Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Games crash when i try to open them and they also crash sound driver


  • Please log in to reply

#46
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP

Run VEW for both Systems and Applications and let's see if there is anything in the logs to give us a clue what happened.


  • 0

Advertisements


#47
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 26/01/2015 7:32:24 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/01/2015 12:29:54 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program SndVol.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.  Process ID: 1f90  Start Time: 01d039c8463be1ef  Termination Time: 13  Application Path: C:\Windows\system32\SndVol.exe  Report Id: 96b64c95-a5bb-11e4-bc98-78e7d188524c 
 
Log: 'Application' Date/Time: 27/01/2015 12:22:21 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program dota.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.  Process ID: 2f34  Start Time: 01d039c731f26f29  Termination Time: 177  Application Path: C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe  Report Id: 8cfeffd0-a5ba-11e4-bc98-78e7d188524c 
 
Log: 'Application' Date/Time: 27/01/2015 12:20:50 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program dota.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.  Process ID: 2a98  Start Time: 01d039c6f819d914  Termination Time: 45  Application Path: C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe  Report Id: 4fe8bec5-a5ba-11e4-bc98-78e7d188524c 
 
Log: 'Application' Date/Time: 23/01/2015 8:53:33 AM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 23/01/2015 2:51:56 AM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 21/01/2015 11:48:42 AM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 20/01/2015 11:47:24 PM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 19/01/2015 11:19:50 AM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 18/01/2015 5:18:20 PM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 18/01/2015 9:53:34 AM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary lahastvz.
 
System Error:
The system cannot find the file specified. .
 
Log: 'Application' Date/Time: 18/01/2015 9:32:05 AM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary losuoigp.
 
System Error:
The system cannot find the file specified. .
 
Log: 'Application' Date/Time: 18/01/2015 9:20:54 AM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary losuoigp.
 
System Error:
The system cannot find the file specified. .
 
Log: 'Application' Date/Time: 17/01/2015 9:25:51 PM
Type: Error Category: 16
Event: 15300 Source: WPDMTPDriver
The event description cannot be found.
 
Log: 'Application' Date/Time: 17/01/2015 12:22:21 PM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 17/01/2015 7:46:14 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SndVol.exe, version: 6.1.7601.17514, time stamp: 0x4ce7aced Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f Exception code: 0x40000015 Fault offset: 0x000000000002a84e Faulting process id: 0x424 Faulting application start time: 0x01d03229a7de8443 Faulting application path: C:\Windows\system32\SndVol.exe Faulting module path: C:\Windows\system32\msvcrt.dll Report Id: e8d3c66b-9e1c-11e4-ab55-78e7d188524c
 
Log: 'Application' Date/Time: 16/01/2015 2:36:20 PM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 15/01/2015 10:57:39 AM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 13/01/2015 10:49:11 AM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
 
Log: 'Application' Date/Time: 13/01/2015 2:48:57 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: wmplayer.exe, version: 12.0.7601.18526, time stamp: 0x53b9f236 Faulting module name: Mpeg2DecFilter.ax_unloaded, version: 0.0.0.0, time stamp: 0x4ebc2c65 Exception code: 0xc0000005 Fault offset: 0x640d2f60 Faulting process id: 0x1bc0 Faulting application start time: 0x01d02ebd5bb2c27f Faulting application path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Faulting module path: Mpeg2DecFilter.ax Report Id: b7de0524-9ace-11e4-a1fa-78e7d188524c
 
Log: 'Application' Date/Time: 13/01/2015 2:41:24 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SpotifyWebHelper.exe, version: 0.9.15.27, time stamp: 0x54803b75 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000004 Faulting process id: 0x11b0 Faulting application start time: 0x01d02d6aec2bf928 Faulting application path: C:\Users\Renato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe Faulting module path: unknown Report Id: a9cbb25a-9acd-11e4-a1fa-78e7d188524c
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 23/01/2015 8:20:31 PM
Type: Warning Category: 32
Event: 15200 Source: ZuneDriver
The event description cannot be found.
 
Log: 'Application' Date/Time: 18/01/2015 3:05:21 PM
Type: Warning Category: 0
Event: 0 Source: LeapFrog Connect Device Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 18/01/2015 3:04:15 PM
Type: Warning Category: 0
Event: 4105 Source: Microsoft-Windows-Winlogon
Windows is in Notification period.
 
Log: 'Application' Date/Time: 18/01/2015 10:15:46 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   3 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001_Classes:
Process 4444 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001_CLASSES
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001_CLASSES
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001_CLASSES\Wow6432Node\CLSID
 
 
Log: 'Application' Date/Time: 18/01/2015 10:15:45 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   48 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001:
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 4444 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 4444 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\Direct3D
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\My
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\My
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\My
Process 4444 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\LogiShrd\Vid
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\CA
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\CA
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\CA
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\Windows\CurrentVersion\Explorer
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Root
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Root
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Root
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\TrustedPeople
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\TrustedPeople
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\TrustedPeople
Process 5104 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\trust
Process 644 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\trust
Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\trust
 
 
Log: 'Application' Date/Time: 18/01/2015 9:43:44 AM
Type: Warning Category: 0
Event: 0 Source: LeapFrog Connect Device Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 18/01/2015 9:41:35 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001_Classes:
Process 4236 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001_CLASSES
 
 
Log: 'Application' Date/Time: 18/01/2015 9:41:32 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   13 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001:
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 4236 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\My
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\CA
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Root
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 3044 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\trust
 
 
Log: 'Application' Date/Time: 18/01/2015 9:18:56 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Google\Chrome\Application\chrome.exe' (pid 5324) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 18/01/2015 3:52:19 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
The content source <file:C:/Program Files (x86)/Microsoft Office/Office14/Visio Content/> cannot be accessed.
 
Context: Windows Application, SystemIndex Catalog
 
Details:
The object was not found.  (HRESULT : 0x80041201) (0x80041201)
 
 
Log: 'Application' Date/Time: 18/01/2015 3:51:58 AM
Type: Warning Category: 1
Event: 1008 Source: Microsoft-Windows-Search
The Windows Search Service is starting up and attempting to remove the old search index {Reason: User Requested}. 
 
 
Log: 'Application' Date/Time: 15/01/2015 7:25:21 PM
Type: Warning Category: 0
Event: 0 Source: LeapFrog Connect Device Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 15/01/2015 12:54:07 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   15 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001:
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\My
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\CA
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Root
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\TrustedPeople
Process 2816 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\trust
 
 
Log: 'Application' Date/Time: 14/01/2015 10:53:01 AM
Type: Warning Category: 0
Event: 0 Source: LeapFrog Connect Device Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 14/01/2015 10:50:25 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   5 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001:
Process 2224 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 2224 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 2224 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 2224 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Root
Process 2224 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\trust
 
 
Log: 'Application' Date/Time: 12/01/2015 12:40:14 PM
Type: Warning Category: 7
Event: 507 Source: ESENT
wuaueng.dll (292) SUS20ClientDataStore: A request to read from the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 403013632 (0x0000000018058000) for 32768 (0x00008000) bytes succeeded, but took an abnormally long time (7166 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 11/01/2015 2:36:52 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (292) SUS20ClientDataStore: A request to write to the file "C:\Windows\SoftwareDistribution\DataStore\Logs\edbtmp.log" at offset 393216 (0x0000000000060000) for 393216 (0x00060000) bytes succeeded, but took an abnormally long time (6314 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 11/01/2015 2:36:51 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (292) SUS20ClientDataStore: A request to write to the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 279445504 (0x0000000010a80000) for 32768 (0x00008000) bytes succeeded, but took an abnormally long time (6313 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 11/01/2015 6:48:46 AM
Type: Warning Category: 0
Event: 0 Source: LeapFrog Connect Device Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 11/01/2015 6:46:11 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   8 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001:
Process 2996 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 2996 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 2996 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 2996 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 2996 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\CA
Process 2996 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 2996 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Root
Process 2996 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\trust
 
 
 
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 26/01/2015 7:33:12 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/01/2015 8:15:27 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 26/01/2015 5:07:40 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Log: 'System' Date/Time: 25/01/2015 8:19:54 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 25/01/2015 8:19:54 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Log: 'System' Date/Time: 25/01/2015 6:51:30 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 24/01/2015 6:43:05 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 24/01/2015 5:45:53 AM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Log: 'System' Date/Time: 24/01/2015 5:44:16 AM
Type: Error Category: 0
Event: 1060 Source: Application Popup
\??\C:\ComboFix0\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Log: 'System' Date/Time: 24/01/2015 5:36:44 AM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Log: 'System' Date/Time: 19/01/2015 11:14:25 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Log: 'System' Date/Time: 19/01/2015 7:17:06 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Log: 'System' Date/Time: 18/01/2015 8:08:18 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Log: 'System' Date/Time: 18/01/2015 5:14:18 PM
Type: Error Category: 0
Event: 2505 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{5A5AFBFE-0AEC-4C60-BB67-C7A8524E9C34} because another computer on the network has the same name.  The server could not start.
 
Log: 'System' Date/Time: 18/01/2015 3:05:54 PM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Log: 'System' Date/Time: 18/01/2015 9:49:41 AM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.
 
Log: 'System' Date/Time: 18/01/2015 9:44:08 AM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Log: 'System' Date/Time: 18/01/2015 9:41:29 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {7379F0FF-EA46-4536-BEF5-68B6B5E54F9B} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 18/01/2015 3:13:47 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Log: 'System' Date/Time: 17/01/2015 10:53:56 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Log: 'System' Date/Time: 17/01/2015 4:17:52 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/01/2015 4:29:25 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 26/01/2015 4:29:00 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 26/01/2015 7:49:52 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.ulwaf.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 26/01/2015 5:07:44 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 26/01/2015 5:07:44 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 25/01/2015 6:51:46 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 25/01/2015 4:33:59 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.ulwaf.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 25/01/2015 3:16:05 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 25/01/2015 3:16:01 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 24/01/2015 6:43:01 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 24/01/2015 6:42:59 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 24/01/2015 6:42:58 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/01/2015 8:49:49 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/01/2015 12:49:59 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/01/2015 6:50:05 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/01/2015 6:48:12 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/01/2015 6:48:11 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/01/2015 2:48:37 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/01/2015 2:48:34 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name auth.ff.avast.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/01/2015 12:46:59 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 

  • 0

#48
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP

Uninstall Windows Live (you probably don't use it but if you do you need to get the latest version)

 

Uninstall Logitech Webcam.

 

Both are causing errors.

 

Also can you free up some space on your hard drives?  You may be running out of space.

 

Try doing a defrag.  See if it will work.  (It requires a certain amount of free space).


  • 0

#49
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

Windows live what exactly? And i use my webcam xd. im freeing up some space and doing a defrag.

 

haha and i always thought 1tb was more than enough. 


  • 0

#50
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP

All I know is Windows Live.  I would get rid of all of them starting with Windows Live Essentials.  If this is something you use then download the latest version.  Your version has a bug.

 

There should be a newer version of the Webcam software.

 

Look for a new version of Steam too.

 

Guess 1 TB is not as big as it used to be:

 

Looks like you are starting to run out:

 

Drive c: (HP) (Fixed) (Total:919.67 GB) (Free:15.57 GB) NTFS

 

Maybe time for a 2nd drive?

 

Once you do all that. clear the logs:

 

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
 
Then try the game that just broke and if it breaks again, post the VEW logs again.

  • 0

#51
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

ps the hard drive at 0 percent frag. So there is no need to frag. However "system" is at 9 percent. Should I defrag that?

 

I was uninstalling logitech webcam but it couldn't perform cuz it said something like I didn't have the permission to do so. And the thing is stuck on "please wait until windows configures logitech webcam" and its stuck there. 


  • 0

#52
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP

Go ahead with the defrag.  I really just want to see if defrag will start.  Defrag needs something like 11% free space before it will actually do anything.

 

You might try downloading a new version of the webcam software and install it on top of the old.  You can probably kill the uninstall with Task manager (right click on the clock and click on Start Task manager then on Applications, find the program and End Task.  Sometimes you have to look in Processes  if you click on the CPU column header it will sort them with the biggest users at the top (System Idle is normally on top with 90+ %)  If a program is hung it tends to use all of the CPU time.  So it's probably at the top of the list.


  • 0

#53
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

Its denying me access to end the process. Says access denied.  The windows live and logitech were both acting very weird no wonder they've been causing problems. 

 

When I open up computer the defrag for some reason didn't even work or do anything. But when I open my computer is says desktop cannot be found and the desktop icon is not there on the left side. 

 

o_o

 

http://gyazo.com/a9c...dfe9ed02c414625


Edited by Ren12, 26 January 2015 - 09:51 PM.

  • 0

#54
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP

Maybe you need to reboot.  Things are getting confused.


  • 0

#55
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

Reboot was a disaster. My computer was acting pretty weird I couldn't uninstall logitech maybe the virus is hiding there?

 

Either way when I restarted like you said I couldn't log back on and it would tell me the profile log in doesn't work. I used safe mode and went to the registry editor on microsoft and down to profile lists to edit the .bak fil. That didn't work so I used system restore to get my computer back as the easiest option. 

 

I was going to log in through my phone to post here but I don't know my password since i Just log in automatically through browser.

 

Some of the files on desktop are missing like the log files through the varies programs. Does this scream virus and identity theft or just really bad software problem 

 

idk what to say :/


  • 0

Advertisements


#56
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP

Probably not a virus.  Sounds more like hard drive or memory error.  See if you can get it to run the disk check:

 

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.
 
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.
 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
 
sfc /scannow
 
(SPACE after sfc.  This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.  Close nOtepad.  Close the Command Window.
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.

  • 0

#57
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 27/01/2015 8:28:56 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/01/2015 10:07:10 AM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/01/2015 12:19:27 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 28/01/2015 12:19:09 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 27/01/2015 7:18:09 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 27/01/2015 10:00:03 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#.
 
Log: 'System' Date/Time: 27/01/2015 5:34:03 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 
 
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 27/01/2015 8:28:39 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/01/2015 9:59:17 AM
Type: Warning Category: 0
Event: 0 Source: LeapFrog Connect Device Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 27/01/2015 5:33:58 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   3 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001_Classes:
Process 4952 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001_CLASSES
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001_CLASSES
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001_CLASSES\Wow6432Node\CLSID
 
 
Log: 'Application' Date/Time: 27/01/2015 5:33:58 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   17 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001:
Process 4952 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 4952 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\Direct3D
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\My
Process 4952 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\LogiShrd\Vid
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\CA
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\Windows\CurrentVersion\Explorer
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Root
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\trust
 
 

  • 0

#58
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP

This is why I want you to uninstall the webcam :

 

Log: 'Application' Date/Time: 27/01/2015 5:33:58 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   3 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001_Classes:
Process 4952 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001_CLASSES
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001_CLASSES
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001_CLASSES\Wow6432Node\CLSID
 
 
Log: 'Application' Date/Time: 27/01/2015 5:33:58 AM
Type: Warning Category: 0

 

Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   17 user registry handles leaked from \Registry\User\S-1-5-21-3591711946-2265182465-2123470179-1001:
Process 4952 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\SystemCertificates
Process 4952 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\Direct3D
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\My
Process 4952 (\Device\HarddiskVolume2\Program Files (x86)\Logitech\Vid HD\Vid.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\LogiShrd\Vid
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\CA
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\Windows\CurrentVersion\Explorer
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Root
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1900 (\Device\HarddiskVolume2\Program Files\Logitech\Logitech WebCam Software\LWS.exe) has opened key \REGISTRY\USER\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\SystemCertificates\trust

 

 

Can you run an OTL Quickscan?  Download OTL from

and Save it to your desktop.

  • 0

#59
Ren12

Ren12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

I read the log entry too and I noticed that. I didn't uninstall the webcam because of what happened last time by ruining my computer and having me shut off from loging in. Should I go ahead an uninstall it now before or after otl scan?


  • 0

#60
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP

Uninstall first.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP