OTL logfile created on: 4/11/2011 8:28:45 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Chris\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 73.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 427.01 Gb Free Space | 45.85% Space Free | Partition Type: NTFS
Computer Name: SASHA | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Chris\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
PRC - C:\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Modules (SafeList) ========== MOD - C:\Users\Chris\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV:
64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV:
64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV:
64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV:
64bit: - (LVPrcS64) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Driver Services (SafeList) ========== DRV:
64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:
64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:
64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (ALWIL Software)
DRV:
64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:
64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:
64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:
64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:
64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:
64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:
64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:
64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:
64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (SaiNtBus) -- C:\Windows\SysNative\drivers\SaiBus.sys (Saitek)
DRV:
64bit: - (SaiMini) -- C:\Windows\SysNative\drivers\SaiMini.sys (Saitek)
DRV:
64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:
64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:
64bit: - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.)
DRV:
64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:
64bit: - (SaiH0255) -- C:\Windows\SysNative\drivers\SaiH0255.sys (Saitek)
DRV:
64bit: - (DAdderFltr) -- C:\Windows\SysNative\drivers\dadder.sys (Razer (Asia-Pacific) Pte Ltd)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3164576052-2210846065-480863280-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/IE - HKU\S-1-5-21-3164576052-2210846065-480863280-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3164576052-2210846065-480863280-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 B3 E3 53 86 EA CB 01 [binary data]
IE - HKU\S-1-5-21-3164576052-2210846065-480863280-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3164576052-2210846065-480863280-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledItems:
iaplayer@instantaction.com:0.4.1.1
FF - prefs.js..extensions.enabledItems:
DeviceDetection@logitech.com:1.0.176.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {E4294DD8-ACD8-4C5D-986A-5968A1142E5A}:1.9.1
FF - prefs.js..extensions.enabledItems:
firesheep@codebutler.com:0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems:
smartwebprinting@hp.com:4.51
FF - HKLM\software\mozilla\Firefox\Extensions\\{E4294DD8-ACD8-4C5D-986A-5968A1142E5A}: C:\Users\Chris\AppData\Local\{E4294DD8-ACD8-4C5D-986A-5968A1142E5A} [2010/09/11 20:30:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/15 14:01:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/07 09:30:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/03/23 21:09:53 | 000,000,000 | ---D | M]
[2009/12/25 19:19:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2011/04/10 12:33:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8p6iyrhu.default\extensions
[2010/05/03 12:27:19 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8p6iyrhu.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/02/10 23:25:51 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8p6iyrhu.default\extensions\DeviceDetection@logitech.com
[2010/10/26 21:41:05 | 000,000,000 | ---D | M] (Firesheep) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8p6iyrhu.default\extensions\firesheep@codebutler.com
[2010/02/02 00:19:42 | 000,000,000 | ---D | M] (InstantAction.com Game Launcher) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8p6iyrhu.default\extensions\iaplayer@instantaction.com
[2011/04/10 12:33:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/22 10:54:33 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/11/28 16:19:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/10 14:06:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/01/15 14:01:11 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2010/09/11 20:30:14 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\CHRIS\APPDATA\LOCAL\{E4294DD8-ACD8-4C5D-986A-5968A1142E5A}
[2003/03/18 22:20:00 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\mfc71.dll
[2003/02/21 05:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\msvcr71.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/05/19 11:05:00 | 000,155,648 | ---- | M] (IBM Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npmfv.dll
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - Reg Error: Value error. File not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (PE_IE_Helper Class) - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4:
64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:
64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:
64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3164576052-2210846065-480863280-1001..\Run: [BitTorrent DNA] C:\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3164576052-2210846065-480863280-1001..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3164576052-2210846065-480863280-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3164576052-2210846065-480863280-1001\..Trusted Domains: minecraft.net ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-3164576052-2210846065-480863280-1001\..Trusted Domains: minecraft.net ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB}
http://download.microsoft.com/download/ ... msorun.cab (IEAnimBehaviorFactory Class)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O18:
64bit: - Protocol\Handler\javascript - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\javascript - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{86c062ac-3b47-11df-9534-001fc66ebc57}\Shell - "" = AutoRun
O33 - MountPoints2\{86c062ac-3b47-11df-9534-001fc66ebc57}\Shell\AutoRun\command - "" = I:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: sethtion - (C:\Windows\system32\InfDshta.dll) - C:\Windows\SysWOW64\InfDshta.dll ()
O36 - AppCertDlls: SetImote - (C:\Windows\system32\instexec.dll) - File not found
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/04/09 22:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Livestream Procaster
[2011/04/09 11:10:32 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Ubisoft Game Launcher
[2011/04/09 11:07:19 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Ubisoft
[2011/04/09 11:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2011/04/09 11:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011/04/08 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/04/08 18:04:06 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/03/31 17:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/03/31 17:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2011/03/23 16:15:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SplitMediaLabs
[2011/03/22 13:11:50 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\CrashRpt
[2011/03/22 13:11:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Livestream Procaster
[2011/03/22 13:01:07 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\scfh
[2011/03/22 12:27:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2011/03/22 12:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2011/03/22 12:10:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2011/03/21 12:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2011/03/14 18:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter Standard
[2011/03/14 18:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PingPlotter Standard
[2011/03/12 17:13:01 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/03/09 16:20:29 | 000,445,440 | ---- | C] (Dino Chiesa) -- C:\Users\Chris\AppData\Roaming\Ionic.Zip.dll
[2011/03/09 16:20:29 | 000,133,632 | ---- | C] (Wandering Samurai Studios) -- C:\Users\Chris\AppData\Roaming\MWLL.AutoUpdater.exe
[2011/03/09 16:20:29 | 000,020,480 | ---- | C] (Wandering Samurai Studios) -- C:\Users\Chris\AppData\Roaming\MwllTorrent.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/04/11 08:18:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/11 08:17:55 | 536,305,663 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/10 22:48:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3164576052-2210846065-480863280-1001UA.job
[2011/04/10 19:26:17 | 000,266,400 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/04/10 19:26:17 | 000,266,400 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/04/10 18:48:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3164576052-2210846065-480863280-1001Core.job
[2011/04/10 01:00:54 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/10 01:00:54 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/09 22:16:01 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\Livestream Procaster.lnk
[2011/04/09 17:12:14 | 000,266,400 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/04/09 09:54:24 | 000,743,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/04/09 09:54:24 | 000,635,612 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/04/09 09:54:24 | 000,111,186 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/04/08 18:04:06 | 000,002,975 | ---- | M] () -- C:\Users\Chris\Desktop\HiJackThis.lnk
[2011/04/05 21:59:46 | 004,214,032 | ---- | M] () -- C:\Users\Chris\Documents\100_2482.JPG
[2011/04/05 21:59:43 | 001,932,474 | ---- | M] () -- C:\Users\Chris\Documents\100_2487.JPG
[2011/04/05 21:59:02 | 001,940,486 | ---- | M] () -- C:\Users\Chris\Documents\100_2488.JPG
[2011/04/05 21:58:56 | 001,998,913 | ---- | M] () -- C:\Users\Chris\Documents\100_2492.JPG
[2011/04/04 22:00:18 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/03/26 19:39:06 | 000,367,949 | ---- | M] () -- C:\Users\Chris\Desktop\help.png
[2011/03/24 16:39:44 | 000,029,162 | ---- | M] () -- C:\Users\Chris\Desktop\mikelapalette.png
[2011/03/23 20:08:12 | 001,288,803 | ---- | M] () -- C:\Users\Chris\Desktop\mikela.png
[2011/03/21 17:14:18 | 000,263,732 | ---- | M] () -- C:\Users\Chris\Desktop\futuretheme.lvl
[2011/03/20 00:03:04 | 000,898,948 | ---- | M] () -- C:\Users\Chris\Desktop\Julie.png
[2011/03/18 23:57:10 | 000,218,729 | ---- | M] () -- C:\Users\Chris\Desktop\face.png
[2011/03/17 18:36:44 | 000,267,336 | ---- | M] () -- C:\Users\Chris\Desktop\2.png
[2011/03/17 15:22:25 | 000,250,820 | ---- | M] () -- C:\Users\Chris\Desktop\1.png
[2011/03/15 12:46:38 | 000,402,299 | ---- | M] () -- C:\Users\Chris\Desktop\logo.jpg
[2011/03/15 12:46:38 | 000,370,042 | ---- | M] () -- C:\Users\Chris\Desktop\deputy_duck coloring.jpg
[2011/03/14 23:41:46 | 000,721,156 | ---- | M] () -- C:\Users\Chris\Desktop\Rain.jpg
[2011/03/14 19:16:16 | 000,218,601 | ---- | M] () -- C:\Users\Chris\Desktop\pingplot2.jpg
[2011/03/14 19:01:02 | 000,086,408 | ---- | M] () -- C:\Users\Chris\Desktop\pingplotter.jpg
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/04/09 22:16:01 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\Livestream Procaster.lnk
[2011/04/08 18:04:06 | 000,002,975 | ---- | C] () -- C:\Users\Chris\Desktop\HiJackThis.lnk
[2011/04/05 21:59:35 | 001,932,474 | ---- | C] () -- C:\Users\Chris\Documents\100_2487.JPG
[2011/04/05 21:59:31 | 004,214,032 | ---- | C] () -- C:\Users\Chris\Documents\100_2482.JPG
[2011/04/05 21:58:56 | 001,940,486 | ---- | C] () -- C:\Users\Chris\Documents\100_2488.JPG
[2011/04/05 21:58:49 | 001,998,913 | ---- | C] () -- C:\Users\Chris\Documents\100_2492.JPG
[2011/03/26 19:39:06 | 000,367,949 | ---- | C] () -- C:\Users\Chris\Desktop\help.png
[2011/03/24 16:39:44 | 000,029,162 | ---- | C] () -- C:\Users\Chris\Desktop\mikelapalette.png
[2011/03/23 20:08:11 | 001,288,803 | ---- | C] () -- C:\Users\Chris\Desktop\mikela.png
[2011/03/21 17:14:17 | 000,263,732 | ---- | C] () -- C:\Users\Chris\Desktop\futuretheme.lvl
[2011/03/20 00:03:03 | 000,898,948 | ---- | C] () -- C:\Users\Chris\Desktop\Julie.png
[2011/03/18 23:57:10 | 000,218,729 | ---- | C] () -- C:\Users\Chris\Desktop\face.png
[2011/03/17 18:36:44 | 000,267,336 | ---- | C] () -- C:\Users\Chris\Desktop\2.png
[2011/03/17 15:21:28 | 000,250,820 | ---- | C] () -- C:\Users\Chris\Desktop\1.png
[2011/03/15 12:47:09 | 000,402,299 | ---- | C] () -- C:\Users\Chris\Desktop\logo.jpg
[2011/03/15 12:47:09 | 000,370,042 | ---- | C] () -- C:\Users\Chris\Desktop\deputy_duck coloring.jpg
[2011/03/14 23:41:45 | 000,721,156 | ---- | C] () -- C:\Users\Chris\Desktop\Rain.jpg
[2011/03/14 19:16:15 | 000,218,601 | ---- | C] () -- C:\Users\Chris\Desktop\pingplot2.jpg
[2011/03/14 19:01:02 | 000,086,408 | ---- | C] () -- C:\Users\Chris\Desktop\pingplotter.jpg
[2011/03/14 16:46:41 | 000,152,168 | ---- | C] () -- C:\Users\Chris\Desktop\cars.lvl
[2011/03/09 16:20:29 | 001,806,336 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\mwll_torrent.dll
[2011/03/09 16:20:29 | 000,101,888 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Shd.dll
[2011/02/25 18:19:32 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011/01/15 13:55:37 | 000,221,260 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011/01/15 13:55:37 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2010/10/28 14:34:08 | 000,052,736 | -H-- | C] () -- C:\Windows\SysWow64\InfDshta.dll
[2010/10/21 15:41:00 | 000,197,472 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/09/11 20:30:15 | 000,000,120 | ---- | C] () -- C:\Users\Chris\AppData\Local\Mteteqicox.dat
[2010/09/11 20:30:15 | 000,000,000 | ---- | C] () -- C:\Users\Chris\AppData\Local\Wbamuqahivafec.bin
[2010/06/25 10:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/06/19 14:37:33 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/05/25 15:32:38 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/05/09 17:13:01 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010/05/04 09:42:50 | 000,000,287 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/03/26 18:54:29 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/02/15 19:52:44 | 000,266,400 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/02/15 19:49:58 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/02/01 16:00:21 | 000,000,093 | ---- | C] () -- C:\Users\Chris\AppData\Local\fusioncache.dat
[2010/02/01 15:14:19 | 000,748,260 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/01/26 18:16:57 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/01/08 12:32:35 | 000,000,000 | ---- | C] () -- C:\Windows\ABC_mru.ini
[2009/12/25 19:29:31 | 000,007,607 | ---- | C] () -- C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
< End of report >