It seems to have popped up after the last OTL scan. This is so crazy!
Here are those logs:
OTL logfile created on: 1/3/2014 12:03:56 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 78.29% Memory free
6.19 Gb Paging File | 5.56 Gb Available in Paging File | 89.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.46 Gb Total Space | 106.68 Gb Free Space | 47.95% Space Free | Partition Type: NTFS
Drive D: | 10.42 Gb Total Space | 1.73 Gb Free Space | 16.58% Space Free | Partition Type: NTFS
Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2014/01/02 10:26:53 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/02 10:18:48 | 000,143,488 | ---- | M] () -- c:\Program Files\Optimizer Pro\OptProCrash.exe
PRC - [2014/01/01 14:33:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Downloads\OTL.exe
PRC - [2013/12/17 12:03:22 | 000,046,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
PRC - [2011/10/31 10:00:15 | 000,435,528 | ---- | M] (Pervasive Software Inc.) -- C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
PRC - [2009/04/11 01:27:48 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationSettings.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/03/26 17:26:56 | 000,341,328 | ---- | M] () -- C:\WINDOWS\SMINST\BLService.exe
PRC - [2008/02/12 15:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe
========== Modules (No Company Name) ========== MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/02/08 19:47:56 | 000,159,744 | ---- | M] () -- C:\WINDOWS\System32\atitmmxx.dll
========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe -- (vToolbarUpdater17.2.0)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2014/01/02 10:26:53 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/01/02 10:18:48 | 000,143,488 | ---- | M] () [Auto | Running] -- c:\Program Files\Optimizer Pro\OptProCrash.exe -- (ca82e1a5)
SRV - [2013/12/17 12:03:22 | 000,046,904 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2013/12/12 10:36:12 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/11 14:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/11 11:14:54 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/19 17:45:18 | 000,038,440 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/03/09 00:10:32 | 030,798,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/12/13 04:44:32 | 000,544,840 | ---- | M] (Cisco Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/18 13:47:00 | 002,370,448 | ---- | M] (WIBU-SYSTEMS AG) [Disabled | Stopped] -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2011/10/31 10:00:15 | 000,435,528 | ---- | M] (Pervasive Software Inc.) [Auto | Running] -- C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe -- (psqlWGE)
SRV - [2011/10/25 11:51:56 | 000,043,848 | R--- | M] (Sage Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Sage\Peachtree\SmartPostingService2011.exe -- (Peachtree SmartPosting 2011)
SRV - [2008/04/15 13:18:38 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe -- (STacSV)
SRV - [2008/03/26 17:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/02/12 15:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a1huorjw)
DRV - File not found [Kernel | Unavailable | Unknown] -- C:\Windows\TEMP\3738.tmp -- (4875c600)
DRV - [2014/01/02 10:27:01 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/02 10:27:01 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/02 10:27:01 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/02 10:27:01 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/02 10:27:01 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/01/02 10:27:01 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/01/02 10:27:01 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/01/01 10:17:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/11/23 01:30:40 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/05/19 21:52:37 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sptd.sys -- (sptd)
DRV - [2012/12/13 04:28:44 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2012/12/13 04:26:38 | 000,058,320 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\acsmux.sys -- (acsmux)
DRV - [2012/12/13 04:26:38 | 000,039,888 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\acsint.sys -- (acsint)
DRV - [2009/02/08 21:06:20 | 004,172,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/11/17 14:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008/09/04 01:47:00 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\enecir.sys -- (enecir)
DRV - [2008/05/13 21:09:00 | 007,443,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/13 21:09:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/15 13:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/04/15 05:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/11 12:55:04 | 000,084,240 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/03/27 15:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008/03/27 15:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2007/07/11 12:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/11/02 02:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...avilion&pf=cnnbIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.h...avilion&pf=cnnbIE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" =
http://feed.snapdo.c...Date=02/01/2014IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...avilion&pf=cnnbIE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://feed.snapdo.c...Date=02/01/2014IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://feed.snapdo.c...Date=02/01/2014IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://feed.snapdo.c...Date=02/01/2014IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://feed.snapdo.c...Date=02/01/2014IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://feed.snapdo.c...Date=02/01/2014IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" =
http://feed.snapdo.c...Date=02/01/2014IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "
http://feed.snapdo.c...ate=02/01/2014"FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: "
http://feed.snapdo.c...=02/01/2014&q="FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/06/10 08:37:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/02 10:27:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/11/08 18:54:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2014/01/02 10:26:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\wpufm3lp.default\extensions
[2014/01/02 10:21:07 | 000,002,425 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\wpufm3lp.default\searchplugins\Web Search.xml
[2013/09/06 21:15:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/27 17:24:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/12/12 10:36:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/02 10:27:04 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
========== Chrome ========== CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\18.2_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mogcbkkjhojimpkmhbpndncicbcfigid\1.0_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/08/11 17:57:53 | 000,001,161 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 forum.alcohol-soft.com
O1 - Hosts: 127.0.0.1 support.alcohol-soft.com
O1 - Hosts: 127.0.0.1 users.alcohol-soft.com
O1 - Hosts: 127.0.0.1 shop.alcohol-soft.com
O1 - Hosts: 127.0.0.1 vodka.alcohol-soft.com
O1 - Hosts: 127.0.0.1 *.alcohol-soft.com
O1 - Hosts: 127.0.0.1 *.alcohol-soft.*
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000..\Run: [URmedia] C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - HKU\.DEFAULT..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" File not found
O4 - HKU\S-1-5-18..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" File not found
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0819543E-146D-4416-8CDE-A68597624A77}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C8DA66C-C24A-49EF-B3BB-7F784FC0114A}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B72DD6A-D65E-4A6A-A9E0-50489A711B2A}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\optimi~1\optpro~1.dll) - c:\Program Files\Optimizer Pro\OptProCrash.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/10 08:11:44 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0981f7da-6a65-11e3-bf63-00269e1d9082}\Shell - "" = AutoRun
O33 - MountPoints2\{0981f7da-6a65-11e3-bf63-00269e1d9082}\Shell\AutoRun\command - "" = H:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{44229e24-6ac8-11e1-8a5e-001eecf4b2ed}\Shell - "" = AutoRun
O33 - MountPoints2\{4b2a77ef-c0f9-11e2-8ae5-001eecf4b2ed}\Shell - "" = AutoRun
O33 - MountPoints2\{4b2a77ef-c0f9-11e2-8ae5-001eecf4b2ed}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{cc973cc0-02d5-11e3-93df-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cc973cc0-02d5-11e3-93df-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{cc973cc0-02d5-11e3-93df-806e6f6e6963}\Shell\setup\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2014/01/02 10:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller
[2014/01/02 10:29:32 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\AVAST Software
[2014/01/02 10:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/02 10:28:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2014/01/02 10:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/01/02 10:27:45 | 000,057,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/01/02 10:27:43 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/02 10:27:42 | 000,410,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/02 10:27:41 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/02 10:27:40 | 000,054,832 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2014/01/02 10:27:07 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/02 10:27:00 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/02 10:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/02 10:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/02 10:20:42 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Optimizer Pro
[2014/01/02 10:19:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Smartbar
[2014/01/02 10:19:14 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Optimizer Pro
[2014/01/02 10:19:14 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/01/02 10:19:09 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2014/01/02 10:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/01/02 10:18:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
[2014/01/02 10:18:42 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\SwvUpdater
[2014/01/02 10:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
[2014/01/01 17:00:37 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/01 09:47:05 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/01/01 06:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\PassShow
[2014/01/01 06:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\ToniArts
[2014/01/01 06:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyCleaner
[2013/12/31 22:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2013/12/31 22:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013/12/31 22:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2013/12/31 21:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/12/31 21:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013/12/21 23:50:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2013/12/21 23:48:45 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\WarThunder
[2013/12/21 23:48:45 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder
[2013/12/21 16:13:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\URmedia
[2013/12/16 20:28:08 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Chris\Desktop\tdsskiller.exe
[2013/12/14 17:09:59 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\CyberLink
[2013/12/12 10:36:52 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/12/12 10:36:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/12/12 10:36:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/12/12 10:36:46 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/12/12 10:36:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/12/12 10:36:44 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/12/12 10:36:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/12/12 10:36:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/12/12 01:05:42 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\TuneUp Software
[2013/12/11 14:06:27 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/12/11 14:06:25 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2013/12/11 14:06:25 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013/12/11 14:06:25 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2013/12/11 14:06:22 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/12/11 14:06:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2013/12/07 21:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Auslogics
[2013/12/07 21:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2013/12/07 21:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2013/12/07 20:55:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2013/12/06 21:39:33 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\OpenOffice
[2013/12/06 21:37:48 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
[2013/12/06 21:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice 4
[2013/12/06 21:35:14 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\OpenOffice 4.0.1 (en-US) Installation Files
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2014/01/03 00:00:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/03 00:00:02 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/03 00:00:02 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/02 23:59:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/02 23:59:35 | 3218,280,448 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/02 13:40:57 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/02 13:34:19 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1961090724-942705277-1128008459-1000UA.job
[2014/01/02 13:14:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/02 13:07:19 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014/01/02 10:34:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1961090724-942705277-1128008459-1000Core.job
[2014/01/02 10:29:25 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/02 10:27:01 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/02 10:27:01 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/02 10:27:01 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/02 10:27:01 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/02 10:27:01 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/01/02 10:27:01 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2014/01/02 10:27:01 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/02 10:27:00 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/02 10:27:00 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/02 10:21:11 | 000,002,065 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2014/01/02 10:21:10 | 000,002,041 | ---- | M] () -- C:\Users\Chris\Desktop\Search.lnk
[2014/01/02 10:19:18 | 000,000,854 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/01/02 10:19:18 | 000,000,844 | ---- | M] () -- C:\Users\Chris\Desktop\MyPC Backup.lnk
[2014/01/02 10:18:46 | 000,000,819 | ---- | M] () -- C:\Users\Chris\Desktop\Optimizer Pro.lnk
[2014/01/01 21:39:21 | 000,008,944 | ---- | M] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2014/01/01 10:58:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2014/01/01 10:58:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2014/01/01 10:56:26 | 000,000,115 | ---- | M] () -- C:\Windows\wininit.ini
[2014/01/01 10:17:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/01/01 07:08:00 | 000,000,104 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Computer - Shortcut.lnk
[2013/12/31 22:47:45 | 000,001,039 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2013/12/31 22:47:45 | 000,001,015 | ---- | M] () -- C:\Users\Chris\Desktop\Spybot - Search & Destroy.lnk
[2013/12/22 14:19:31 | 000,008,516 | ---- | M] () -- C:\Users\Chris\chilipepper.jpg
[2013/12/21 19:31:57 | 000,608,660 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/12/21 19:31:57 | 000,105,842 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/12/16 20:28:24 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Chris\Desktop\tdsskiller.exe
[2013/12/14 17:09:58 | 002,989,660 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2013/12/13 19:30:36 | 000,018,195 | ---- | M] () -- C:\Users\Chris\Desktop\Wines.odt
[2013/12/12 11:01:32 | 000,430,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/12/11 11:14:51 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/12/11 11:14:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/12/08 18:52:21 | 269,701,115 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/12/07 21:25:23 | 000,000,922 | ---- | M] () -- C:\Users\Chris\Desktop\Auslogics DiskDefrag.lnk
[2013/12/06 21:48:20 | 000,015,215 | ---- | M] () -- C:\Users\Chris\Documents\cwabcaiks.odt
[2013/12/06 21:37:59 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2013/12/06 00:32:52 | 000,002,044 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/06 00:32:52 | 000,002,042 | ---- | M] () -- C:\Users\Chris\Desktop\Google Chrome.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ========== [2014/01/02 10:29:25 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/02 10:28:10 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/02 10:28:04 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/02 10:27:44 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/02 10:27:42 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/02 10:21:11 | 000,002,071 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2014/01/02 10:21:11 | 000,002,065 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2014/01/02 10:21:10 | 000,002,041 | ---- | C] () -- C:\Users\Chris\Desktop\Search.lnk
[2014/01/02 10:19:18 | 000,000,854 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/01/02 10:19:18 | 000,000,844 | ---- | C] () -- C:\Users\Chris\Desktop\MyPC Backup.lnk
[2014/01/02 10:18:46 | 000,000,819 | ---- | C] () -- C:\Users\Chris\Desktop\Optimizer Pro.lnk
[2014/01/02 10:18:42 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\AmiUpdXp.job
[2014/01/01 22:07:08 | 3218,280,448 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/01 10:58:18 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2014/01/01 10:58:18 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2014/01/01 07:08:00 | 000,000,104 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Computer - Shortcut.lnk
[2013/12/31 22:47:45 | 000,001,039 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2013/12/31 22:47:45 | 000,001,015 | ---- | C] () -- C:\Users\Chris\Desktop\Spybot - Search & Destroy.lnk
[2013/12/22 14:19:30 | 000,008,516 | ---- | C] () -- C:\Users\Chris\chilipepper.jpg
[2013/12/13 19:11:43 | 000,018,195 | ---- | C] () -- C:\Users\Chris\Desktop\Wines.odt
[2013/12/07 21:25:23 | 000,000,922 | ---- | C] () -- C:\Users\Chris\Desktop\Auslogics DiskDefrag.lnk
[2013/12/06 21:48:18 | 000,015,215 | ---- | C] () -- C:\Users\Chris\Documents\cwabcaiks.odt
[2013/12/06 21:37:59 | 000,000,977 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2013/11/30 07:02:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/11/29 21:26:00 | 000,000,115 | ---- | C] () -- C:\Windows\wininit.ini
[2013/11/27 12:28:13 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/11/25 01:23:39 | 000,000,552 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d8caps.dat
[2013/11/24 14:11:42 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2013/09/29 16:38:11 | 000,000,495 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/05/19 22:15:01 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2013/04/18 17:25:16 | 000,188,468 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012/05/25 18:17:09 | 000,034,814 | ---- | C] () -- C:\Users\Chris\AppData\Local\dt.dat
[2012/01/28 11:19:31 | 000,008,944 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2011/11/14 00:28:17 | 000,071,168 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/08 10:09:37 | 000,249,739 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/11/08 10:09:32 | 000,249,739 | ---- | C] () -- C:\ProgramData\nvModes.dat
========== ZeroAccess Check ========== [2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
And the Extras:
OTL Extras logfile created on: 1/3/2014 12:03:56 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 78.29% Memory free
6.19 Gb Paging File | 5.56 Gb Available in Paging File | 89.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.46 Gb Total Space | 106.68 Gb Free Space | 47.95% Space Free | Partition Type: NTFS
Drive D: | 10.42 Gb Total Space | 1.73 Gb Free Space | 16.58% Space Free | Partition Type: NTFS
Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- "%1" %*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2B86FA71-254F-497F-9722-A25C49D28E11}" = rport=137 | protocol=17 | dir=out | app=system |
"{43688AB0-5026-4109-BD35-C9F94C453FB2}" = lport=138 | protocol=17 | dir=in | app=system |
"{4D463317-8AA1-42EB-AAAA-46FB45DC961D}" = lport=3351 | protocol=6 | dir=in | name=pervasive dbengine |
"{5A4CB45D-0259-4C82-9946-CA1380D42EB2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{866D77D3-8AA2-4318-9874-31E4C1A231B7}" = lport=137 | protocol=17 | dir=in | app=system |
"{8A048E29-75EC-4132-B07E-A99D60547B10}" = lport=445 | protocol=6 | dir=in | app=system |
"{8E599228-5F36-4B01-9782-CDAF7A7DF85D}" = lport=1583 | protocol=6 | dir=in | name=pervasive dbengine |
"{9F3C8C1B-6DA2-4F0D-A981-57594F0D6604}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{BFF9B835-B75B-4BE6-9705-0C23AE776AE0}" = lport=139 | protocol=6 | dir=in | app=system |
"{E3BE076D-61DD-4A6A-80A5-333CF65D0B6A}" = rport=445 | protocol=6 | dir=out | app=system |
"{E50F9893-D461-4BE7-A960-869C3F1DB807}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{EA01412C-D37A-4237-8C2E-247030DB62A5}" = rport=139 | protocol=6 | dir=out | app=system |
"{EFF98E92-7B6F-4782-BDDF-F331AEFABB92}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0263DABF-EF77-48CB-B81B-61C269F641F2}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{086EBDD0-D2A4-4115-9E7D-D5620F6F92C0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{0EE63860-31B4-4363-9C13-37DDF7128868}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{11ADFC12-38B0-4667-82AC-93306FE52F0B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{16ACDFE2-0220-4AFE-B2BD-324C0E801201}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{28F749D7-7D30-42DC-B172-A82150B263EA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{2B901E9E-38BB-4139-827E-A9A773D1BD74}" = protocol=58 | dir=out |
[email protected],-28546 |
"{350756F3-25FB-4811-AA84-2CE1D3349BAF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{3C1CE542-FA9F-407A-8EF9-3C008766CBC5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4077636B-AD4F-4DC4-A72C-F678C34CA0A7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{4360F3DF-8D98-4686-B86A-828DED02CAE7}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{43B98980-EB95-4614-A4D6-99AFE53ADBC4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\launcher.exe |
"{4FD1363D-CFA8-4B8C-824B-D93F3EB9B515}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{50B3F0CC-9A59-4C98-BAAD-3C25B1DA0F65}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{50E9D66C-209C-4C4A-B27B-BC36B3ED0E16}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{51EE844F-74E0-45C8-84FB-73AC69CE33C9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{5D2C68F0-030E-4C92-9B6E-C1204C19C9F1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5DF1C42E-E752-4E4E-A0C0-C68872DD16D5}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{67DDD819-4658-46C6-8051-CA0937EE2D06}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6FC9820B-9A1F-4F8A-958D-C95885E390BE}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{7345A150-1395-4A82-BB80-146E30A17F40}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{777C8CC4-F17C-4A6D-8F55-DCE99749F8F4}" = protocol=6 | dir=in | app=c:\program files\pervasive software\psql\bin\w3dbsmgr.exe |
"{7FBFF7C6-7B40-4F7D-8D01-5BD55DA6C83F}" = protocol=17 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{81B48244-E124-41CB-A0DF-885063DC350D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{84688B25-7D8D-4393-9CBC-D87794CAC412}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{877F6D89-DE63-41DE-9296-C17D2197C6E9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8AB0B066-2698-4A91-B5FE-31B1E791F208}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{91FB66D6-4CCC-4096-8685-5862BC7E4385}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{93092660-9A0C-4FD5-8676-C8D07A169EA6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\launcher.exe |
"{97E906B3-2FF3-4D20-AFC3-DC3D17F13F53}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{B0EDE9EB-A8AC-4ABF-81D9-B42F20C3FB5F}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{BEEA257F-30E6-4739-9C7F-4663398B59F5}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{C72728E7-4B98-4F7C-AA7E-6B0E88A99CA5}" = protocol=1 | dir=out |
[email protected],-28544 |
"{CAC52DD3-2A0A-4526-863D-3CF90F8A3295}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D07DB96B-7551-4F3B-A6F5-B47BA7AAD6B1}" = protocol=6 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{D2F34EAA-121E-4F0F-BF1E-9D3C7EDE4428}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{D6AF57C8-6443-4C2D-82DB-629C14CE0156}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{D7788BDD-2654-4E24-9453-68119D2E3AE2}" = protocol=58 | dir=in |
[email protected],-28545 |
"{DCCA4B59-4F01-4826-9089-935BE4339170}" = protocol=1 | dir=in |
[email protected],-28543 |
"{E0FE72CF-E914-4B70-AD17-8AEEBF7948EE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{E124605C-BD1D-416C-A87C-AEB0E0FF81FC}" = protocol=17 | dir=in | app=c:\program files\pervasive software\psql\bin\w3dbsmgr.exe |
"{E6140F30-5818-4775-BEE4-85A093C259F4}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{ECB83D74-BFDB-47E0-B5BE-F43AA0957F30}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{F694C544-F243-4383-83AB-7A89256CB6D8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"TCP Query User{8127EB56-444C-4340-9EB1-1DFF3E3DF79A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{8CCD8902-F275-4BAC-A60C-91886DB6D8C3}C:\program files\steam\steamapps\common\war thunder\aces.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\aces.exe |
"TCP Query User{D707EFCC-9309-44B4-A8EC-DF46AA6A3406}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |
"TCP Query User{D7AC601B-8D94-49D2-8350-FF61539E730B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{05D726A8-536F-4D2E-A4B1-CC1A0AB24701}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{45F3E2A8-5D77-43D8-AD1A-9A19BEDC61E1}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{6967F8AB-F2CF-4FA6-BFEE-000CE2281739}C:\program files\steam\steamapps\common\war thunder\aces.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\aces.exe |
"UDP Query User{7D6D596E-3F40-4A30-B75D-56E7B3D4B305}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP2 Workgroup (32-bit)
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1CC677FA-C65A-0767-9AE4-370A233D8366}" = ATI Catalyst Install Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F579925-2652-6934-2E6C-EE652CD807E3}" = Catalyst Control Center Core Implementation
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23CCE784-A812-4647-AEFF-1DCCD4E57478}" = HP Support Solutions Framework
"{254006BC-97DE-4C82-A1A1-A2BAD2520083}" = Snap.Do
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{264A668E-A999-031C-9779-50A56C83ADF2}" = Catalyst Control Center Graphics Full Existing
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3
"{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}" = muvee autoProducer 6.1
"{380357CA-29F4-4B3C-B401-32C057E6B59B}" = HP Smart Web Printing
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}" = OpenOffice 4.0.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4CB16960-2A17-C313-5C52-00D5612627AB}" = ccc-core-static
"{54E4EECE-61B9-4D85-9B3C-99686A9ED6A1}" = Peachtree Accounting 2011
"{5A4D9E13-4E96-5CD5-FC03-8431277A97F6}" = Catalyst Control Center Graphics Full New
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66F0EA94-483A-82CB-B9FC-38329A3014F2}" = Catalyst Control Center Graphics Previews Vista
"{6798DD4E-BD16-4735-87EB-D712637CCB8C}" = Sage Message Center
"{6EBF4CF2-651F-C168-6C4F-F86BF000E55B}" = Catalyst Control Center InstallProxy
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}" = Snagit 11
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8BCB844B-0814-4354-A413-1063DB4618E9}" = PeachTree Signature Ready Forms
"{8EBAB2D3-C17D-1070-015A-800180C303E8}" = Skins
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9AA9FEE7-9F99-4E69-947A-49F7DA0DDA3A}" = Cisco AnyConnect Secure Mobility Client
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9F78DBE6-95C1-ADEC-796A-E76DD4CDB4E8}" = Catalyst Control Center Graphics Light
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD72731-807A-4B79-AE05-9190B7002B7B}" = ProtectSmart Hard Drive Protection
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B8169E45-8E23-430B-91D1-EC64540C8ED0}" = HP User Guides 0103
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C25E9B95-8000-8985-EF20-9FF4DCEA41BA}" = CCC Help English
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime SP1
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}" = iTunes
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E8C3CF7A-9E8F-4C5D-8EC7-FF5A495E178C}" = VitalSource Bookshelf
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FA44DB7C-5158-A2DE-8672-D7C7E13E10A3}" = Catalyst Control Center Graphics Previews Common
"{FD6FAE16-DD20-EDBF-AB50-FAC87EB197D1}" = ccc-utility
"7DE39862CC26DCE2446838AAF7CD5C163F835A57" = Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Avast" = avast! Free Antivirus
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{54E4EECE-61B9-4D85-9B3C-99686A9ED6A1}" = Peachtree Accounting 2011
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Integration Services" = Sage Integration Services
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyPC Backup" = MyPC Backup
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Optimizer Pro_is1" = Optimizer Pro v3.2
"Pervasive PSQL v10 SP2 Workgroup (32-bit)" = Pervasive PSQL v10 SP2 Workgroup (32-bit)
"QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1" = Age of Empires II HD © Microsoft Studios version 1
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Steam" = Steam
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 236390" = War Thunder
"Steam App 440" = Team Fortress 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{481d491f-4f01-46d4-8b43-0187ae71ad0c}" = Snap.Do Engine
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 1/2/2014 11:23:47 AM | Computer Name = Chris-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/2/2014 11:23:47 AM | Computer Name = Chris-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/2/2014 11:23:47 AM | Computer Name = Chris-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/2/2014 11:24:09 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e27,
exception code 0xc0000005, fault offset 0x00066462, process id 0x1a8c, application
start time 0x01cf07ceaed1edeb.
Error - 1/2/2014 11:24:49 AM | Computer Name = Chris-PC | Source = VSS | ID = 8194
Description =
Error - 1/2/2014 11:24:58 AM | Computer Name = Chris-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 1/2/2014 11:31:38 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerPlugin_11_9_900_170.exe, version 11.9.900.170,
time stamp 0x529b79bf, faulting module ShimEng.dll_unloaded, version 0.0.0.0, time
stamp 0x4549bdb7, exception code 0xc0000005, fault offset 0x6d304618, process id
0x140c, application start time 0x01cf07cfb9aa567b.
Error - 1/2/2014 2:07:10 PM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e27,
exception code 0xc0000005, fault offset 0x00066462, process id 0x7b0, application
start time 0x01cf07e5734fe5b0.
Error - 1/2/2014 2:08:20 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =
Error - 1/2/2014 2:27:58 PM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e27,
exception code 0xc0000005, fault offset 0x00066462, process id 0x7a8, application
start time 0x01cf07e85c73ae7d.
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 11/27/2013 6:10:10 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 11/27/2013 6:10:10 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL
Error - 11/27/2013 7:40:38 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67110873
Description = Termination reason code 9: Client PC is shutting down.
Error - 11/27/2013 7:45:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108866
Description = Function: XmlParser::invokeParser File: .\Xml\XmlParser.cpp Line: 182
Invoked
Function: ISAXXMLReader::parse Return Code: -2146697210 (0x800C0006) Description:
WINDOWS_ERROR_CODE
Error - 11/27/2013 7:45:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108866
Description = Function: CPhoneHomeAgent::LoadSettingsFromXmlFile File: ..\PhoneHomeAgent.cpp
Line:
603 Invoked Function: XmlParser::parseFile Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED
Error - 11/27/2013 7:45:41 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE
Error - 11/27/2013 7:50:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 11/27/2013 7:50:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 11/27/2013 7:50:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL
Error - 11/27/2013 8:31:01 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67110873
Description = Termination reason code 9: Client PC is shutting down.
[ System Events ]
Error - 1/3/2014 12:59:22 AM | Computer Name = Chris-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.
Error - 1/3/2014 12:59:22 AM | Computer Name = Chris-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.
Error - 1/3/2014 1:00:02 AM | Computer Name = Chris-PC | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description =
Error - 1/3/2014 1:01:23 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 1/3/2014 1:01:23 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 1/3/2014 1:01:23 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 1/3/2014 1:01:23 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 1/3/2014 1:01:23 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 1/3/2014 1:03:10 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 1/3/2014 1:03:10 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >