I cannot run DDS (either version, NSIS Error writing temporary file. Make sure your temp folder is valid)
Would appreciate any assistance.
Here are OTL logs
OTL logfile created on: 12/7/2014 4:40:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Favorites\Downloads\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 45.79% Memory free
4.18 Gb Paging File | 2.96 Gb Available in Paging File | 70.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.38 Gb Total Space | 103.93 Gb Free Space | 36.04% Space Free | Partition Type: NTFS
Drive D: | 9.71 Gb Total Space | 3.02 Gb Free Space | 31.05% Space Free | Partition Type: NTFS
Drive H: | 587.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 111.78 Gb Total Space | 94.97 Gb Free Space | 84.96% Space Free | Partition Type: NTFS
Computer Name: SIGLERCENTRAL | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/12/07 16:37:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Favorites\Downloads\Downloads\OTL.exe
PRC - [2014/11/25 01:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
========== Modules (No Company Name) ==========
MOD - [2014/11/25 01:39:24 | 009,009,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll
MOD - [2014/11/25 01:39:17 | 001,677,128 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Unknown] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Unknown] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Unknown] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - File not found [Auto | Unknown] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - File not found [On_Demand | Unknown] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - File not found [On_Demand | Unknown] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2014/11/25 16:01:09 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Unknown] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/23 12:31:09 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Unknown] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/11/19 21:39:16 | 000,062,264 | ---- | M] (Duality Software) [Auto | Unknown] -- C:\Program Files\DS Clock\dsetime.exe -- (DSClockSyncTime)
SRV - [2009/02/15 12:49:00 | 002,794,234 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Unknown] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/18 10:01:26 | 000,195,032 | ---- | M] (Intel(R) Corporation) [On_Demand | Unknown] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2006/11/18 10:00:48 | 000,550,872 | ---- | M] (Intel(R) Corporation) [On_Demand | Unknown] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2006/11/18 10:00:06 | 000,174,552 | ---- | M] (Intel(R) Corporation) [On_Demand | Unknown] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2006/11/18 09:59:50 | 000,036,312 | ---- | M] (Intel(R) Corporation) [Auto | Unknown] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)
SRV - [2006/11/18 09:59:38 | 000,081,880 | ---- | M] (Intel(R) Corporation) [On_Demand | Unknown] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2006/11/18 09:59:02 | 000,032,216 | ---- | M] () [On_Demand | Unknown] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2006/10/29 12:03:30 | 000,208,896 | ---- | M] () [Auto | Unknown] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/29 15:38:50 | 000,081,920 | ---- | M] (Intel Corporation) [Auto | Unknown] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\usbscan.sys -- (usbscan)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\drivers\stwrt.sys -- (STHDA)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Windows\system32\DDMI2.sys -- (SDDMI2)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Unknown] -- system32\drivers\netfilter.sys -- (netfilter)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Unknown] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014/11/23 12:32:50 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Unknown] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/11/23 12:32:44 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Unknown] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/11/23 12:32:29 | 000,057,928 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/11/23 12:32:28 | 000,206,248 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/11/23 12:32:28 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/11/23 12:32:28 | 000,055,240 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\aswrdr.sys -- (aswRdr)
DRV - [2014/11/23 12:32:28 | 000,049,944 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/11/23 12:32:28 | 000,024,184 | ---- | M] () [Kernel | Auto | Unknown] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2013/05/23 01:12:34 | 000,037,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2013/05/23 01:12:32 | 000,043,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2013/05/23 01:12:24 | 000,019,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007/05/22 15:23:28 | 000,155,648 | ---- | M] (ViXS Systems Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\xcbda.sys -- (xcbdaNtsc)
DRV - [2006/12/18 12:09:51 | 000,005,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\IntelDH.sys -- (IntelDH)
DRV - [2006/11/18 10:01:08 | 000,018,904 | ---- | M] () [File_System | On_Demand | Unknown] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2006/11/16 13:10:44 | 000,214,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/08 18:54:02 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/11/07 22:02:40 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2006/11/02 02:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32)
DRV - [2006/11/02 02:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/10/30 19:53:32 | 000,044,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2006/10/19 18:49:48 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Unknown] -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2006/09/27 19:37:24 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Unknown] -- C:\Windows\System32\drivers\nmsgopro.sys -- (nmsgopro)
DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Unknown] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/08/16 11:23:10 | 000,038,422 | ---- | M] (Generic) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\StMp3Rec.sys -- (StMp3Rec)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKLM\..\SearchScopes\{138235B3-FA12-4084-A20C-4EB5DA65EAE7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo.com/yhs/search?typ ... yhs-001&p={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si= ... id=2937&q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html ... P&M=GM5420
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html ... P&M=GM5420
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\John\Documents\Downloads
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?typ ... yhs-001&p={searchTerms}
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://my.yahoo.com/?mkg=015
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\..\SearchScopes,DefaultScope = {D0AD9E03-ED51-4D51-8597-4AEFB44E9EC7}
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\..\SearchScopes\{138235B3-FA12-4084-A20C-4EB5DA65EAE7}: "URL" = http://search.certified-toolbar.com?si= ... id=2937&q={searchTerms}
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\..\SearchScopes\{4087ADE5-5F1A-4EBF-8D7F-D54860D0DB64}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\..\SearchScopes\{94533161-89D6-4D04-96C5-D5E2FBC84855}: "URL" = http://www.bing.com/search?q={searchTerms}&form=OSDSRC
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo.com/yhs/search?typ ... yhs-001&p={searchTerms}
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\..\SearchScopes\{D0AD9E03-ED51-4D51-8597-4AEFB44E9EC7}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.11.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/11/23 12:32:32 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/12/02 20:32:15 | 000,450,028 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15474 more lines...
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O7 - HKU\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 5.15.0.cab (Reg Error: Key error.)
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} http://download.abacast.com/download/fi ... tup162.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC6256CD-E5D4-4939-A99B-124FC6267A5C}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999/09/01 10:06:46 | 000,000,000 | ---D | M] - H:\AUTORUN -- [ CDFS ]
O32 - AutoRun File - [1999/05/18 19:18:54 | 000,028,160 | R--- | M] () - H:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [1999/05/18 19:18:56 | 000,000,089 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [1999/05/18 19:18:56 | 000,003,286 | R--- | M] () - H:\AUTORUN.TRE -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SsiEfr.exe)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/12/03 12:18:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\VP3DLlaptop
[2014/11/30 17:45:36 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\Systweak
[2014/11/29 12:45:57 | 000,000,000 | ---D | C] -- C:\Windows\Favorites
[2014/11/25 18:07:46 | 000,000,000 | R--D | C] -- C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/11/25 18:07:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2014/11/25 13:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/11/23 17:41:18 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\Opera Software
[2014/11/23 17:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2014/11/23 12:32:33 | 000,291,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/11/23 12:32:25 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/11/17 13:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/11/17 13:11:49 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\MPC-HC
[2014/11/16 14:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
[2014/11/16 14:18:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\C2MP
[2014/11/12 08:13:19 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2014/11/12 08:13:17 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2014/11/12 08:12:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/11/12 08:11:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2014/11/12 08:11:16 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2014/11/12 08:09:37 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2014/11/12 08:09:36 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2014/11/12 08:09:36 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2014/11/12 08:03:17 | 002,054,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/11/12 07:59:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/11/12 07:59:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/11/12 07:59:55 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/11/12 07:59:53 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/11/12 07:59:53 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/11/12 07:59:52 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/11/12 07:59:51 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/11/12 07:59:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/11/12 07:59:51 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/11/12 07:59:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/11/12 07:59:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/11/12 07:59:44 | 001,810,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/11/12 07:45:28 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\AVAST Software
[2014/11/11 18:58:32 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\AvgSetupLog
[2014/11/11 18:58:32 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Avg
[2014/11/09 09:18:17 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\InstallShield
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/12/07 16:27:44 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/07 16:10:11 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/07 16:01:44 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/12/07 15:52:36 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/12/07 15:52:36 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/12/07 15:12:34 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/12/07 14:50:07 | 000,000,041 | ---- | M] () -- C:\Windows\Filzip.ini
[2014/12/07 13:58:58 | 000,665,298 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/12/07 13:58:58 | 000,122,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/12/07 13:52:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/07 10:25:50 | 000,008,992 | ---- | M] () -- C:\Windows\John8.xlb
[2014/12/04 10:05:33 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2014/12/02 20:32:15 | 000,450,028 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/12/02 20:25:08 | 000,450,028 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20141202-203215.backup
[2014/12/02 10:53:00 | 000,400,152 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/11/27 13:23:56 | 000,450,028 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20141202-202508.backup
[2014/11/25 16:01:07 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/11/25 16:01:07 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/11/25 14:11:40 | 000,450,028 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20141127-132355.backup
[2014/11/25 13:56:18 | 000,450,028 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20141125-141140.backup
[2014/11/25 12:31:27 | 000,095,744 | ---- | M] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/11/23 17:41:05 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2014/11/23 12:32:50 | 000,787,800 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014/11/23 12:32:44 | 000,423,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014/11/23 12:32:29 | 000,057,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/11/23 12:32:28 | 000,206,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/11/23 12:32:28 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/11/23 12:32:28 | 000,055,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswrdr.sys
[2014/11/23 12:32:28 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/11/23 12:32:28 | 000,024,184 | ---- | M] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/11/23 12:32:25 | 000,291,352 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/11/23 12:32:25 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/11/21 06:14:16 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/11/21 06:14:10 | 000,075,480 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/11/21 06:14:06 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/11/12 10:52:02 | 000,449,970 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20141125-135618.backup
[2014/11/12 08:11:21 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Chrome.lnk
[2014/11/11 21:19:11 | 000,001,356 | R--- | M] () -- C:\Users\John\AppData\Local\d3d9caps.dat
[2014/11/10 10:33:30 | 000,089,151 | ---- | M] () -- C:\Users\John\Documents\bookmarks.html
[2014/11/08 09:58:00 | 000,073,728 | ---- | M] () -- C:\Windows\System32\tasks.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/12/04 10:05:33 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2014/11/23 17:41:05 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014/11/23 17:41:05 | 000,000,763 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014/11/10 10:33:29 | 000,089,151 | ---- | C] () -- C:\Users\John\Documents\bookmarks.html
[2014/11/08 09:57:59 | 000,073,728 | ---- | C] () -- C:\Windows\System32\tasks.dll
[2014/10/10 14:53:03 | 000,000,067 | ---- | C] () -- C:\Users\John\AppData\Roaming\WB.CFG
[2014/09/27 21:12:16 | 000,045,400 | ---- | C] () -- C:\Windows\System32\DiscHandler.exe
[2014/09/25 16:53:04 | 000,000,236 | ---- | C] () -- C:\Windows\System32\Formats.ini
[2014/08/11 21:30:50 | 003,916,288 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2014/08/11 21:30:10 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2014/08/11 21:29:36 | 000,271,360 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2014/08/11 21:29:16 | 000,157,184 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2014/08/11 21:29:16 | 000,099,840 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2014/08/11 21:29:14 | 001,525,760 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2014/08/11 21:29:14 | 000,211,968 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2014/08/11 21:29:14 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2014/08/11 21:29:14 | 000,114,688 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2014/08/11 21:29:12 | 000,136,704 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2014/06/12 05:49:24 | 000,240,784 | ---- | C] () -- C:\Windows\System32\libbluray.dll
[2014/04/24 05:13:24 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/04/08 15:50:26 | 000,235,520 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2014/04/08 15:50:16 | 000,632,320 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2014/03/13 08:43:51 | 000,000,079 | ---- | C] () -- C:\Windows\wininit.ini
[2014/02/28 11:04:27 | 000,206,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/02/28 11:04:26 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/12/16 21:19:30 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
[2013/12/16 21:15:32 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OptimFROG.dll
[2013/12/16 21:15:30 | 000,047,104 | ---- | C] () -- C:\Windows\System32\bass_tak.dll
[2013/06/27 15:32:17 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/06/26 13:01:21 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/06/26 13:01:20 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/03/26 10:12:06 | 000,126,777 | R--- | C] () -- C:\Users\John\AppData\Roaming\VideoPad.dmp
[2013/01/09 11:16:51 | 000,365,568 | ---- | C] () -- C:\Windows\System32\ZSHP1020.EXE
[2012/12/24 11:55:14 | 000,011,264 | ---- | C] () -- C:\Windows\Launcher.exe
[2011/02/08 15:54:40 | 000,000,000 | R--- | C] () -- C:\Users\John\defogger_reenable
[2009/11/29 20:40:52 | 000,000,000 | R--- | C] () -- C:\Users\John\AppData\Local\prvlcl.dat
[2009/08/24 13:54:59 | 000,024,227 | R--- | C] () -- C:\Users\John\AppData\Roaming\UserTile.png
[2008/03/12 08:35:55 | 000,001,028 | R--- | C] () -- C:\Users\John\AppData\Roaming\WavCodec.wff
[2007/02/23 20:57:08 | 000,000,110 | R--- | C] () -- C:\Users\John\AppData\Roaming\wklnhst.dat
[2007/02/21 11:12:46 | 000,001,356 | R--- | C] () -- C:\Users\John\AppData\Local\d3d9caps.dat
[2007/02/20 13:14:11 | 000,095,744 | ---- | C] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 08:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/07/30 12:39:00 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/07/30 12:39:00 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012/11/23 14:13:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AnvSoft
[2014/11/12 07:45:28 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AVAST Software
[2014/11/12 07:39:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AVG10
[2012/12/23 15:55:18 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\avidemux
[2014/03/24 12:01:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\BBCiPlayerDownloads
[2014/07/23 14:23:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\CBS Interactive
[2014/11/23 12:17:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\CDXReader
[2014/03/26 21:32:50 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Celeris
[2007/04/03 17:37:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\CoffeeCup Software
[2011/06/28 18:31:17 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DAEMON Tools Lite
[2011/01/18 04:52:41 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Duality Software
[2014/11/23 12:17:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\IrfanView
[2014/07/02 09:17:29 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\JGsoft
[2014/11/23 12:17:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\LavFilters
[2011/06/28 14:12:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Leadertech
[2010/05/15 12:41:49 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Leawo
[2014/11/12 07:39:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MediaMonkey
[2010/03/05 13:32:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Moyea
[2014/11/17 13:11:49 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MPC-HC
[2008/03/13 14:27:02 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\NCH Swift Sound
[2014/11/23 17:41:18 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Opera Software
[2014/02/22 11:06:20 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Oracle
[2011/12/21 14:44:09 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PopMan
[2007/02/20 13:28:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\SampleView
[2014/11/30 17:45:36 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Systweak
[2007/04/10 15:12:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Template
[2014/11/12 07:39:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Thunderbird
[2013/07/26 10:39:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TuneUp Software
[2014/12/07 14:49:47 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\uTorrent
[2014/11/12 07:39:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\XnView
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >
OTL Extras logfile created on: 12/7/2014 4:40:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Favorites\Downloads\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 45.79% Memory free
4.18 Gb Paging File | 2.96 Gb Available in Paging File | 70.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.38 Gb Total Space | 103.93 Gb Free Space | 36.04% Space Free | Partition Type: NTFS
Drive D: | 9.71 Gb Total Space | 3.02 Gb Free Space | 31.05% Space Free | Partition Type: NTFS
Drive H: | 587.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 111.78 Gb Total Space | 94.97 Gb Free Space | 84.96% Space Free | Partition Type: NTFS
Computer Name: SIGLERCENTRAL | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
.txt [@ = txtfile] -- Reg Error: Key error. File not found
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4278196236-3910043076-1921008887-1001]
"EnableNotificationsRef" = 3
"EnableNotifications" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4278196236-3910043076-1921008887-500]
"EnableNotificationsRef" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07B2B413-B864-4230-AF9D-7C073A475824}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{1D5A02A5-83F9-40BE-8A62-82B9396E4D7E}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{2C062DDF-926A-47EE-A655-1398D09C3E4C}" = lport=29900 | protocol=6 | dir=in | name=gp connection manager |
"{3200722A-A7A1-4947-84F1-BA442407D0FD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{4C69F3C7-4A29-4887-8735-9A4D682892E0}" = lport=6500 | protocol=6 | dir=in | name=query port |
"{4F148ACA-501D-4AE8-9199-D4D7DEDBC621}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{54EC718A-FAFF-4CD3-9A8C-5A17644CDE12}" = lport=2869 | protocol=6 | dir=in | app=system |
"{56317DDC-66D6-4C37-9639-B6884C0FD450}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{5F797317-60A0-49C7-AF3F-3FC23FD00C8A}" = lport=29901 | protocol=6 | dir=in | name=gp search manager |
"{6DFB3C75-B1FF-46F9-886C-D6933866FCCB}" = lport=27900 | protocol=6 | dir=in | name=master server udp heartbeat |
"{ACFDCBD2-9BEB-4AF4-8831-5188B5DCDC6D}" = lport=28900 | protocol=6 | dir=in | name=master server list request |
"{B8906444-4788-4F90-B402-15E68ED926F8}" = lport=6515 | protocol=6 | dir=in | name=dplay udp |
"{BAC42963-BFC0-4CF0-9A8E-A4B6A61230EC}" = lport=3783 | protocol=6 | dir=in | name=voice chat port |
"{BB5155DE-42FF-46C6-94F5-6A819090D944}" = lport=13139 | protocol=6 | dir=in | name=custom udp pings |
"{C6A3FBB6-4879-4AA7-8489-E7DBDBD12BD2}" = lport=6667 | protocol=6 | dir=in | name=irc |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F81C7C-A75B-44F6-B6CF-46E2F77FEA0D}" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"{097AB5AD-1E22-4BDB-B059-C6FC276E452F}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{09DCDE17-E5D2-4D01-B635-3996013C07E7}" = protocol=17 | dir=in | app=c:\windows\system32\spoolsv.exe |
"{13DEAD10-F7F1-4E57-B61B-63C70F04D6F2}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{1D513074-6EAF-4B39-85A2-FFD9FB19AF0F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2F85CB51-3F56-4A8A-8CD7-60D29B908DE8}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{30F5E4E2-AF26-45A4-A0E7-0893AE405C95}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{431DDD6E-BF6C-4C7A-9F8C-981A08C66290}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{508389C7-CEAB-4BEF-90D8-3A6550CBA922}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{6570A2E5-FF6C-4458-82CB-62FC4E46E368}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{6BA94EC0-3B11-444B-ACF2-9685AB22CB2A}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{6EC873BD-29DF-43AD-947F-C597C3CBD8DE}" = protocol=6 | dir=in | app=c:\windows\system32\spoolsv.exe |
"{72592CCC-849E-4851-A6CD-3BFFB95ECEC6}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{7574D490-5DC0-48D8-A01B-061C9958C29F}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{772F1BE6-25BC-4D3D-94E5-B80DACE329FF}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{926624ED-9D4F-4E6A-AA4C-5CCDB07412B5}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{965B6B87-BA82-4CDD-9371-697B6402855A}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{AE8A31C1-943C-44FA-85B3-F117B416643F}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{BEFC67C9-7F47-4569-B8BF-119A09811BF5}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{C0531CC5-002E-4180-B51F-DF7FB05CAE32}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{C3ACC849-B464-4B8F-B9BA-F679A554ED0F}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{C41700E0-34F1-40EB-B3E8-3B61252F010C}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{D28CACF7-066F-4AC9-9E0A-757369DF400A}" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"{D97D28C8-AE17-4723-ABE8-FF6FBA1C0D80}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{DC808989-0220-4350-A783-E25C06E10C73}" = protocol=6 | dir=in | app=c:\program files\celeris\virtual pool 3 dl\vp3.exe |
"{DE6E57CD-77FC-4834-A27D-495AAD0FD08F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E11CA49A-F3A6-4422-8160-790F296C727A}" = protocol=17 | dir=in | app=c:\program files\celeris\virtual pool 3 dl\vp3.exe |
"{F66F6495-09BD-4D5A-8785-F61451AFEC36}" = protocol=6 | dir=out | app=system |
"{F7796B77-515D-4912-B5A1-77B16AFDEEBC}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{0A9D88E7-628A-445D-AD39-3954B1F027B4}C:\program files\microsoft games\links 2001\linksmmi.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\links 2001\linksmmi.exe |
"TCP Query User{17A744AF-1105-4EF7-8718-1A9B55042C2C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{2B2A14AF-4A4F-43EF-BFBA-2F2C9331E6D6}C:\program files\microsoft games\links 2001\linksmmi.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\links 2001\linksmmi.exe |
"TCP Query User{48CB1DB3-5790-4100-B0BE-61F924689BDC}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{50F6CEB9-246C-4546-A4F0-2E3866768C42}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{5D29D0C7-BF35-43D3-804D-6076EC8862DE}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{81E775FE-6FC5-4992-8785-968DD5F61453}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{8D4AD730-297E-4BF9-BF24-C574C2791DD6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{98FBD862-3359-4B26-B978-C50182F27D62}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{9FEEB6AE-9F2E-425F-B033-30897FBD9492}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{A443F6ED-BD8E-491A-A6BA-88383884C82C}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{C99994A0-D7EB-45C0-89D3-CF840A4CBF24}H:\setup.exe" = protocol=6 | dir=in | app=h:\setup.exe |
"UDP Query User{02DC19EB-3DCD-49F5-993C-7E416288A19B}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{05C2525B-2E26-4797-960A-B7B2BAA6C8AB}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{06C0E2DF-A447-428C-A89F-7340131E049C}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{108CC807-C915-4F03-A2E0-A74210EF34E9}C:\program files\microsoft games\links 2001\linksmmi.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\links 2001\linksmmi.exe |
"UDP Query User{2C2CECB0-D5E7-4220-A88F-B5A628348200}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5146B915-8BEB-4C8E-AD3A-10CE6D13ADFC}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{549D516D-8B22-4D1B-B0DC-E77E79E9B617}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{5C382E29-46B1-4502-8E20-EC30E01A9E57}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{86448CE1-1D37-4DB1-87FF-065087728178}C:\program files\microsoft games\links 2001\linksmmi.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\links 2001\linksmmi.exe |
"UDP Query User{9FCAA13B-79E4-4151-8163-2BDB3A674B37}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{BAD4CBEF-2E8D-4BCD-9BED-B492EE42AEC9}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{F82D93C5-50A7-4BA5-AFAA-AE6FC2E0B7CD}H:\setup.exe" = protocol=17 | dir=in | app=h:\setup.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{107254A0-0ADF-11D4-9397-00D0B7020B38}" =
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83218011FF}" = Java 8 Update 11
"{26C610BF-761B-4209-BD6A-A0F1B73D6DDE}" = Intel(R) Viiv(TM) Software
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{584267B8-0BB0-4D18-9FFA-726576619E9A}" = Doom 3
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B4873B0-71FF-4BAA-8072-1DEE154C54E4}" = Virtual Pool 3 DL
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{C074AFB2-07DF-46DF-96CD-38CEC2793AF7}" = Virtual Pool 4 Online
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5
"{E801BD2A-AB6B-4B8F-9599-B164AC726EC8}" = Virtual Pool 4
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Avast" = Avast Free Antivirus
"Bulk Rename Utility_is1" = Bulk Rename Utility 2.7.1.2
"CCleaner" = CCleaner
"ChampSpades" = Championship Spades All-Stars 7.50
"DivX Setup" = DivX Setup
"DS Clock_is1" = DS Clock
"EditPad Lite" = EditPad Lite 7.3.1
"ffdshow_is1" = ffdshow v1.1.4399 [2012-03-22]
"FileHippo.com" = FileHippo.com Update Checker
"Filzip 3.0.6.93_is1" = Filzip 3.06
"GameSpy Arcade" = GameSpy Arcade
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HECI" = Intel(R) Management Engine Interface
"HP-LaserJet 1020 series" = LaserJet 1020 series
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"Intel(R) Configuration Center" = Intel(R) Viiv(TM) Software
"IrfanView" = IrfanView (remove only)
"Links 2001 2.0" = Microsoft Links 2001
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"Media Player - Codec Pack" = Media Player Codec Pack 4.3.4
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"Office8.0" = Microsoft Office 97, Professional Edition
"Opera 26.0.1656.32" = Opera Stable 26.0.1656.32
"PopMan-CH-Software_is1" = PopMan 1.3.1
"PROSet" = Intel(R) PRO Network Connections Drivers
"SopCast" = SopCast 3.2.9
"SpywareBlaster_is1" = SpywareBlaster 5.0
"VLC media player" = VLC media player
"Winamp" = Winamp
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4278196236-3910043076-1921008887-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Download App" = Download App
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >