dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
4290

Zalah
@davita.com

Zalah

Anon

my labtop has been hijacked :(

checkup.txt
1,326 bytes
Extras.Txt
101,618 bytes
log.txt
2,965 bytes
mbam-log-201···-04).txt
13,272 bytes
  
please help me my labtop has been hijacked what can i do ?!!

lilhurricane
Crunchin' For Cures
Numquam oblita
join:2003-01-11
Purple Zone

1 edit

lilhurricane

Numquam oblita

Let's open for easier analysis...

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.05.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Zol7y :: ZOL7Y-PC [administrator]

Protection: Enabled

12/5/2012 5:39:04 PM
mbam-log-2012-12-05 (17-39-04).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 429411
Time elapsed: 1 hour(s), 20 minute(s), 39 second(s)

Memory Processes Detected: 5
C:\Users\Zol7y\AppData\Local\Temp\65190.exe (Heuristics.Shuriken) -> 1292 -> Delete on reboot.
C:\Users\Zol7y\AppData\Local\Temp\panmap.exe (Heuristics.Shuriken) -> 2992 -> Delete on reboot.
C:\Users\Zol7y\AppData\Local\Temp\keerxjnir.exe (PUP.BitMiner) -> 3060 -> Delete on reboot.
C:\Users\Zol7y\AppData\Local\Temp\hnjotyqju.exe (PUP.BitMiner) -> 5660 -> Delete on reboot.
C:\Users\Zol7y\AppData\Roaming\Microsoft\Windows\Templates\MsCtfMonitor.exe (Trojan.Agent) -> 3460 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AdobeUpdate (Trojan.BitMiner) -> Data: wscript "C:\Users\Zol7y\AppData\Roaming\Adobe32\invis.vbs" "C:\Users\Zol7y\AppData\Roaming\Adobe32\bat.bat" -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Activex Application Updater (Trojan.Agent) -> Data: C:\Users\Zol7y\AppData\Roaming\Microsoft\Windows\Templates\MsCtfMonitor.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\Zol7y\AppData\Roaming\Adobe32 (Trojan.BitMiner) -> Delete on reboot.

Files Detected: 38
C:\Users\Zol7y\AppData\Local\Temp\65190.exe (Heuristics.Shuriken) -> Delete on reboot.
C:\Users\Zol7y\AppData\Local\Temp\panmap.exe (Heuristics.Shuriken) -> Delete on reboot.
C:\Users\Zol7y\AppData\Local\Temp\keerxjnir.exe (PUP.BitMiner) -> Delete on reboot.
C:\Users\Zol7y\AppData\Local\Temp\hnjotyqju.exe (PUP.BitMiner) -> Delete on reboot.
C:\Program Files (x86)\Ubisoft\Assassin's Creed II\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JM3T74OS\ccpm[1].exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\Zol7y\Downloads\Programs\SRS_Audio_Sandbox_64_downloader.exe (PUP.MediaFinder) -> Quarantined and deleted successfully.
D:\Assassins.Creed.2.Multi.9.CloneDVD.PC.DVD\skidrow\Assassins_Creed_II-crack-SKIDROW-OsOsy\SKIDROW\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
E:\PROGS\AVS Video Converter 8.0.4.495\avs4you.all.products.activator.2011.(v1.1)-mpt.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
E:\PROGS\DFX Audio Enhancer 9.304\DFX Audio Enhancer 9.304\Keygen\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
E:\PROGS\DFX Audio Enhancer 9.304\Keygen DFX Audio Enhancer\Keygen\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
E:\PROGS\Internet Download Manager v6.10 build 2\New Patch IDM\PATCH a.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
E:\PROGS\Internet Download Manager v6.10 build 2\New.pa.myegy.com\ \ \SnDk&p.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
E:\PROGS\Internet Download Manager v6.10 build 2\New.pa.myegy.com\ \ \Patch .xx 2.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
E:\PROGS\Internet Download Manager v6.10 build 2\New.pa.myegy.com\ \ \Patch 6.xx.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Local\Temp\Winlogon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Zol7y\Templates\MsCtfMonitor.exe (Backdoor.Agent.DC) -> Delete on reboot.
C:\Users\Zol7y\AppData\Roaming\Adobe32\miner.php (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\API.class (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\bat.bat (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\diablo120823.cl (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\diakgcn120823.cl (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\example.conf (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\invis.vbs (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\libblkmaker-0.1-0.dll (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\libblkmaker_jansson-0.1-0.dll (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\libcurl-4.dll (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\libjansson-4.dll (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\libusb-1.0.dll (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\pdcurses.dll (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\phatk120823.cl (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\poclbm120823.cl (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\pthreadGC2.dll (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\scrypt120823.cl (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\svchost.exe (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Adobe32\zlib1.dll (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\Zol7y\AppData\Roaming\Microsoft\Windows\Templates\MsCtfMonitor.exe (Trojan.Agent) -> Delete on reboot.

(end)
Expand your moderator at work
lilhurricane

lilhurricane

Numquam oblita

Re: my labtop has been hijacked :(

OTL Extras logfile created on: 12/5/2012 7:04:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zol7y\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 0.38 Gb Available Physical Memory | 12.53% Memory free
5.99 Gb Paging File | 0.86 Gb Available in Paging File | 14.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 151.56 Gb Total Space | 14.41 Gb Free Space | 9.51% Space Free | Partition Type: NTFS
Drive D: | 63.48 Gb Total Space | 4.72 Gb Free Space | 7.43% Space Free | Partition Type: NTFS
Drive E: | 69.79 Gb Total Space | 5.39 Gb Free Space | 7.72% Space Free | Partition Type: NTFS
Drive F: | 13.06 Gb Total Space | 0.10 Gb Free Space | 0.77% Space Free | Partition Type: NTFS

Computer Name: ZOL7Y-PC | User Name: Zol7y | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UACDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Zol7y\AppData\Local\Temp\4STXSJGIO3.exe" = C:\Users\Zol7y\AppData\Local\Temp\4STXSJGIO3.exe:*:Enabled:Windows Messanger -- (Microsoft Corporation)
"C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe" = C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe:*:Enabled:Windows Messanger -- (Microsoft Corporation)
"C:\Users\Zol7y\AppData\Local\Temp\4STXSJGIO3.exe" = C:\Users\Zol7y\AppData\Local\Temp\4STXSJGIO3.exe:*:Enabled:Windows Messanger -- (Microsoft Corporation)
"C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe" = C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe:*:Enabled:Windows Messanger -- (Microsoft Corporation)

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2261024C-BCB5-4A72-86C3-7127E4117C70}" = lport=1317 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{2BD07620-9B59-4BEE-AC63-44E9E71277F1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2BD92B64-D276-4CF5-918B-C269423FA1BB}" = lport=68 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{3D688077-1C56-4E1F-B68B-8B9196F6FB14}" = lport=2987 | protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"{42CEB35A-30B3-4B53-B134-6BAAEADF1A93}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4B4924D6-EC16-4F47-8D45-1BE6197E3E60}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6F65A85C-8027-4778-B66F-F8C1C3B89F38}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{700E6ADD-E1CE-4DB9-8D31-2904CF799748}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{736A4531-79F2-4DA0-8B92-00CAC0807272}" = rport=2869 | protocol=6 | dir=out | app=system |
"{83E59C55-10CF-49DD-9796-0CD171857EB9}" = lport=1303 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{92A323D8-6F4A-4C00-88D2-A685AF0DD1C8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{990EFA3A-1808-4095-A20D-DC499915CC9F}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{D3B73B3E-00F6-4F79-99B9-466FA0E312C9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D9FD5EC3-82C4-4457-952E-62134FFB4172}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{DA409BE2-3FF2-4682-B10B-BE28D25EC11A}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01EBAC2A-ED4D-4AD2-9615-831803625D98}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\playmaxpayne3.exe |
"{022B444D-1116-4DF0-9FB5-10128ABC77B5}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{03B20B31-44D4-468D-ACBC-7C28D9EB9BC3}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{071A28B3-6556-48F3-A350-9B6638EAD892}" = protocol=6 | dir=in | app=c:\need for speed most wanted - criterion\nfs13.exe |
"{0E90E482-663E-42C2-9541-DEEF4403A986}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0F0A06E6-9BB9-443F-A886-1BCB5F361D77}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{10C4001E-007A-4596-8651-48D30BE303B7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{1192D2A8-1769-484D-B337-1C275F6EC627}" = dir=in | app=c:\programdata\hi\hiplayer\playerwebinstaller_hi.exe |
"{11B1308B-6CF4-4CE3-BB12-0CC8AB2C3317}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{160F8EF7-B96D-4B08-96C1-F4165111B864}" = protocol=6 | dir=in | app=c:\cherrydegames\dragon nest\dragonnest.exe |
"{164F9BAE-4BE4-4711-AA48-DB7FEF1764FC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{195882FC-EBDC-437F-9854-7440A1D7B373}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1981D31F-5773-4186-A6A0-A219CAF0745B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2B72251C-FB63-4CFC-BD66-69BD4A3F5773}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2C63D1D0-962E-4766-B7CD-E835A873329D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{353438DA-8DDE-4A71-B25F-0D573CFF2222}" = dir=out | app=c:\windows\system32\svchost.exe |
"{36037F45-9367-424A-8F9A-2BDF868E63CF}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{3773AD12-2FFC-4BFA-8983-D6B6DB129883}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{3BAA8D3C-29F7-435E-B790-482EF56ECD57}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3E2E77F5-3841-4A0D-9C4F-A39BDB73E23B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{42A4FE1E-F74F-4622-B0A1-C1AC0F827A4E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{45F28034-EECC-47D2-B23E-FC1565ED5731}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{51B890DB-5DD2-44AE-83A6-E868BE48F0C6}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{5415C636-6C9D-4C02-90EF-AA85CED6A404}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{54238F76-1079-482C-9DCA-218EB37EEDC5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{57E54EAA-1205-4CB0-B917-297A1DC8693F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{58FF3396-6AD1-4C9F-80CC-50C7080DF154}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{599A906F-1A38-4B39-91FD-542FD0AA4F6D}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{59A57DEE-2429-4D87-A7BF-6F723289B800}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{5B394935-604B-418F-8B17-C6A2ED208660}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{5EBC76BE-95B3-4426-91F5-1954FD5D8529}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5ED63A10-FF4A-4F2C-9AEE-5A634D51E794}" = protocol=17 | dir=in | app=c:\program files (x86)\hi\hiplayer\1.18.0.44\baidusetupax_0.exe |
"{6146AF1B-5E51-4173-8B64-523F01510298}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{62B5F02B-EE6E-4173-BB78-D760B2E761A1}" = protocol=6 | dir=in | app=j:\need for speed most wanted - criterion\nfs13.exe |
"{6467FF55-9A3E-477E-BFD8-4C73913AD6C6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{66B78B25-5BE1-4480-9D04-83C8B404176D}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{677ED00A-28C3-4C6F-8CFB-91AE0AC57E20}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{691C0257-0966-472E-B76A-DE2EC5AE82AA}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{6AA9B192-9411-435A-8341-5F4D89FB6571}" = protocol=6 | dir=in | app=c:\program files (x86)\hi\hiplayer\1.18.0.44\baidusetupax_0.exe |
"{6C938BC7-F24D-43D3-BC14-ECE20031C1F9}" = protocol=17 | dir=in | app=c:\cherrydegames\dragon nest\dragonnest.exe |
"{6D76BF59-67FF-49F8-8870-1E71785ACBCB}" = dir=in | app=c:\programdata\hi\hiplayer\hiupdate.exe |
"{6D9F1279-349C-4B9C-8E82-EDF6EC746ED0}" = dir=in | app=c:\program files (x86)\hi\hiplayer\1.18.0.44\statreport.exe |
"{77BF7700-3356-4BCB-BFDB-F7E985B91CEC}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{78808460-1F6F-4E60-9CCF-380095700A48}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{7E902D4D-D7D5-4236-8672-D02107EFA487}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\playmaxpayne3.exe |
"{85C0541B-45AB-4885-874E-3BF281D704ED}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{88A066FF-185F-46FE-B3EC-F349C51754FE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{8B54BEF4-A2C2-4A48-9AE1-6B4F34B81CD3}" = dir=in | app=c:\users\zol7y\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{8BC955AE-FC6C-4C82-A979-9BA79304F53E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8F10373A-7D1D-4797-993E-B4284EC75EB0}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{8FA2759A-F5B8-46E4-AB0F-45DFE42FC2CB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{929B8D58-F6DA-4409-8CBC-02A1E0BB6684}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{98EF5134-A628-4872-AB19-627660DBFF60}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{9A5FFEDE-A89F-4998-9978-40EBD209DDB8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{9CCE7725-B726-47C6-AA7B-37B400956B78}" = protocol=6 | dir=in | app=c:\program files (x86)\fiddler2\fiddler.exe |
"{9E1886BC-457F-4513-9B44-D941145CECA0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9EEDAC1F-51C0-4A83-9B26-F715F3F19390}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\live tv\qpservice.exe |
"{9F4FEA65-8DD6-4038-AEC9-912753F558EF}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{A0D6DFE9-259F-499A-A49A-33BBDEDE3ACF}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{A79B363B-B74C-461C-B057-6E7AB751626B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{AE3CD933-5C01-40D7-8539-AF5FA721FD44}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{B0290A47-7EE4-4A72-B339-1D47DA924917}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B06F1158-2D39-4F52-AFA6-331A39D2E646}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{B7797D09-20D5-483F-90CF-CC1C52407280}" = dir=in | app=c:\program files (x86)\hi\hiplayer\1.18.0.44\hip2pservice.exe |
"{B9916BFF-F02E-47D2-B0A5-D31A9698D2D7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C0B9BCF9-DC8E-49CD-ACCC-F5704F1D02D7}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\live tv\qp.exe |
"{C433D0CD-80F5-48B9-98E8-139677130821}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C537C23E-C50A-4CD1-AC7F-F530C63EA993}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D3813448-8A76-4891-A091-7AC772B073D6}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{D63BB1E6-CFC2-4DF4-9939-DF5E1991DF48}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D7C7631D-EEBB-44B8-856C-C905B4A4386B}" = protocol=17 | dir=in | app=j:\need for speed most wanted - criterion\nfs13.exe |
"{DB57E2CB-5F06-4244-9E0C-FFAC05F97CB0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{DC50252E-8886-4E5C-87C3-C5F8E348E356}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{E23FC593-CDEE-433E-86D9-CC51067E0E5D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{E5EF8D65-9ADF-49B1-B254-E9AB78BED76A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{ECE8D6BE-1B80-4CB9-910B-8F4D9481635F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{EEE1B8D5-BD55-4A05-B6C2-05B9FE6B9C59}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{F2AE8073-B225-4E79-B6B5-1205E3EDE474}" = dir=in | app=c:\program files (x86)\hi\hiplayer\1.18.0.44\hiplayer.exe |
"{FA6E81A9-EF7A-4223-942C-B70B8C4DBC85}" = protocol=17 | dir=in | app=c:\need for speed most wanted - criterion\nfs13.exe |
"{FB0ED7CA-FB8E-48B5-809D-465FB29A1A29}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{FFBE7EE2-ADE8-485D-A6AA-BD12F342BBC2}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"TCP Query User{01D9795F-8C42-4A61-9ECC-ACE24FD382AE}C:\program files (x86)\r.g. mechanics\call of duty black ops 2\t6sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\r.g. mechanics\call of duty black ops 2\t6sp.exe |
"TCP Query User{1353D98D-F662-49DC-ADE9-E9DF7CDAA0FE}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"TCP Query User{2E139E10-D8C0-4B99-9E56-78EC4D34514B}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{5E0FB4BE-82DA-4A4E-9BB4-0F9DF85C7F0C}J:\need for speed most wanted - criterion\nfs13.exe" = protocol=6 | dir=in | app=j:\need for speed most wanted - criterion\nfs13.exe |
"TCP Query User{7A8FEA99-0108-407A-A555-97AD0C547DF2}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"TCP Query User{8E3D7570-556C-421C-AA60-217E7C1E0CA0}C:\westwood\ra2\game.exe" = protocol=6 | dir=in | app=c:\westwood\ra2\game.exe |
"TCP Query User{A2F091C5-663E-448F-863B-C4DADA476540}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"TCP Query User{C0AB5CBD-8BEB-489B-BC12-835C722AF479}C:\assassinscreedbrotherhood\acbsp.exe" = protocol=6 | dir=in | app=c:\assassinscreedbrotherhood\acbsp.exe |
"TCP Query User{FB07933A-DACB-4B93-84EA-8F4A49420A00}C:\need for speed most wanted - criterion\nfs13.exe" = protocol=6 | dir=in | app=c:\need for speed most wanted - criterion\nfs13.exe |
"TCP Query User{FD00D168-CABF-4D42-BB6D-AEFA166C2C8E}C:\assassinscreedbrotherhood\acbsp.exe" = protocol=6 | dir=in | app=c:\assassinscreedbrotherhood\acbsp.exe |
"UDP Query User{19A537F5-6A5D-4E38-A2D3-B046F257CFCE}C:\assassinscreedbrotherhood\acbsp.exe" = protocol=17 | dir=in | app=c:\assassinscreedbrotherhood\acbsp.exe |
"UDP Query User{22BD04DC-B42E-4E20-B8C7-E615914BD752}J:\need for speed most wanted - criterion\nfs13.exe" = protocol=17 | dir=in | app=j:\need for speed most wanted - criterion\nfs13.exe |
"UDP Query User{418EC8CB-EEBB-4123-AAF2-C2C50900BEA7}C:\need for speed most wanted - criterion\nfs13.exe" = protocol=17 | dir=in | app=c:\need for speed most wanted - criterion\nfs13.exe |
"UDP Query User{78DBC075-CFA6-4B38-BC1F-B96CB9EA5154}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"UDP Query User{7ED8471A-B4CF-4BB6-9D45-DD26ACB9365C}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{9C8825F5-2002-46F0-A03A-5B64252C57EF}C:\assassinscreedbrotherhood\acbsp.exe" = protocol=17 | dir=in | app=c:\assassinscreedbrotherhood\acbsp.exe |
"UDP Query User{ACB6E9DF-ADED-4446-8078-BBE99C2799FC}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{CB630275-B35C-4095-A0C3-4C3627C47C0E}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"UDP Query User{E735B027-77AC-4290-8BF8-6E4D7F82FE51}C:\program files (x86)\r.g. mechanics\call of duty black ops 2\t6sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\r.g. mechanics\call of duty black ops 2\t6sp.exe |
"UDP Query User{E924563B-32C3-41C2-A1E1-01FD8010FD05}C:\westwood\ra2\game.exe" = protocol=17 | dir=in | app=c:\westwood\ra2\game.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1111706F-666A-4037-7777-210648764D10}" = JavaFX 2.1.0 (64-bit)
"{16AD84C0-E7A0-F64D-D55A-15D274C4439A}" = ccc-utility64
"{2222706F-666A-4037-7777-210648764D10}" = JavaFX 2.1.0 SDK (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0170040}" = Java SE Development Kit 7 Update 4 (64-bit)
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{83715090-142B-D305-36EC-7538A007D336}" = ATI Catalyst Install Manager
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}" = HP 3D DriveGuard
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}" = Validity Sensors software
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"{F74D69E5-ECFD-45D1-A87A-341208ADD7CC}" = DigitalPersona Personal 4.11
"Connectify" = Connectify Hotspot
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{27B0C2FD-9739-8D7D-6552-307C786D9097}" = Catalyst Control Center InstallProxy
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{38022B5C-0C69-389F-DA48-B87480B5705A}" = CCC Help Turkish
"{3BBBF379-6C7E-0985-18F6-6C60D6C36EC6}" = CCC Help Portuguese
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B2F56AC-C043-C84F-3EF1-E6D6F21E934F}" = Catalyst Control Center Graphics Full Existing
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4F2C2E34-5A3E-0E70-BDFC-A5B1E3C2FFAC}" = Catalyst Control Center Graphics Light
"{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}" = HP Support Assistant
"{532715CE-CFD6-E4F8-53C3-2F1DE31C04DA}" = CCC Help Hungarian
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{558CC8A3-F1A2-9C31-7B90-F61E476B8622}" = CCC Help Dutch
"{5B295588-59C1-4386-9F85-BB4BEDCB0D22}" = HP Customer Experience Enhancements
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5D76ABD5-262B-6D65-6C13-F38175C7A5AF}" = CCC Help Korean
"{5D92E608-E454-0C8C-D577-7F7C06151117}" = CCC Help Greek
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79EECA21-CDFA-6012-5E8B-6CF2623D647A}" = Catalyst Control Center Graphics Full New
"{7BE6BC10-6737-CD9D-8363-F919B8D6D917}" = Catalyst Control Center Core Implementation
"{80FBA7A7-ABD1-4910-A916-023075C45593}" = CCC Help Danish
"{82A213BD-B6AA-4281-A2D3-59D51893CC56}" = HP MediaSmart Software Notebook Demo
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8797DE34-22BC-CA33-6B67-A0CC2765B545}" = CCC Help German
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89D1C17B-90DE-650A-073A-A7FA7BC6ECE5}" = CCC Help French
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8C664716-FD23-9902-A29E-863D056F46FC}" = CCC Help Russian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F36B221-F483-B7CE-4DDA-7BDA4D81E306}" = CCC Help English
"{8FB16749-1235-D027-AF25-1D22A9FEC0D5}" = CCC Help Thai
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91A3A4DE-656A-5C7A-5B61-75FB6D167A6A}" = CCC Help Polish
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EDB805A-E11C-8842-2393-FDFDA17963AC}" = CCC Help Chinese Traditional
"{A16D1BBD-BE86-0183-4152-2E85FECC31F7}" = CCC Help Finnish
"{A19856E3-C9D7-988E-5B8C-70C87342B8DD}" = Catalyst Control Center Localization All
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AD777154-A573-4FCA-C730-D7C33437262C}" = CCC Help Czech
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154
"{B66D2CC9-652D-EBE5-497F-74BBC1029FB4}" = CCC Help Japanese
"{B6A4D07E-725F-07CD-DE49-8AB76939631D}" = CCC Help Norwegian
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BF930A5D-4F36-5158-C8DA-DECD5B51A78E}" = CCC Help Chinese Standard
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6FCE95C-0072-40C0-9AB2-3EF88DA6CED9}" = Catalyst Control Center Graphics Previews Common
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DF166A93-835F-DF13-E974-FD73E8D7F4F6}" = CCC Help Swedish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E09F7D2B-C1C1-D80B-7775-6FFE9D713C60}" = CCC Help Spanish
"{E26EEBF8-3A50-8095-5877-AE243C8852EF}" = Catalyst Control Center Graphics Previews Vista
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{EC8049FF-B0E3-A963-408C-1B1D8F20DD55}" = CCC Help Italian
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FD1D88FA-E5E0-BA76-73C8-7362E9703842}" = ccc-core-static
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Call of Duty Black Ops 2_R.G. Mechanics_is1" = Call of Duty Black Ops 2
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.33.1005
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HotspotShield" = Hotspot Shield 2.78
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"Internet Download Manager" = Internet Download Manager
"JCreator LE_is1" = JCreator LE 5.00 Trial
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"MP3 Cutter_is1" = MP3 Cutter 1.1.1
"NetCutDefender_is1" = NetCutDefender 2.1.5
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"Red Alert 2" = Command & Conquer Red Alert 2
"RocketDock_is1" = RocketDock 1.3.5
"Rockstar Games Social Club" = Rockstar Games Social Club
"TeamViewer 7" = TeamViewer 7
"uTorrent" = µTorrent
"WildTangent hp Master Uninstall" = HP Games
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WOLAPI" = Westwood Shared Internet Components

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 11/22/2012 11:18:00 PM | Computer Name = Zol7y-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1186

Error - 11/22/2012 11:18:00 PM | Computer Name = Zol7y-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1186

Error - 11/22/2012 11:18:02 PM | Computer Name = Zol7y-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/22/2012 11:18:02 PM | Computer Name = Zol7y-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2387

Error - 11/22/2012 11:18:02 PM | Computer Name = Zol7y-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2387

Error - 11/23/2012 8:56:06 AM | Computer Name = Zol7y-PC | Source = Google Update | ID = 20
Description =

Error - 11/23/2012 9:15:46 AM | Computer Name = Zol7y-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 11/23/2012 9:36:06 PM | Computer Name = Zol7y-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d672ee4 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x0000000000028359
Faulting
process id: 0x1454 Faulting application start time: 0x01cdc7873f37b6f4 Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 4ff9ff98-35d7-11e2-9f4a-00247eed1834

Error - 11/23/2012 10:28:50 PM | Computer Name = Zol7y-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 11/24/2012 2:20:16 AM | Computer Name = Zol7y-PC | Source = Google Update | ID = 20
Description =

[ DigitalPersona Pro Events ]
Error - 4/22/2012 6:45:27 PM | Computer Name = Zol7y-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 5/29/2012 11:53:45 PM | Computer Name = Zol7y-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 5/29/2012 11:53:47 PM | Computer Name = Zol7y-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 5/29/2012 11:53:49 PM | Computer Name = Zol7y-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 5/29/2012 11:53:58 PM | Computer Name = Zol7y-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 5/30/2012 12:06:39 AM | Computer Name = Zol7y-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 5/30/2012 12:06:43 AM | Computer Name = Zol7y-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 5/30/2012 12:10:33 AM | Computer Name = Zol7y-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 5/30/2012 5:40:48 PM | Computer Name = Zol7y-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

[ Hewlett-Packard Events ]
Error - 4/10/2012 3:28:03 PM | Computer Name = Zol7y-PC | Source = Hewlett-Packard | ID = 0
Description = en-GB Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)

Error - 4/10/2012 3:28:52 PM | Computer Name = Zol7y-PC | Source = Hewlett-Packard | ID = 0
Description =

Error - 9/25/2012 11:48:32 AM | Computer Name = Zol7y-PC | Source = Hewlett-Packard | ID = 0
Description = en-GB Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)

Error - 10/16/2012 3:40:50 PM | Computer Name = Zol7y-PC | Source = Hewlett-Packard | ID = 0
Description = en-GB Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)

[ OSession Events ]
Error - 6/8/2012 11:33:46 PM | Computer Name = Zol7y-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 25027 seconds with 600 seconds of active time. This session ended with a
crash.

[ System Events ]
Error - 12/3/2012 8:12:34 AM | Computer Name = Zol7y-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 12/3/2012 11:00:18 PM | Computer Name = Zol7y-PC | Source = Service Control Manager | ID = 7031
Description = The Hotspot Shield Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 0 milliseconds:
Restart the service.

Error - 12/3/2012 11:00:18 PM | Computer Name = Zol7y-PC | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Hotspot Shield Service service,
but this action failed with the following error: %%1058

Error - 12/3/2012 11:01:32 PM | Computer Name = Zol7y-PC | Source = Service Control Manager | ID = 7030
Description = The Hotspot Shield Service service is marked as an interactive service.
However, the system is configured to not allow interactive services. This service
may not function properly.

Error - 12/3/2012 11:01:38 PM | Computer Name = Zol7y-PC | Source = Service Control Manager | ID = 7034
Description = The Hotspot Shield Routing Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 12/4/2012 10:55:38 AM | Computer Name = Zol7y-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 12/4/2012 6:08:55 PM | Computer Name = Zol7y-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 12/5/2012 12:44:00 AM | Computer Name = Zol7y-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 12/5/2012 10:29:54 AM | Computer Name = Zol7y-PC | Source = DCOM | ID = 10010
Description =

Error - 12/5/2012 11:29:29 AM | Computer Name = Zol7y-PC | Source = Service Control Manager | ID = 7034
Description = The Arp Intelligent Protection Service service terminated unexpectedly.
It has done this 1 time(s).
lilhurricane

lilhurricane

Numquam oblita

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 [color=red](UAC is disabled!)[/color]
Internet Explorer 9
[u]``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
[u]`````````Anti-malware/Other Utilities Check:`````````[/u]
Malwarebytes Anti-Malware version 1.65.1.1000
Java(TM) 6 Update 31
Java 7 Update 9
Adobe Reader 10.1.4 [color=red]Adobe Reader out of Date![/color]
Google Chrome 21.0.1180.75
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome plugins...
[u]````````Process Check: objlist.exe by Laurent````````[/u]
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
NetCutDefender services AIPS.exe
[u]`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 5%
[u]````````````````````End of Log``````````````````````[/u]




ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=1daba2b94d229a4ea34a0c9da05b6cc9
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-12-05 07:56:58
# local_time=2012-12-05 09:56:58 (+0200, Egypt Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 62800 106367268 0 0
# scanned=239449
# found=13
# cleaned=12
# scan_time=6891
C:\Max Payne 3\Max.Payne.3.CrackOnly-RLD-btarena\gsrld.dll a variant of Win32/Packed.VMProtect.AAH trojan (cleaned by deleting - quarantined) 886E36C6F04F391E2E90A05F73C8EC05E0A61A3E C
C:\Users\Zol7y\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UETWLLYF\1c3b34gc[1].exe a variant of MSIL/Kryptik.GY trojan (cleaned by deleting - quarantined) 5FF570EA11BC2AB07C722E007BE0AAB1C778A5E6 C
C:\Users\Zol7y\AppData\Local\Temp\65190.exe a variant of MSIL/Injector.AUS trojan (cleaned by deleting - quarantined) 1475A098BEAC13F643640A8E9DD33878C33D74CD C
C:\Users\Zol7y\AppData\Local\Temp\80403.exe a variant of MSIL/Kryptik.GY trojan (cleaned by deleting - quarantined) 5FF570EA11BC2AB07C722E007BE0AAB1C778A5E6 C
C:\Users\Zol7y\AppData\Local\Temp\panmap.exe a variant of MSIL/Injector.AUS trojan (cleaned by deleting - quarantined) 1475A098BEAC13F643640A8E9DD33878C33D74CD C
C:\Users\Zol7y\AppData\Local\Temp\rtscom.exe a variant of MSIL/Kryptik.GY trojan (cleaned by deleting (after the next restart) - quarantined) E4804BF3229B1B7B04BAE1B967414584940AA934 C
C:\Users\Zol7y\AppData\Roaming\IDM\DwnlData\Zol7y\www1clickdownloader_com_157\www1clickdownloader_com Win32/Adware.1ClickDownload.C application (cleaned by deleting - quarantined) B481F402BB237D8AC83EEACF74327D11DB35A92D C
C:\Users\Zol7y\AppData\Roaming\Microsoft\Windows\Templates\MsCtfMonitor.exe MSIL/Agent.NUQ trojan (cleaned by deleting - quarantined) 52DBDE13A68BF47C3DB777F2F8AC2023DCBCF8E7 C
C:\Users\Zol7y\Downloads\Call of Duty Black Ops 2 Repack\setup.exe a variant of MSIL/Kryptik.GX trojan (cleaned by deleting - quarantined) 41BB2E7DF44275263B3E1942251C1499D3B7DCD7 C
C:\Users\Zol7y\Downloads\Programs\Afreecodec_downloader_For_Microsoft_Office_Outlook_2007.exe a variant of Win32/BSDownloader application (cleaned by deleting - quarantined) A927389E550EA620464848270DA94282FC474A33 C
E:\PROGS\Media Player Codec Pack 4.0.1\media.player.codec.pack.v4.0.1.setup.exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 9D64944DFFE900E122471CA4D795EF18A72B8226 C
E:\PROGS\Nero_9.4.12.3_Free\Nero-9.4.12.3_free.exe Win32/Toolbar.AskSBar application (cleaned by deleting - quarantined) 808D325AF468EC98A52342496BFD0A9062A446B9 C
${Memory} Win32/Ainslot.AA worm 0000000000000000000000000000000000000000 I

LoPhatPhuud
MVM
join:2002-01-06
Albuquerque, NM

1 recommendation

LoPhatPhuud to Zalah

MVM

to Zalah
The only reocmendation I will give is reformat and start over. Your computer has been corrupted by downloading pirated copies of software.

There is no way to determine how badly the operating system has been affected, leaving no choice but flatten and repave.