Cannot get rid of SelectionLinks Malware

[yehonatans]

Hi, i read this thread:
http://malwaretips.com/blogs/remove-selectionlinks-ads/
And did what it said, all my antivirus is up to date.
My Spybot reported that it solved 2 out of 8 SelectionLinks problems and told me to restart to get rid of the rest, 2 restarts later, spybot still cannot find any problem.

Anyway, I am hoping you can help me.

Thank you.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2
Run by owner at 22:21:32 on 2013-05-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1037.18.4079.2301 [GMT 3:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
D:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\vsnp2std.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
D:\Program Files (x86)\steam\Steam.exe
D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
D:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\CleanMem\Mini_Monitor.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
c:\program files (x86)\avira\antivir desktop\avscan.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\CCleaner\CCleaner64.exe
D:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\explorer.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.il/
uProxyOverride = 127.0.0.1:9421;*.local
mWinlogon: Userinit = userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: SelectionLinks: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [Steam] "D:\Program Files (x86)\steam\steam.exe" -silent
uRun: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - D:\Program Files\Logitech\SetPoint\SetPoint.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - C:\Users\owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - <orphaned>
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{3267CDE9-0AFF-4F78-9B40-998F67A56B08} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{3267CDE9-0AFF-4F78-9B40-998F67A56B08}\A41636F62637 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{3267CDE9-0AFF-4F78-9B40-998F67A56B08}\C6F6E67686F627E637 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{89D6E89B-E882-4251-B8D4-830B933164DF} : DHCPNameServer = 10.0.0.138
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: igfxcui - <no file>
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [snp2std] C:\Windows\vsnp2std.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat"
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - <orphaned>
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w8cv86h.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Privitize VPN
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\owner\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\owner\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
FF - plugin: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
FF - ExtSQL: 2013-04-28 12:42; {7AC261D0-B949-47CA-B9E8-477013A15A6E}; C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w8cv86h.default\extensions\{7AC261D0-B949-47CA-B9E8-477013A15A6E}
.
============= SERVICES / DRIVERS ===============
.
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2011-10-27 21104]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-3-30 28600]
R2 AcuWVSSchedulerv8;Acunetix WVS Scheduler v8;D:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [2012-6-30 1009840]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-10-16 86752]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-10-16 110816]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-3-30 100712]
R3 athur;Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2012-12-3 1847296]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-7 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-10-27 412264]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-1-11 34304]
S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-2-22 28160]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\System32\drivers\netr7364.sys [2011-10-5 729152]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-8 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-8 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-8 30208]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-05-07 18:57:19 -------- d-----w- C:\ProgramData\RegCure
2013-05-07 18:29:52 -------- d-----w- C:\ProgramData\HitmanPro
2013-05-07 18:28:44 -------- d-----w- C:\Users\owner\AppData\Roaming\Malwarebytes
2013-05-07 18:28:31 -------- d-----w- C:\ProgramData\Malwarebytes
2013-05-07 18:28:30 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-05-07 18:28:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-07 12:04:43 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{628FFB0B-FDA3-497F-90D1-816378F2D1F2}\mpengine.dll
2013-05-07 11:54:25 83160 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
2013-04-26 09:47:01 -------- d-----w- C:\Users\owner\AppData\Roaming\LOVE
2013-04-25 12:40:52 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-18 19:16:46 563488 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-04-18 19:01:42 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-10 16:49:58 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-10 16:49:56 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 16:49:56 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 16:49:55 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-10 16:49:55 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-10 16:49:55 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-10 16:49:55 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-10 16:49:55 112640 ----a-w- C:\Windows\System32\smss.exe
.
==================== Find3M ====================
.
2013-05-01 23:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-19 02:46:06 6488352 ----a-w- C:\Windows\System32\nvcpl.dll
2013-04-19 02:46:06 3511072 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-04-19 02:46:01 884512 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-04-19 02:46:01 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-04-19 02:46:01 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-04-19 02:46:01 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-04-17 17:30:28 3122645 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-04-05 13:34:57 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-04-05 13:34:49 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-04-05 13:34:49 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-04-05 13:33:00 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2013-03-30 19:29:25 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2013-03-30 19:29:25 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2013-03-15 11:28:44 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-03-15 11:28:44 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-03-15 05:53:06 1807136 ----a-w- C:\Windows\System32\nvdispco6431422.dll
2013-03-15 05:53:06 1510176 ----a-w- C:\Windows\System32\nvdispgenco6431422.dll
2013-03-14 11:43:34 1807136 ----a-w- C:\Windows\System32\nvdispco6431421.dll
2013-03-14 11:43:34 1510176 ----a-w- C:\Windows\System32\nvdispgenco6431421.dll
2013-02-25 05:27:52 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-02-25 05:27:45 194848 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll
2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-15 14:44:15 231376 ----a-w- C:\Windows\System32\drivers\truecrypt.sys
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-02-10 03:25:27 1807136 ----a-w- C:\Windows\System32\nvdispco6420294.dll
2013-02-10 03:25:27 1510176 ----a-w- C:\Windows\System32\nvdispgenco6420162.dll
.
============= FINISH: 22:23:38.86 ===============

[Satchfan]

Hello yehonatans and welcome to the Safer Networking Forum.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

• please follow all instructions in the order posted
• please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
• all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
• if you don't understand something, please don't hesitate to ask for clarification before proceeding
• the fixes are specific to your problem and should only be used for this issue on this machine.
• please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

I am looking at your logs now and will reply with instructions shortly.

Satchfan

[Satchfan]

Hello again yehonatans

A couple of things before we start cleaning your computer.

P2P - I see you have P2P software, (uTorrent ), installed on your machine.

We are not here to pass judgment on file-sharing as a concept but we will warn you that engaging in this activity will always make your computer very susceptible to infection and re-infection.

It almost certainly contributed to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are more often than not, infected. Those who write malware use P2P file-sharing as a major vehicle to spread their wares.

Please see this topic for more information:

Perils of P2P File Sharing.

I would strongly recommend that you uninstall it now. You can do so via Control Panel, Programs, and then Programs and Features.

Should you decide to keep it, please don’t use it until we have finished up here.

===================================================

Registry cleaners

I see you are using a “Registry Cleaner”, RegCure. It's not a good idea to use registry cleaners/boosters.

The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results". Unless you have a particular problem that requires a registry edit to correct it, (and you are expert in the registry), I would suggest you leave the registry alone.

I strongly advise you to get rid of RegCure and any other cleaner/optimizer/booster/tuneup/tweak type utilities that you have on this or any other computer.

One of the malware experts, miekiemoes, has an excellent write-up here
Another excellent article by Bill Castner is located here

===================================================

That said, let’s start cleaning up.

Disable Spybot’s TeaTimer and Windows Defender

Spybot’s TeaTimer and Windows Defender can sometimes prevent some things from being fixed.

Please disable TeaTimer and Windows Defender for now: they can be re-activated once your log is clean.

• open Spybot Search & Destroy
• in the Mode menu click "Advanced mode" if not already selected
• choose "Yes" at the Warning prompt
• expand the "Tools" menu
• click "Resident"
• uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box
• in the File menu click "Exit" to exit Spybot Search & Destroy.

To disable Windows Defender:

• open Windows Defender
• click on Tools, General Settings
• scroll down and uncheck Turn on real-time protection (recommended)
• after you uncheck this, click on the Save button and close Windows Defender.

===================================================

Run RogueKiller

IMPORTANT: Please remove any usb or external drives from the computer before you run this scan!

Close all running programs.

Download one of these to your desktop:

for a 32-bt system download this version.
for 64-bit use this one

.

• close all running programs
• for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
• when the pre-scan is finished, click on Scan
• click on Report and copy/paste the content in your next post
• NOTE: DO NOT attempt to remove anything that the scan detects –everything that is reported is not necessarily bad

If the program is blocked, continue to try it several times. If it still doesn’t work, (it could happen), rename it to winlogon.exe.

Please post the contents of the RKreport.txt in your next reply.

Satchfan

[yehonatans]

Thank you for your help.
What is word wrap?

[Satchfan]

Thanks for the log.

What is word wrap?

Word Wrap makes sure that the log is readable by setting it between defined margins and stopping each line becoming endlessly long.

In your case it is already on and OK>

Download and run OTL

• download OTL to your desktop.
• double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• click Scan all users.
• under Custom Scan paste this in
  
  
  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  services.exe
  /md5stop
  %systemroot%\*. /rp /s
  DRIVES
  CREATERESTOREPOINT
• click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won’t take long.
• when the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
• you may need two posts to fit them both in.

===================================================

Run aswMBR

• download aswMBR.exe to your desktop.
• double click the aswMBR.exe to run it
• if asked, accept the AVAST virus definition download
• click the "Scan" button to start scan
• on completion of the scan click Save log, save it to your desktop and post in your next reply. Note - do NOT attempt any Fix yet.

Logs to include with next post:

OTL.txt
Extras.txt
aswMBR log

Please do not attach them: copy/paste them into the post.

Thanks

Satchfan

[yehonatans]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-08 20:32:56
-----------------------------
20:32:56.943 OS Version: Windows x64 6.1.7601 Service Pack 1
20:32:56.943 Number of processors: 4 586 0x2A07
20:32:56.944 ComputerName: YEHONATANST-PC UserName: owner
20:32:58.253 Initialize success
20:33:06.198 AVAST engine defs: 13050800
20:33:14.117 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:33:14.118 Disk 0 Vendor: WDC_WD5000AAKX-001CA0 15.01H15 Size: 476940MB BusType: 3
20:33:14.286 Disk 0 MBR read successfully
20:33:14.287 Disk 0 MBR scan
20:33:14.291 Disk 0 Windows 7 default MBR code
20:33:14.297 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:33:14.310 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 102499 MB offset 206848
20:33:14.332 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 374339 MB offset 210124800
20:33:14.470 Disk 0 scanning C:\Windows\system32\drivers
20:33:27.036 Service scanning
20:33:46.794 Modules scanning
20:33:46.795 Disk 0 trace - called modules:
20:33:46.811 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
20:33:46.813 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800471f060]
20:33:46.814 3 CLASSPNP.SYS[fffff880018d343f] -> nt!IofCallDriver -> [0xfffffa800411bd10]
20:33:46.814 5 ACPI.sys[fffff88000f957a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80044b3060]
20:33:47.953 AVAST engine scan C:\Windows
20:33:52.462 AVAST engine scan C:\Windows\system32
20:36:10.118 AVAST engine scan C:\Windows\system32\drivers
20:36:19.522 AVAST engine scan C:\Users\owner
20:51:58.882 AVAST engine scan C:\ProgramData
20:59:15.076 Scan finished successfully
21:09:26.829 Disk 0 MBR has been saved successfully to "C:\Users\owner\Desktop\MBR.dat"
21:09:26.835 The log file has been saved successfully to "C:\Users\owner\Desktop\aswMBR.txt"

OTL Extras logfile created on: 5/8/2013 7:57:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: ארצות הברית | Language: ENU | Date Format: M/d/yyyy

3.98 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 58.76% Memory free
7.97 Gb Paging File | 4.97 Gb Available in Paging File | 62.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.10 Gb Total Space | 26.70 Gb Free Space | 26.68% Space Free | Partition Type: NTFS
Drive D: | 365.57 Gb Total Space | 175.91 Gb Free Space | 48.12% Space Free | Partition Type: NTFS
Drive E: | 4.99 Gb Total Space | 1.01 Gb Free Space | 20.31% Space Free | Partition Type: FAT32

Computer Name: YEHONATANST-PC | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Cheat-Defender\Cheat-Defender.exe" = C:\Program Files (x86)\Cheat-Defender\Cheat-Defender.exe:*:Enabled:Cheat-Defender: Anti-Cheat
"C:\Program Files (x86)\Cheat-Defender\Cheat-Defender.exe" = C:\Program Files (x86)\Cheat-Defender\Cheat-Defender.exe:*:Enabled:Cheat-Defender: Anti-Cheat


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{094B3983-AC0B-42E1-A31A-B7E1E921A032}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0AFE94AE-9D1E-426B-9A24-2D86B6ED5BBB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3CC687C4-A14D-4C6A-A382-121E879718F9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3D72FCB8-0793-495E-B588-F57555727FA6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3F973B6E-991E-47EC-969E-02CD41376E94}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{471AA7C2-71E1-443D-A739-47F7FA36BD9A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4E3DD34E-1BB2-4F02-87AD-37EF4AB3956A}" = lport=137 | protocol=17 | dir=in | app=system |
"{612ABE99-6C53-43A2-A29D-892409CB97D2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6C456652-16C8-4245-B8C0-AAEFF238583D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{806274A0-B2CB-4881-B544-169B4389ED27}" = lport=139 | protocol=6 | dir=in | app=system |
"{81058533-343B-42E3-8B9F-6C2A175FB0A2}" = rport=137 | protocol=17 | dir=out | app=system |
"{811D633B-0DF8-4535-AF42-9BD456751E8F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{87F5C463-EB55-420D-9EFE-699C3AB51BD8}" = lport=138 | protocol=17 | dir=in | app=system |
"{9CDE8DB2-BEB1-44BE-AD94-A0D191968B1C}" = lport=445 | protocol=6 | dir=in | app=system |
"{A19EF0E5-91E6-4615-9429-2BE55C25F6BB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{A33B52B3-BE06-4220-B312-269B2F039963}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AABFA6A2-8BCD-486C-B6A1-87FC35B46BEF}" = rport=138 | protocol=17 | dir=out | app=system |
"{B2F19675-6603-4212-88B6-0052C8D0C38D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C4CEB7D8-313F-4DB3-B47F-CA271B24CEF8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D2BC5B9F-4FCA-4730-840E-EE5A9C7F7CA1}" = rport=445 | protocol=6 | dir=out | app=system |
"{EF133D65-CE1F-412A-B1F4-B6BC835E0B99}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EFEAFA21-4C82-4014-975E-A7B5AD2625F9}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00CBBEA6-F284-4BAB-97BB-36558B758DE1}" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\firaxis games\sid meier's civilization 4\warlords\civ4warlords.exe |
"{0212F790-C4DE-49BD-A6B7-D82C6BCC7587}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{07EF7189-2189-4472-A646-F3B7EE2BDDA0}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{09BFBF0C-C07E-40D3-9569-39127BD8DBEC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0B98A312-7D45-4757-BCBC-80504E1C33A3}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{0EBD603A-45C5-4B6C-8B24-416B3CB19E02}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{10AA3080-2FEE-4588-AAB5-45AE09561BEC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1F04DCC3-3CE4-42BA-A3FF-AF6015C7B5E7}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
"{21C01E42-C729-42FE-874D-9C5FFB53CC3D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21F56922-AF5D-494E-B499-1B8F3C7C887A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{24116037-9281-428D-A995-DE4D35AF373B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{253B2344-7F92-4B3B-94AD-D002B5EEDB5C}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{26EDA201-C302-43D6-BE0A-28C5D0BAF75F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{277BF56B-3295-471A-BCEE-486BD540174B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2C44A955-62F0-45B7-BFA3-817BA4BAF076}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2EC55810-F2CE-460D-8C1B-96459E09906E}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\tropico 4\tropico4.exe |
"{335103F2-813F-4D6A-9F79-CE471E22B144}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{37E05528-C36B-414A-B953-89B9A46FCFC5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{37F1F95E-6458-4923-BCBB-9BD51D8027B6}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{3DE0047D-0241-4146-A929-A8615AB0A9F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DF5B150-D092-4FCA-831A-4A5263379CD4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{45387353-B15C-48D3-B166-1F9C3F8F563D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4A195E93-C32E-4883-80F7-04982A3A535B}" = dir=in | app=c:\users\owner\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{4AF040B3-342E-4787-8AA7-528EB5D386F8}" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\firaxis games\sid meier's civilization 4\civilization4.exe |
"{4B2E0974-1956-4320-968A-A0410968C16B}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{4CD80FE7-61EE-4DA1-90DB-F7C9ED932068}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
"{4EB7E903-F094-4779-8C61-34B505ABD452}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4EBB3164-97E2-471F-9CAF-FB33CB6B1070}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\power of two test app\start.exe |
"{503C5D9C-84CB-4545-A611-006078BE0846}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{51A7014E-F9F1-472C-B355-C6CFE9DC358E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{539DD6F4-D5FC-4E73-AB8C-5509E01D9B25}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{55701726-936A-4A4A-866A-DBF6BC160633}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{631975F9-615B-4D3F-8DEC-2D7886F91508}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{64D542DD-C2C3-4AD6-8C79-DCCA9B618F3E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{65AF1C55-3EC2-417E-A0D9-257FA3D44A62}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{6C05FD18-BB91-446F-97DF-2D210744E3C1}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
"{6D90CC97-59AF-4996-A399-C49A3F91B78E}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{711618FF-650E-4378-9303-EF25620BFD92}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{74293AC4-5D2F-4083-BB36-174FA191328D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{74B0BFAA-3A38-4021-9216-EF1BA1456A18}" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\firaxis games\sid meier's civilization 4\warlords\civ4warlords.exe |
"{75DB080C-70CE-4F38-8CFD-0494EF064567}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{79D7B217-5236-4C0E-B397-D435BB8A4C47}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{7D182833-8CF3-4424-9CD5-2CA97ADBD961}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{7DB4DCA1-D53F-4EFE-8234-54D67D0A8B0C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{7EB9E28C-B390-49D6-86F9-937003C176E5}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{83E59150-101F-4C58-8EFE-FB9D953CCD5D}" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\firaxis games\sid meier's civilization 4\civilization4.exe |
"{8495B17E-FF2D-46FA-8323-02D6BAE29203}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
"{84B7B376-B641-47E8-8FEA-026D6366BFA9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{8B71F08F-7D32-49B6-9E02-864981D1A130}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\power of two test app\start.exe |
"{8DA0CE55-B86C-4560-B970-943C0ABEA29C}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{92D09F94-72CD-4570-B8F0-64E071EE3B14}" = protocol=17 | dir=in | app=d:\origin games\battlefield 3\bf3.exe |
"{953F4703-6139-4A07-A912-21C8BEF63BD2}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{95C7176B-ACCE-4ED1-8163-2FC10DE4DB7D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9608E8EE-77DA-4BE4-BD64-CDEE2E196F14}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{98100A95-EA3E-4AB0-9380-ABAC2FABBF37}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{9D5D45A0-32A0-42FC-BE93-E1B9335F5403}" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\firaxis games\sid meier's civilization 4\warlords\civ4warlords_pitboss.exe |
"{9F2B766E-CD82-47B5-84C8-99AF8EEF27FF}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A9D78906-F3AA-4A6A-BFDA-28753E71A6F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AD694EF6-828D-4FA3-9EF7-31AEFE9AE865}" = protocol=6 | dir=out | app=system |
"{B49BA2D0-0757-4460-A912-E9E6D6F78B82}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\tropico 4\tropico4.exe |
"{BA9FF125-F1AB-4614-8F2C-2425E4A9EB08}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BECE41B0-310F-4761-AC77-E7DAC98BA978}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C3C61AB8-68B7-4910-9201-E23A70F9492D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{C459B455-DB22-48B6-8157-785182B32E67}" = dir=in | app=d:\program files (x86)\itunes\itunes.exe |
"{C7D62F17-BB57-40B5-BC4E-5ED4C717E0F7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{CBE424D1-F742-48C4-A672-094F450836FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CD60342B-74C9-4A64-A1F3-C9908C431FC6}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{CD9AC28C-FD10-4D72-A081-A2DAD2964BF8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CF28FE0E-53C2-4745-962B-BE65DCB0951B}" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\firaxis games\sid meier's civilization 4\warlords\civ4warlords_pitboss.exe |
"{D9977842-BD50-4247-B33D-40C480152D2F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E1A514E8-8768-40FB-A2FF-84F868E572A6}" = protocol=6 | dir=in | app=d:\origin games\battlefield 3\bf3.exe |
"{E57BA0BC-D372-405F-B1C1-0B5479EEE900}" = dir=in | app=c:\program files (x86)\freefileviewer\ffvcheckforupdates.exe |
"{E7F2BFA0-6F15-4AC8-B5E2-E7BCDBD0E9FD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EC87F043-0534-4D08-99BD-5577B5B13950}" = dir=in | app=d:\program files (x86)\microsoft games\microsoft flight\flight.exe |
"{F477B0B3-1488-4227-8101-4C2D03D332B2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F573ECA7-01F7-469F-9095-C609EDAECE55}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{F83DAE9A-5A9E-4B07-90F1-30E741A0059F}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"TCP Query User{2687DB61-3837-4CC2-A1D8-DD64DE4F857D}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{329BB28A-D51D-4513-873C-C2FB26065029}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{390B7210-6374-4F25-A503-EF2717112607}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{48B45DDA-308F-47AB-B70F-8A38FD862B64}D:\program files\muzzy lane software\making history gold\bin\makehist.exe" = protocol=6 | dir=in | app=d:\program files\muzzy lane software\making history gold\bin\makehist.exe |
"TCP Query User{7E05C4E9-C369-4F77-B8A4-865C7F0F6063}D:\program files (x86)\condition zero\hl.exe" = protocol=6 | dir=in | app=d:\program files (x86)\condition zero\hl.exe |
"TCP Query User{7E933383-96AB-440E-B963-689AF00D2EF6}D:\darkcomet\darkcomet.exe" = protocol=6 | dir=in | app=d:\darkcomet\darkcomet.exe |
"TCP Query User{86D4DC1F-E654-4A55-B47E-21B70FC0E65F}C:\program files (x86)\microsoft office\office12\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"TCP Query User{97B78B60-DC09-4684-ADF4-7ADD06979D82}D:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=d:\program files (x86)\bitcoin\bitcoin-qt.exe |
"TCP Query User{9B8A9784-BCFB-4144-B3C4-0635A3751102}C:\program files (x86)\bitcoin\bitcoin.exe.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin.exe.exe |
"TCP Query User{A9CC8B6D-00B9-4D7F-B7FA-3D38F3A38026}D:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=d:\program files (x86)\bitcoin\bitcoin-qt.exe |
"TCP Query User{B7CB6436-2D62-4647-B484-36BFD5720EA3}C:\users\owner\downloads\nw.1.20130225d.1.exe" = protocol=6 | dir=in | app=c:\users\owner\downloads\nw.1.20130225d.1.exe |
"TCP Query User{C54A7EBC-9A26-45C7-916E-7505C65F4FD6}C:\users\owner\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{C7CBC2C0-DD4D-41C7-B521-C68081E183A6}C:\users\owner\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\akamai\netsession_win.exe |
"TCP Query User{C8BADBD3-D36A-4A33-B148-05ACC47407DC}C:\users\owner\downloads\mining_proxy_1.2.0.exe" = protocol=6 | dir=in | app=c:\users\owner\downloads\mining_proxy_1.2.0.exe |
"TCP Query User{D61EA8EC-B8AA-4968-B611-C12D6D860359}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{E91F5DD4-B3CD-41A6-862D-C24AEBBC7410}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{EB3AA562-06F0-4891-8B94-6754B76803FF}C:\users\owner\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\akamai\netsession_win.exe |
"TCP Query User{ECCC578B-662C-4D46-892B-43C7730EEBE7}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{00528B85-6CAF-4241-A82E-CDCB52F47B4F}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{02CF9E43-7D23-4F15-B24E-F428124F0A56}C:\users\owner\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\akamai\netsession_win.exe |
"UDP Query User{0526D660-4DA7-4956-AC00-A2733F92535B}C:\users\owner\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\akamai\netsession_win.exe |
"UDP Query User{08A95BA4-5A37-426C-8174-396660445F3C}C:\program files (x86)\bitcoin\bitcoin.exe.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin.exe.exe |
"UDP Query User{0932C9D9-01D2-4575-AA63-4EA42E96A141}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{15839CA2-538E-4B47-862F-C2037110246C}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{2CFD309A-6598-4C88-8770-B6BE8C59F416}D:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=d:\program files (x86)\bitcoin\bitcoin-qt.exe |
"UDP Query User{3F639829-BE25-4369-A5B5-88B3DA26CB83}D:\program files\muzzy lane software\making history gold\bin\makehist.exe" = protocol=17 | dir=in | app=d:\program files\muzzy lane software\making history gold\bin\makehist.exe |
"UDP Query User{6DAA5AFE-A9E7-4ACE-B03D-1EA085296F0F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{721AD087-E3B2-49A7-95ED-CA82C977956B}C:\users\owner\downloads\mining_proxy_1.2.0.exe" = protocol=17 | dir=in | app=c:\users\owner\downloads\mining_proxy_1.2.0.exe |
"UDP Query User{76D20B8A-F2C6-4B39-A968-8884564EA529}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{7E0D4F7A-BAD3-49C7-AB3E-04701173DBAA}C:\program files (x86)\microsoft office\office12\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"UDP Query User{8B0C071B-3A36-4221-A7A2-803FAD6932F1}D:\program files (x86)\condition zero\hl.exe" = protocol=17 | dir=in | app=d:\program files (x86)\condition zero\hl.exe |
"UDP Query User{AF9CC29D-2FCB-4BAF-838C-E2084D8025A4}D:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=d:\program files (x86)\bitcoin\bitcoin-qt.exe |
"UDP Query User{CFB1242C-4F8F-4A3E-98E7-479A2506E7B7}D:\darkcomet\darkcomet.exe" = protocol=17 | dir=in | app=d:\darkcomet\darkcomet.exe |
"UDP Query User{EB8A52AB-52BC-409B-A6B4-6B01BA331C2F}C:\users\owner\downloads\nw.1.20130225d.1.exe" = protocol=17 | dir=in | app=c:\users\owner\downloads\nw.1.20130225d.1.exe |
"UDP Query User{F3DF052E-DB7A-40FD-AF26-109BE2AC28E8}C:\users\owner\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{FDC43C8A-9D54-4100-B939-F92AA9FDD303}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{1AB648D7-5FDE-321E-825A-4FE93A0890F5}" = Microsoft .NET Framework 4 Extended HEB Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA מנהל ההתקן עבור ‎3D Vision 320.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = לוח הבקרה של NVIDIA 320.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA מנהל התקן עבור נתונים גרפיים 320.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA מנהל ההתקן של בקר ‎3D Vision 320.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA תכנת PhysX מערכת 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = עדכוני NVIDIA 3.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA מנהל ההתקן עבור שמע בתקן HD 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CB457D7C-D242-31CB-83C7-DDCF16418360}" = Microsoft .NET Framework 4 Client Profile HEB Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile HEB Language Pack" = Microsoft .NET Framework 4 Client Profile HEB Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended HEB Language Pack" = Microsoft .NET Framework 4 Extended HEB Language Pack
"Recuva" = Recuva
"Speccy" = Speccy
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1A01191E-7750-4D43-AA86-64DDDA437070}" = Responsa CD18
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner X 2.1.2
"{DBD76811-6CF0-4A15-9436-B779C3A36929}_is1" = Acunetix Web Vulnerability Scanner 8.0
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E7A8BC75-50A9-32F2-8DFB-C499D21881B7}" = Google Talk Plugin
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BSPlayerf" = BS.Player FREE
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"CleanMem" = CleanMem
"Condition Zero" = Condition Zero
"DarkComet RAT Remover_is1" = DarkComet RAT Remover version 1.0
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.21.1212
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"FreeFileViewer_is1" = Free File Viewer 2012
"GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"MakingHistoryGold" = Making History Gold
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NetsparkerCommunityEdition" = Netsparker [Community Edition] - Web Application Security Scanner
"NoIPDUC" = No-IP DUC
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Picasa 3" = Picasa 3
"Simple Port Forwarding" = Simple Port Forwarding
"Steam App 10500" = Empire: Total War
"Steam App 229690" = Gauntlet Quest
"Steam App 400" = Portal
"Steam App 42160" = War of the Roses
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 43110" = Metro 2033
"Steam App 440" = Team Fortress 2
"Steam App 570" = Dota 2
"Steam App 57690" = Tropico 4
"Steam App 620" = Portal 2
"TeamViewer 8" = TeamViewer 8
"TrueCrypt" = TrueCrypt
"Trusted Software Assistant_is1" = File Type Assistant
"Uplink" = Uplink (remove only)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.0
"webmmf" = WebM Media Foundation Components

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"Akamai" = Akamai NetSession Interface
"Bitcoin" = Bitcoin
"Google Chrome" = Google Chrome
"SOE-C:/Users/owner/AppData/Local/Sony Online Entertainment/ApplicationUpdater" = applicationupdater
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/7/2013 2:22:16 PM | Computer Name = Yehonatanst-pc | Source = WinMgmt | ID = 10
Description =

Error - 5/7/2013 3:04:34 PM | Computer Name = Yehonatanst-pc | Source = VSS | ID = 12310
Description =

Error - 5/7/2013 3:04:34 PM | Computer Name = Yehonatanst-pc | Source = VSS | ID = 12298
Description =

Error - 5/7/2013 3:32:03 PM | Computer Name = Yehonatanst-pc | Source = Application Hang | ID = 1002
Description = ????????? avscan.exe ?????? 13.6.0.1262 ?????? ????? ?????????? ??
Windows ??????. ??? ????? ?? ?? ???? ???? ???? ????? ?????, ???? ?? ????????? ?????
???? ????? ?? ???? ???????. ???? ?????: 1274 ??? ?????: 01ce4b52a0b86ca6 ??? ????:
60000 ???? ?????: c:\program files (x86)\avira\antivir desktop\avscan.exe ???? ???:
9c051129-b74c-11e2-bfa6-50e54927f33f

Error - 5/7/2013 3:52:22 PM | Computer Name = Yehonatanst-pc | Source = WinMgmt | ID = 10
Description =

Error - 5/7/2013 4:26:01 PM | Computer Name = Yehonatanst-pc | Source = SideBySide | ID = 16842815
Description = ??????? ???? ????? ????? ???? ''d:\program files (x86)\spybot - search
& destroy\DelZip179.dll''. ????? ????? ??????? ?? ???????? ''d:\program files (x86)\spybot
- search & destroy\DelZip179.dll'' ????? 8. ???? ''*'' ?? ?????? ''language'' ?????
''assemblyIdentity'' ???? ????.

Error - 5/7/2013 4:52:22 PM | Computer Name = Yehonatanst-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 5/7/2013 4:52:22 PM | Computer Name = Yehonatanst-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15584

Error - 5/7/2013 4:52:22 PM | Computer Name = Yehonatanst-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15584

Error - 5/8/2013 11:06:15 AM | Computer Name = Yehonatanst-pc | Source = Application Hang | ID = 1002
Description = ????????? avconfig.exe ?????? 13.6.0.1246 ?????? ????? ??????????
?? Windows ??????. ??? ????? ?? ?? ???? ???? ???? ????? ?????, ???? ?? ?????????
????? ???? ????? ?? ???? ???????. ???? ?????: ca0 ??? ?????: 01ce4bfd570ef106 ???
????: 60000 ???? ?????: C:\program files (x86)\avira\antivir desktop\avconfig.exe

????
???: a86a8882-b7f0-11e2-a1c8-50e54927f33f

[ System Events ]
Error - 5/4/2013 1:11:36 PM | Computer Name = Yehonatanst-pc | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = ??????? ????? ????? ?????? ?? WLAN ?????. ???? ?????: C:\Windows\system32\athExt.dll
???
?????: 126

Error - 5/4/2013 1:13:21 PM | Computer Name = Yehonatanst-pc | Source = Service Control Manager | ID = 7009
Description = ???????? ????? ???? ??? ???? (30000 ?????? ????) ????? ????? ??????
?? ????? Steam Client Service.

Error - 5/4/2013 1:13:21 PM | Computer Name = Yehonatanst-pc | Source = Service Control Manager | ID = 7000
Description = ??????? ?????? Steam Client Service ????? ??? ?????? ????: %%1053

Error - 5/4/2013 4:36:53 PM | Computer Name = Yehonatanst-pc | Source = volsnap | ID = 393252
Description = ??????? ??? ?? ????? ?????? C: ????? ???? ?????? ???? ?????? ?? ?????
??? ?? ?????? ??? ????? ?????? ??-??? ??????.

Error - 5/5/2013 2:23:05 AM | Computer Name = Yehonatanst-pc | Source = Service Control Manager | ID = 7011
Description = ???????? ????? ???? ??? ???? (30000 ?????? ????) ????? ????? ??????
???????? ?????? Netman.

Error - 5/7/2013 1:25:15 PM | Computer Name = Yehonatanst-pc | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = ??????? ????? ????? ?????? ?? WLAN ?????. ???? ?????: C:\Windows\system32\athExt.dll
???
?????: 126

Error - 5/7/2013 2:21:49 PM | Computer Name = Yehonatanst-pc | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = ??????? ????? ????? ?????? ?? WLAN ?????. ???? ?????: C:\Windows\system32\athExt.dll
???
?????: 126

Error - 5/7/2013 2:24:21 PM | Computer Name = Yehonatanst-pc | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 5/7/2013 3:50:49 PM | Computer Name = Yehonatanst-pc | Source = DCOM | ID = 10010
Description =

Error - 5/7/2013 3:51:57 PM | Computer Name = Yehonatanst-pc | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = ??????? ????? ????? ?????? ?? WLAN ?????. ???? ?????: C:\Windows\system32\athExt.dll
???
?????: 126


< End of report >