3902-4A5F-988D-CBEECFCD6B72}" = rport=138 | protocol=17 | dir=out | app=system | "{40EEB9E8-7180-4236-966B-AF85C7B53DF7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe | "{499E4BD8-97E7-47CD-8CCF-E136A3064D59}" = lport=10243 | protocol=6 | dir=in | app=system | "{4B32CA41-CF84-4D5F-8F4C-29A9F6CAD8FB}" = lport=8380 | protocol=17 | dir=in | name=league of legends launcher | "{5A344EF8-5ECB-4E12-B81A-35F9480F1015}" = lport=58604 | protocol=6 | dir=in | name=pando media booster | "{60AEFC98-4E10-493A-8737-E006399AD307}" = rport=445 | protocol=6 | dir=out | app=system | "{661E100E-E977-491C-9470-AA738B592F9F}" = lport=2869 | protocol=6 | dir=in | app=system | "{6C528DA8-13EA-4A2A-9896-F1891B434920}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\\system32\\spoolsv.exe | "{6D0717FD-9101-4F5B-B026-6FA59C1CE3D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{71EFB420-4004-4B5A-B028-DFD0F30C3C4A}" = lport=137 | protocol=17 | dir=in | app=system | "{740322FC-D4D2-4006-BE6F-FB996E77DFDF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\\system32\\svchost.exe | "{78F1862F-E4A3-448C-AE5D-865C8405995F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe | "{851E1CE4-6A2F-48A2-A632-2C2F6D63EE60}" = lport=8380 | protocol=6 | dir=in | name=league of legends launcher | "{868FC860-62F6-4C83-AA11-C3CC9A02DD30}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe | "{86C433EA-83F4-4B66-8294-4E512206034C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe | "{86E535FC-0E9F-4578-8D7A-1AAA5B383DDD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\\system32\\svchost.exe | "{A0F0060D-0633-4C78-A4DE-21F0E8D103F7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe | "{A26B1BB9-8F3F-42E0-B8E2-6759FB8E9980}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{A4D761A3-C0E4-4F66-8EC4-31E224845229}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\\system32\\svchost.exe | "{A8B6A882-9746-4EC6-BED5-3AD43A251930}" = lport=2869 | protocol=6 | dir=in | app=system | "{AC512EE2-2D55-4AEF-B9E7-BB5C1348C2D6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\\system32\\svchost.exe | "{AD7DDE89-B69E-4541-9FCF-2C4C839A7EEE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\\system32\\svchost.exe | "{B35D6FA6-5BA3-4AF8-A47B-86A352D04A56}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\\system32\\svchost.exe | "{B90B048A-4653-4EBF-8D2A-3AEE802D43B5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{BB1DA41C-37D9-4950-9B88-21C72360081F}" = lport=139 | protocol=6 | dir=in | app=system | "{DC239E64-3126-4952-8161-2D55EEC60498}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe | "{E71BE682-32CA-4D26-9DFA-32C00F1FDA09}" = lport=58604 | protocol=6 | dir=in | name=pando media booster | "{E8157326-D908-4D6E-AD00-355C2E27C5B7}" = lport=58604 | protocol=17 | dir=in | name=pando media booster | "{F0A98D5C-A1FF-44B2-905D-C59474BE2C90}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\\system32\\svchost.exe | "{F0F85C56-DEBE-4DB1-860D-E8EEDDF8A3E6}" = rport=137 | protocol=17 | dir=out | app=system | "{F4670610-7369-4411-872E-93D4A396ECD9}" = rport=139 | protocol=6 | dir=out | app=system | "{FFDA48B0-F4F6-4406-A667-E8463AF44CC5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\\system32\\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules] "{039DDFAA-31AA-438A-9352-96A67B17E773}" = protocol=6 | dir=in | app=c:\\program files (x86)\\common files\\adobe\\cs4servicemanager\\cs4servicemanager.exe | "{0B644C1C-90EA-4507-8E11-9952E370FD61}" = protocol=17 | dir=in | app=c:\\program files (x86)\\pando networks\\media booster\\pmb.exe | "{10902241-4408-43BE-ADAA-99848FE6E076}" = protocol=6 | dir=in | app=d:\\steam\\steamapps\\[email protected]\\counter-strike\\hl.exe | "{13985BD9-8319-46B0-A0B5-8AF4F992AC71}" = protocol=6 | dir=in | app=c:\\windows\\syswow64\\pnkbstra.exe | "{178B36AC-F667-46F1-8BBA-A15A476B06B3}" = protocol=6 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.beta.2293\\agent.exe | "{19A35C73-2A53-4E23-8664-4C602414DD91}" = protocol=17 | dir=in | app=c:\\users\\rems\\appdata\\roaming\\utorrent\\utorrent.exe | "{1FA616C6-F57F-4298-8A8F-C86562D40D33}" = protocol=6 | dir=in | app=c:\\users\\rems\\appdata\\roaming\\utorrent\\utorrent.exe | "{200C66BF-8AA5-4A9F-BABF-CEAA703A2F58}" = protocol=6 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.2045\\agent.exe | "{282E62FB-A3DD-456A-9A10-FEECE43EF037}" = protocol=6 | dir=out | app=%programfiles(x86)%\\windows media player\\wmplayer.exe | "{2C4DD4F0-5114-4432-B45A-6F717BC38BDF}" = protocol=17 | dir=in | app=d:\\steam\\steamapps\\[email protected]\\counter-strike\\hl.exe | "{2C81A68A-141F-4673-A4EB-5BD29326640D}" = protocol=58 | dir=in | [email protected],-28545 | "{2D68C6EF-CCE8-4AFA-A15F-D346751B755F}" = protocol=1 | dir=out | [email protected],-28544 | "{2D9CA74A-3C75-4C83-BC7B-D0915087B6B9}" = protocol=6 | dir=in | app=h:\\steam\\steamapps\\common\\dota 2 beta\\dota.exe | "{394C0E0E-F564-4858-8AAC-47E5BA4771B8}" = protocol=6 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.beta.2163\\agent.exe | "{3A95AD63-5D43-40DD-868A-CE37361356E2}" = protocol=17 | dir=in | app=c:\\windows\\syswow64\\pnkbstra.exe | "{3EE70984-C2DC-471D-B1E5-A415A0DA7F13}" = protocol=17 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.beta.2293\\agent.exe | "{3F3C1845-7C55-46A5-BD27-D099BD8157FB}" = protocol=6 | dir=in | app=h:\\steam\\steamapps\\common\\half-life\\hl.exe | "{3F6571CF-FAB1-4870-9E2D-64994C14BB74}" = protocol=6 | dir=in | app=h:\\steam\\steamapps\\common\\counter-strike global offensive\\csgo.exe | "{4098234D-3A87-4078-B09E-540A8328A251}" = protocol=17 | dir=in | app=d:\\steam\\steamapps\\common\\left 4 dead 2\\left4dead2.exe | "{429EDA99-568D-49A7-9B88-C7EFBC2522B1}" = protocol=17 | dir=in | app=c:\\windows\\syswow64\\pnkbstrb.exe | "{42EC7FC9-E8C6-4195-BE13-29A336671C2F}" = dir=in | app=c:\\program files (x86)\\skype\\phone\\skype.exe | "{471C2015-55AD-4BED-B456-FA5036B5084E}" = protocol=17 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.2045\\agent.exe | "{4769EAE6-F804-43F9-AE57-B334264DAA3B}" = protocol=17 | dir=in | app=h:\\steam\\steam.exe | "{47B84E6C-D1F4-49ED-B508-7D54201BD3DA}" = protocol=17 | dir=in | app=c:\\program files\\ventrilo\\ventrilo.exe | "{497E7B48-B5FC-4F13-9D29-69869EBD5BC4}" = protocol=6 | dir=in | app=d:\\steam\\steamapps\\common\\left 4 dead 2\\left4dead2.exe | "{4D42F678-1997-46A6-90BC-7008CAAE88BB}" = protocol=17 | dir=in | app=%programfiles(x86)%\\windows media player\\wmplayer.exe | "{4D748C25-B1F8-4B77-817B-79964A3588DE}" = protocol=17 | dir=in | app=c:\\program files (x86)\\common files\\adobe\\cs4servicemanager\\cs4servicemanager.exe | "{4F9AA140-06BA-4EA6-AFE8-BF79175D9682}" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmpnetwk.exe | "{4FCEEB8E-0B53-40B5-829B-F395570C40C7}" = protocol=58 | dir=out | [email protected],-28546 | "{5321C83D-57FD-4092-957C-4CFEE1B608BD}" = protocol=17 | dir=in | app=d:\\steam\\steam.exe | "{543489A4-300B-4657-AA30-0C2DE93C9137}" = protocol=6 | dir=in | app=c:\\program files (x86)\\logitech\\vid hd\\vid.exe | "{54A206F5-CEDF-400C-8880-1A5EE9354FD2}" = protocol=6 | dir=in | app=d:\\steam\\steamapps\\[email protected]\\counter-strike source\\hl2.exe | "{571168C5-7E70-4BBE-AD9C-8DF39B5AB620}" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe | "{57DEFA54-5975-4BD8-A14C-FC1DBA7EA6D5}" = protocol=6 | dir=in | app=c:\\program files (x86)\\dna\\btdna.exe | "{59F52176-1E2F-4FA8-A005-60BFC6AB0577}" = protocol=17 | dir=in | app=h:\\steam\\steamapps\\common\\counter-strike global offensive\\csgo.exe | "{5A8AA892-4B93-4091-B28B-0D08A65FDCA0}" = protocol=6 | dir=out | app=system | "{604320C3-C71C-4CF8-80CC-05856911C74C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\\system32\\svchost.exe | "{7D6FC7ED-A0FC-437D-AB8C-FE620CFCEDF2}" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmplayer.exe | "{7FB29253-3806-461C-A245-F74C884E7CC6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\\system32\\svchost.exe | "{85F90A21-45E6-4877-B26D-663A02811995}" = protocol=17 | dir=in | app=h:\\steam\\steamapps\\common\\amd driver updater, vista and 7, 64 bit\\setup.exe | "{88A3E5EC-D741-46EE-B7A6-5418CF6C0908}" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe | "{89D25618-7B6F-4A01-9864-4F4DA00D9266}" = protocol=6 | dir=in | app=h:\\steam\\steamapps\\common\\amd driver updater, vista and 7, 64 bit\\setup.exe | "{90121849-361E-40E4-AECE-F98270CC617E}" = protocol=17 | dir=in | app=h:\\steam\\steamapps\\common\\counter-strike global offensive\\bin\\sdklauncher.exe | "{9127998C-E7AB-4ED6-9F75-7CDE2D5A0A36}" = protocol=17 | dir=in | app=h:\\battle.net\\battle.net.exe | "{91FE5531-088C-4FA1-AD61-2C25051DDACF}" = protocol=17 | dir=in | app=c:\\windows\\syswow64\\pnkbstra.exe | "{93599FF5-8665-44E2-BCF3-87F8F7AB983F}" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe | "{9A2D2CE2-9361-47A2-8CCC-27DDB5C4A217}" = protocol=17 | dir=in | app=d:\\steam\\steamapps\\common\\magicka\\magicka.exe | "{9B80B079-BF4D-4AB9-ADA0-132D65AC400D}" = protocol=6 | dir=in | app=c:\\program files (x86)\\pando networks\\media booster\\pmb.exe | "{9EF17B2B-16CF-41BC-A3AD-80BFC02E4721}" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmpnetwk.exe | "{9FD43454-9EC6-44D0-B36A-17363F40109D}" = protocol=17 | dir=in | app=h:\\steam\\steamapps\\common\\dota 2 beta\\dota.exe | "{A71AE427-D61F-44F0-A6AB-4C7181EF90D4}" = protocol=6 | dir=in | app=%programfiles%\\windows media player\\wmpnetwk.exe | "{AA6D0184-6127-4445-9B90-3AFB77663267}" = protocol=6 | dir=in | app=c:\\windows\\syswow64\\pnkbstrb.exe | "{AD253574-9C71-47D9-B547-DC501C60E795}" = dir=in | app=c:\\program files (x86)\\windows live\\contacts\\wlcomm.exe | "{B4CEFC68-F930-4929-A85E-E5D9065B4AF4}" = dir=in | app=c:\\program files (x86)\\common files\\apple\\apple application support\\webkit2webprocess.exe | "{BDB06DDE-573A-41CF-BDD9-071E131704CE}" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmpnetwk.exe | "{BEA38BCC-EC18-491D-A9FF-9DDAF1CA3C8F}" = protocol=17 | dir=in | app=c:\\program files (x86)\\pando networks\\media booster\\pmb.exe | "{BEA3F999-B02E-49CC-AD36-4BDE1ED04B52}" = protocol=6 | dir=in | app=d:\\steam\\steamapps\\common\\magicka\\magicka.exe | "{BEEF4F31-BD20-4DE5-AF85-511297381F1B}" = dir=in | app=c:\\program files (x86)\\pando networks\\media booster\\pmb.exe | "{C6D27F29-8EFC-4D52-9B5C-D82087D2780A}" = protocol=6 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.beta.2293\\agent.exe | "{C7F2F549-AFA4-4109-BABF-A26F2C111F04}" = protocol=17 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.2045\\agent.exe | "{CC6A6880-8049-48C2-AA9A-85D2FD4F0615}" = protocol=17 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.beta.2163\\agent.exe | "{D50C932B-FF0C-4F5A-B771-C101B90F8EC3}" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmplayer.exe | "{D5BCF0CA-4D9D-4215-ACC9-1DE68637C3EA}" = protocol=6 | dir=in | app=h:\\battle.net\\battle.net.exe | "{D67DB4E5-2CE7-43A9-9A6F-8E994913ABB3}" = protocol=6 | dir=in | app=c:\\program files (x86)\\pando networks\\media booster\\pmb.exe | "{D7573DC2-4A71-4093-8F76-07BD0DC26C7D}" = protocol=6 | dir=in | app=h:\\steam\\steam.exe | "{E0F6A805-D47E-4DD5-BBF0-93E2DB7A50FC}" = protocol=17 | dir=out | app=%programfiles(x86)%\\windows media player\\wmplayer.exe | "{E27B0F7E-69CF-4173-A26B-954757037C6D}" = protocol=17 | dir=in | app=c:\\windows\\syswow64\\pnkbstrb.exe | "{E864DAAD-9B01-4399-8339-796EFFE6DD02}" = protocol=17 | dir=in | app=c:\\program files (x86)\\logitech\\vid hd\\vid.exe | "{E8E89B66-E48F-47B9-8ED7-0260F7078FCF}" = protocol=17 | dir=in | app=h:\\steam\\steamapps\\common\\half-life\\hl.exe | "{E9D6F5F6-236A-45BC-B988-682D27FEC7BE}" = protocol=6 | dir=in | app=h:\\steam\\steamapps\\common\\counter-strike global offensive\\bin\\sdklauncher.exe | "{EC8B5CFA-8386-42B4-A456-773383A390B2}" = protocol=6 | dir=in | app=d:\\steam\\steam.exe | "{EF121FB3-045D-4C57-87C9-DBDD277F79B6}" = protocol=6 | dir=in | app=c:\\program files\\ventrilo\\ventrilo.exe | "{EF87D49C-7AF6-43D5-825D-5AA6E33F0CFA}" = protocol=17 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.beta.2293\\agent.exe | "{F1451F8B-455C-45B2-B2E5-CE836BF312E3}" = protocol=6 | dir=in | app=c:\\windows\\syswow64\\pnkbstra.exe | "{F2C0DF3A-DF3E-4451-A956-F60BF93B25A9}" = protocol=1 | dir=in | [email protected],-28543 | "{F3D789B6-4338-4758-9CF1-8E6CC2DA0705}" = protocol=17 | dir=in | app=c:\\program files (x86)\\dna\\btdna.exe | "{F4385AA0-E403-418C-8FC4-FA89159DD0F7}" = protocol=6 | dir=in | app=c:\\windows\\syswow64\\pnkbstrb.exe | "{F4FD9BD5-2979-4F6D-A4B5-7757A39F53B4}" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe | "{F8E6C835-E8EF-48F0-AB21-C943AB8FDDDF}" = protocol=17 | dir=in | app=d:\\steam\\steamapps\\[email protected]\\counter-strike source\\hl2.exe | "{FFEC0859-D3EA-4F9B-B8CC-5C16ABEAA097}" = protocol=6 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.2045\\agent.exe | "TCP Query User{1A040187-82AB-4B43-8944-D4A736B7A2A9}C:\\program files (x86)\\warcraft iii\\war3.exe" = protocol=6 | dir=in | app=c:\\program files (x86)\\warcraft iii\\war3.exe | "TCP Query User{1FD91F4E-49C4-4446-9C80-C096AC252296}D:\\steam\\steam.exe" = protocol=6 | dir=in | app=d:\\steam\\steam.exe | "TCP Query User{25A79670-7BDD-4850-A1DC-F30BE468B690}C:\\program files (x86)\\gigabyte\\Bios\\gwflash.exe" = protocol=6 | dir=in | app=c:\\program files (x86)\\gigabyte\\Bios\\gwflash.exe | "TCP Query User{366BD926-14FD-4A2A-8005-AD08D1C780DA}C:\\users\\rems\\program files (x86)\\dna\\btdna.exe" = protocol=6 | dir=in | app=c:\\users\\rems\\program files (x86)\\dna\\btdna.exe | "TCP Query User{71D1B9DA-422B-4EA2-BCE8-ECD64E7A1D6E}C:\\program files\\internet explorer\\iexplore.exe" = protocol=6 | dir=in | app=c:\\program files\\internet explorer\\iexplore.exe | "TCP Query User{73765DBC-7BC5-4512-BD16-AB30993B1CD7}H:\\diablo iii\\diablo iii.exe" = protocol=6 | dir=in | app=h:\\diablo iii\\diablo iii.exe | "TCP Query User{7EA64DCC-A321-44EB-9982-8F2DF72A7284}C:\\program files (x86)\\mirc\\mirc.exe" = protocol=6 | dir=in | app=c:\\program files (x86)\\mirc\\mirc.exe | "TCP Query User{96D82DAA-271B-438A-877B-D24C2D5BEA40}C:\\program files (x86)\\fahclient\\fahclient.exe" = protocol=6 | dir=in | app=c:\\program files (x86)\\fahclient\\fahclient.exe | "TCP Query User{D9F725EE-6768-48B8-B72F-9E33A3E47309}C:\\program files (x86)\\logitech\\vid hd\\vid.exe" = protocol=6 | dir=in | app=c:\\program files (x86)\\logitech\\vid hd\\vid.exe | "TCP Query User{EEC18077-F034-4A16-84C6-20443D2747B8}C:\\programdata\\battle.net\\agent\\agent.524\\agent.exe" = protocol=6 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.524\\agent.exe | "TCP Query User{F0D95C2F-B8F8-4AE0-8413-FE4BF3FA5ADB}C:\\users\\rems\\appdata\\roaming\\octoshape\\octoshape streaming services\\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\\users\\rems\\appdata\\roaming\\octoshape\\octoshape streaming services\\octoshapeclient.exe | "UDP Query User{0937FEF9-6A82-4480-8D0C-1115613B930D}C:\\program files (x86)\\mirc\\mirc.exe" = protocol=17 | dir=in | app=c:\\program files (x86)\\mirc\\mirc.exe | "UDP Query User{13356E5D-C949-414E-A249-176E07C90631}C:\\programdata\\battle.net\\agent\\agent.524\\agent.exe" = protocol=17 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.524\\agent.exe | "UDP Query User{2547DCCF-0540-4547-A6EF-8AE747975541}C:\\program files (x86)\\warcraft iii\\war3.exe" = protocol=17 | dir=in | app=c:\\program files (x86)\\warcraft iii\\war3.exe | "UDP Query User{3E9F4235-95E1-4858-A0F6-CFFC1911794A}C:\\program files (x86)\\fahclient\\fahclient.exe" = protocol=17 | dir=in | app=c:\\program files (x86)\\fahclient\\fahclient.exe | "UDP Query User{4D3CFF5E-B0CD-4990-9047-0E3E511CA578}C:\\program files\\internet explorer\\iexplore.exe" = protocol=17 | dir=in | app=c:\\program files\\internet explorer\\iexplore.exe | "UDP Query User{4EFBAD72-30C6-461A-8A77-D7D08439C6E2}D:\\steam\\steam.exe" = protocol=17 | dir=in | app=d:\\steam\\steam.exe | "UDP Query User{67DA59AB-024E-4BAF-8BB4-A3BB1EA630A9}H:\\diablo iii\\diablo iii.exe" = protocol=17 | dir=in | app=h:\\diablo iii\\diablo iii.exe | "UDP Query User{6977B7E3-C382-4826-8FA7-47D3657A6197}C:\\program files (x86)\\gigabyte\\Bios\\gwflash.exe" = protocol=17 | dir=in | app=c:\\program files (x86)\\gigabyte\\Bios\\gwflash.exe | "UDP Query User{6B41866B-2BC3-4486-8BBF-D0A823E973BF}C:\\users\\rems\\program files (x86)\\dna\\btdna.exe" = protocol=17 | dir=in | app=c:\\users\\rems\\program files (x86)\\dna\\btdna.exe | "UDP Query User{AC35AD40-6DFC-4743-A7E9-030006C4FECD}C:\\users\\rems\\appdata\\roaming\\octoshape\\octoshape streaming services\\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\\users\\rems\\appdata\\roaming\\octoshape\\octoshape streaming services\\octoshapeclient.exe | "UDP Query User{F2D6FB97-316D-41B5-B1CB-62D64D67AF00}C:\\program files (x86)\\logitech\\vid hd\\vid.exe" = protocol=17 | dir=in | app=c:\\program files (x86)\\logitech\\vid hd\\vid.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall] "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit) "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{55B348BE-A3BE-9AE7-58BD-BE45B9A28F82}" = AMD Media Foundation Decoders "{5B73E1AA-CA9D-E76A-2F2D-E0EFB41CE087}" = AMD Accelerated Video Transcoding "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{825C7AAC-C5D5-B89B-EBA1-D4DFC5E46D6C}" = AMD Drag and Drop Transcoding "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{C8807716-1F6F-5C43-3C32-7295A45CF060}" = AMD Catalyst Install Manager "{CC1FE395-D90F-712C-E013-EBDCC30433B1}" = AMD Fuel "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "{E54A949B-C4AE-28B6-EC97-FCB9E402D338}" = ccc-utility64 "{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "CPUID CPU-Z_is1" = CPUID CPU-Z 1.56 "CPUID HWMonitor_is1" = CPUID HWMonitor 1.16 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "SP6" = Logitech SetPoint 6.32 "WinRAR archiver" = WinRAR archiver [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall] "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration "{11F2C5EC-35AA-7237-B62B-A4F041859C2A}" = CCC Help Spanish "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{229EDE35-4677-BDE6-70ED-A5A4C711DDC3}" = CCC Help Norwegian "{2470F2F2-8491-5A0B-B8F5-8B72A8D74597}" = Catalyst Control Center InstallProxy "{27B56E28-94B2-BDF8-D209-EC8D2FF4838E}" = Catalyst Control Center Graphics Previews Common "{27BB12C3-1292-4204-8997-427CF78B5A92}" = Free Image Converter "{28999392-5871-4A39-863A-D2A6EA3260AF}" = League of Legends "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0 "{33D4FA83-02C0-93B3-08ED-5D7378930CFA}" = CCC Help Turkish "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{37D0F3C2-8FFD-134D-FBDF-2D711E169D78}" = AMD VISION Engine Control Center "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{42FECCEF-63CD-DF98-D6BC-DDBB27E4A580}" = CCC Help Japanese "{46594DA4-2D0A-B2D4-C0E0-A5CCA3260025}" = CCC Help Hungarian "{485B8152-C59F-8569-15BC-46BDA2A1E4A9}" = CCC Help Polish "{490F47E6-585C-531A-1BF8-4DE44ED9AED7}" = CCC Help Russian "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9 "{50F87176-7DB3-4C75-D9DC-25CB4561D0F8}" = CCC Help Danish "{52E706AA-B4E9-423A-1651-62E61E06DF9A}" = CCC Help Greek "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}" = OpenOffice 4.0.0 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{5FB51C12-62AE-0990-E419-C6F62B776E5C}" = CCC Help Portuguese "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{66B46617-A156-F25B-3CC0-5E46343AEA95}" = CCC Help Thai "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{75AF966A-CBB9-4801-963B-9A4378941799}" = D-Link Xtreme N Dual Band DWA-160 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7ADB1002-9FAC-4EF0-8EC0-57A0D7CB5355}" = Aurora "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{81543139-18AE-703B-D3B1-F6B3A0CB2EAC}" = CCC Help English "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FA20FAC-719F-7CCD-5790-6B59D691C370}" = CCC Help Chinese Traditional "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{940B28E7-320B-5AC8-0A8A-32D6A7B404A1}" = CCC Help Swedish "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows "{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver "{99C382AB-CA1D-8577-66D3-AA850DB5FD00}" = CCC Help Korean "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{A68C4D16-8046-5333-CB64-5E622C795785}" = CCC Help Dutch "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = Bios "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BE0B654E-FC60-40AE-F60B-06526508B5FD}" = CCC Help Italian "{BE0E1491-B2DC-6447-217C-342D8F7100EA}" = CCC Help Czech "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C5EADF55-3B49-B545-E16F-402B443DDC77}" = CCC Help German "{CBDFF724-E925-2964-E647-0A83D2F9165C}" = CCC Help French "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5341564-7B93-ADAC-E737-C24AA85CC5FF}" = CCC Help Chinese Standard "{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver "{DDB824DA-C431-3A3E-B997-F4B5539838FC}" = Google Talk Plugin "{E0955568-4353-4C85-8988-285A8C0F5E87}" = Mumble 1.2.4 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E3FB1E5A-1C24-D581-6BC8-6F8AC2D343AD}" = CCC Help Finnish "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1" = CBR Reader "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F0E79BE5-20F5-82F4-6579-2A91AED3F066}" = Catalyst Control Center Localization All "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.70 "ASIO4ALL" = ASIO4ALL "AutoHotkey" = AutoHotkey 1.0.48.05 "AutoItv3" = AutoIt v3.3.8.1 "Avira AntiVir Desktop" = Avira Free Antivirus "Battle.net" = Battle.net "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "DAEMON Tools Pro" = DAEMON Tools Pro "FAHClient" = FAHClient "FL Studio 9" = FL Studio 9 "Fraps" = Fraps (remove only) "Hardcore" = Hardcore "IL Download Manager" = IL Download Manager "InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver "Logitech Vid" = Logitech Vid HD "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "mIRC" = mIRC "Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Net Meter" = Net Meter 3.6 build 437 "OpenAL" = OpenAL "PoiZone" = PoiZone "Revo Uninstaller" = Revo Uninstaller 1.95 "Sawer" = Sawer "Steam App 730" = Counter-Strike: Global Offensive "Steam App 745" = Counter-Strike: Global Offensive - SDK "Toxic Biohazard" = Toxic Biohazard "VLC media player" = VLC media player 2.1.0 "VLMC" = VideoLAN Movie Creator "Warcraft III" = Warcraft III "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.11 "WinLiveSuite" = Windows Live Essentials ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\\S-1-5-21-4021702413-2502217976-178378392-1000\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall] "BitTorrent DNA" = DNA "Google Chrome" = Google Chrome "Octoshape Streaming Services" = Octoshape Streaming Services "uTorrent" = µTorrent "Warcraft III" = Warcraft III: All Products "Winamp Detect" = Winamp Detector Plug-in ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 24-Oct-13 22:15:20 | Computer Name = rems-PC | Source = Application Error | ID = 1000 Description = Faulting application name: svchost.exe_Winmgmt, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1 Faulting module name: FastProx.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdefe Exception code: 0xc0000005 Fault offset: 0x0000000000001d3c Faulting process id: 0x20f0 Faulting application start time: 0x01ced12777395ff5 Faulting application path: C:\\Windows\\system32\\svchost.exe Faulting module path: C:\\Windows\\system32\\wbem\\FastProx.dll Report Id: 4ba9128f-3d1b-11e3-b776-6cf049e741b9 [ System Events ] Error - 24-Oct-13 22:15:20 | Computer Name = rems-PC | Source = Service Control Manager | ID = 7034 Description = The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 3 time(s). Error - 24-Oct-13 22:15:20 | Computer Name = rems-PC | Source = Service Control Manager | ID = 7034 Description = The Computer Browser service terminated unexpectedly. It has done this 3 time(s). Error - 24-Oct-13 22:15:20 | Computer Name = rems-PC | Source = Service Control Manager | ID = 7034 Description = The Extensible Authentication Protocol service terminated unexpectedly. It has done this 3 time(s). Error - 24-Oct-13 22:15:20 | Computer Name = rems-PC | Source = Service Control Manager | ID = 7034 Description = The Server service terminated unexpectedly. It has done this 3 time(s). Error - 24-Oct-13 22:15:20 | Computer Name = rems-PC | Source = Service Control Manager | ID = 7034 Description = The Multimedia Class Scheduler service terminated unexpectedly. It has done this 3 time(s). Error - 24-Oct-13 22:15:20 | Computer Name = rems-PC | Source = Service Control Manager | ID = 7034 Description = The Shell Hardware Detection service terminated unexpectedly. It has done this 3 time(s). Error - 24-Oct-13 22:15:20 | Computer Name = rems-PC | Source = Service Control Manager | ID = 7034 Description = The Themes service terminated unexpectedly. It has done this 3 time(s). Error - 24-Oct-13 22:15:20 | Computer Name = rems-PC | Source = Service Control Manager | ID = 7034 Description = The Windows Management Instrumentation service terminated unexpectedly. It has done this 4 time(s). Error - 24-Oct-13 22:15:20 | Computer Name = rems-PC | Source = Service Control Manager | ID = 7034 Description = The Windows Update service terminated unexpectedly. It has done this 2 time(s). Error - 24-Oct-13 22:16:07 | Computer Name = rems-PC | Source = Service Control Manager | ID = 7032 Description = The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: %%1056 < End of report > If computer works fine there is no reason to look in Event Viewer. Every computer has some errors listed there. Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following','url':'http://www.techspot.com/community/topics/applications-errors-event-id-1000.197320/','og_descr':'Application errors potentially causing crashes in services is this due to a malware/virus? Attached the Attach.txt instead of pasting it because errors...
June 20, 2015: For feedbacks and file removal concerns, you may email us at info web4link.com.
Surrogate Rundll32 trojan - help please - posted in Virus, Trojan, Spyware, and Malware Removal Logs: I am currently trying to fix my system that has a virus that.
Sep 20, 2006 Throughout the week, I ve been fortunate enough to review Uniblue s Registry Booster, a dynamic registry scanning, defragmenting, and repairing utility.
This page may take a minute to finish loading. If you need to get one of these files they are on your Windows installation CD. You can extract it from your Windows.
Application errors potentially causing crashes in services is this due to a malware/virus. Attached the Attach.txt instead of pasting it because errors come in every.
Uniblue Registry Booster Review
Article Index for Icetips Alta LLC articles. Categories ABC 117 ASP, PHP, HTML, Web development 2 Browses and Listboxes 7.
Ryan reviews a Windows registry cleaner and optimizer. Does it offer your system a boost or cripple it? This review tells all.