Code:
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\bestgameever\audiosurf\engine\channels\crypt.dll
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar.kfm
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar.nif
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_ac_down_atk.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_attack.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_critical.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_damage.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_die.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_normal_atk.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_normal_wide.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_run.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_stand.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_walk.kf
c:\program files\outspark\fiesta\reschar\kingcrab\emperorcarb_crackbip01_skill5.kf
c:\program files\outspark\fiesta\reschar\kingcrab\emperorcrab_crackbip01_skill1.kf
c:\program files\outspark\fiesta\reschar\kingcrab\emperorcrab_crackbip01_skill2.kf
c:\program files\outspark\fiesta\reschar\kingcrab\emperorcrab_crackbip01_skill3.kf
c:\program files\outspark\fiesta\reschar\kingcrab\emperorcrab_crackbip01_skill3_cast.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_attack.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_critical.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_damage.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_die.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_run.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_stand.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_walk.kf
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_ac_down_atk.nif
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_attack.nif
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_attack_op.nif
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_die.nif
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_normal_atk.nif
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_normal_wide.nif
c:\program files\outspark\fiesta\reseffect\b_crackerlooter_curse_wide.nif
c:\program files\outspark\fiesta\reseffect\firecracker01.nif
c:\program files\outspark\fiesta\reseffect\firecracker02.nif
c:\program files\outspark\fiesta\reseffect\hfirecracker00.nif
c:\program files\outspark\fiesta\reseffect\sta_crackeracdownloof.nif
c:\program files\outspark\fiesta\reseffect\sta_crackerdiseaseloof.nif
c:\program files\outspark\fiesta\resmap\field\b_cracker\b_cracker.conf
c:\program files\outspark\fiesta\resmap\field\b_cracker\b_cracker.nif
c:\program files\outspark\fiesta\resmap\field\b_cracker\b_cracker.shbd
c:\program files\outspark\fiesta\resmap\field\b_cracker\b_cracker.shmd
c:\program files\outspark\fiesta\resmap\field\b_cracker\darkcave_water.nif
c:\program files\outspark\fiesta\resmenu\minimap\b_cracker.dds
c:\program files\outspark\fiesta\ressystem\action\b_crackerhumar.dat
c:\users\phill\music\itunes\itunes media\music\tchaikovsky\unknown album\the nutcracker (soft).m4a
c:\users\phill\music\itunes\itunes media\music\tchaikovsky\unknown album\the nutcracker.m4a
scanner sequence 3.ZZ.11.LVAPCD
----- EOF -----
aswMBR version 0.9.7.777 Copyright(c) 2011 AVAST Software
Run date: 2011-07-18 13:30:59
-----------------------------
13:30:59.241 OS Version: Windows 6.1.7601 Service Pack 1
13:30:59.241 Number of processors: 2 586 0x4802
13:30:59.241 ComputerName: PHILL-PC UserName: Phill
13:31:15.756 Initialize success
13:31:39.089 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-0
13:31:39.105 Disk 0 Vendor: TOSHIBA_MK6034GSX AH101D Size: 57231MB BusType: 3
13:31:39.105 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000078
13:31:39.105 Disk 1 Vendor: RICOH 01 Size: 3759MB BusType: 0
13:31:39.121 Disk 0 MBR read successfully
13:31:39.121 Disk 0 MBR scan
13:31:39.136 Disk 0 Windows 7 default MBR code
13:31:39.136 Disk 0 scanning sectors +117207040
13:31:39.230 Disk 0 scanning C:\Windows\system32\drivers
13:31:48.996 Service scanning
13:31:51.464 Disk 0 trace - called modules:
13:31:51.496 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll atiide.sys PCIIDEX.SYS atapi.sys
13:31:51.511 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a97a78]
13:31:51.511 3 CLASSPNP.SYS[877a259e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-0[0x859b8908]
13:31:52.027 Scan finished successfully
13:32:05.449 Disk 0 MBR has been saved successfully to "C:\Users\Phill\Desktop\MBR.dat"
13:32:05.464 The log file has been saved successfully to "C:\Users\Phill\Desktop\aswMBR.txt"
OTL logfile created on: 7/18/2011 1:46:15 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Phill\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
894.05 Mb Total Physical Memory | 226.96 Mb Available Physical Memory | 25.39% Memory free
1.87 Gb Paging File | 1.09 Gb Available in Paging File | 58.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55.72 Gb Total Space | 5.45 Gb Free Space | 9.79% Space Free | Partition Type: NTFS
Drive D: | 2.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 3.66 Gb Total Space | 0.19 Gb Free Space | 5.23% Space Free | Partition Type: FAT32
Drive G: | 7.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 5.67 Gb Total Space | 0.23 Gb Free Space | 4.11% Space Free | Partition Type: FAT32
Computer Name: PHILL-PC | User Name: Phill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Phill\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Phill\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lxebcoms.exe ( )
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\WiFiConnector\NintendoWFCReg.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\Phill\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AdvancedSystemCareService) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (rpcnet) Remote Procedure Call (RPC) -- C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (lxeb_device) -- C:\Windows\System32\lxebcoms.exe ( )
SRV - (lxebCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (67329092) -- C:\Windows\system32\DRIVERS\67329092.sys (Kaspersky Lab ZAO)
DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Program Files\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (SmartDefragDriver) -- C:\Windows\System32\Drivers\SmartDefragDriver.sys ()
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WINUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (RT25USBAP) -- C:\Windows\System32\drivers\RT25USBAP.SYS (Ralink Technology Inc.)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (atiide) -- C:\Windows\system32\DRIVERS\atiide.sys (ATI Technologies Inc.)
DRV - (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM) -- C:\Windows\System32\drivers\sscdserd.sys (MCCI)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to Facebook - Log In, Sign Up or Learn More
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.WeatherBlink.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Phill\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Phill\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
[2011/06/21 17:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Phill\AppData\Roaming\Mozilla\Extensions
[2011/06/22 13:21:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Phill\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/01/30 20:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Phill\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
O1 HOSTS File: ([2011/07/16 20:00:36 | 000,000,084 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.example.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Google Update] C:\Users\Phill\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SmartRAM] C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe (IObit)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.euro.dell.com/systemp.../SysProExe.CAB (WMI Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab...i_4.4.26.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/07/14 04:26:40 | 000,000,043 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010/05/24 18:34:11 | 000,000,046 | RH-- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{11e68bdd-92eb-11e0-9938-000d0bc45ef3}\Shell - "" = AutoRun
O33 - MountPoints2\{11e68bdd-92eb-11e0-9938-000d0bc45ef3}\Shell\AutoRun\command - "" = G:\Installer.exe -- [2010/05/24 18:34:11 | 002,505,256 | R--- | M] ()
O33 - MountPoints2\{8900f934-12cf-11e0-ad04-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8900f934-12cf-11e0-ad04-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2009/07/14 04:26:40 | 000,111,880 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SmartDefragBootTime.exe) - C:\Windows\System32\SmartDefragBootTime.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
========== Files/Folders - Created Within 30 Days ==========
[2011/07/18 13:40:12 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Phill\Desktop\OTL.exe
[2011/07/18 13:19:39 | 001,913,344 | ---- | C] (AVAST Software) -- C:\Users\Phill\Desktop\aswMBR.exe
[2011/07/17 20:07:15 | 000,000,000 | ---D | C] -- C:\Users\Phill\Incomplete
[2011/07/17 05:02:38 | 000,190,032 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2011/07/17 05:02:38 | 000,056,400 | ---- | C] (trend_company_name) -- C:\Windows\System32\drivers\tmrkb.sys
[2011/07/17 03:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/07/17 03:53:16 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\67329092.sys
[2011/07/17 03:33:19 | 003,412,856 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\procexp.exe
[2011/07/17 03:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/07/17 02:29:15 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Local\NPE
[2011/07/17 02:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/07/16 19:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2011/07/15 20:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/07/15 12:50:36 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\AVG10
[2011/07/15 12:48:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/07/15 12:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/07/15 12:31:36 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/07/15 11:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/07/15 10:44:17 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Local\Apple Computer
[2011/07/15 08:33:32 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\Malwarebytes
[2011/07/15 08:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/12 21:34:16 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011/07/12 21:34:16 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/07/12 21:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/12 21:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/07/12 21:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/07/12 21:33:43 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/07/12 21:33:43 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/07/12 21:33:42 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/12 21:32:47 | 002,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/07/11 08:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/07/02 13:03:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nintendo Wi-Fi USB Connector
[2011/07/02 13:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\WiFiConnector
[2011/07/02 08:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/07/02 08:11:59 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/07/02 08:11:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/07/02 08:11:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/06/29 14:35:11 | 000,028,672 | ---- | C] (Axis) -- C:\Windows\System32\PCWinSoftPBar.ocx
[2011/06/29 14:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1AVCapture
[2011/06/29 14:35:09 | 000,630,784 | ---- | C] (Axis) -- C:\Windows\System32\AxisToolBar.ocx
[2011/06/29 14:35:09 | 000,438,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSHFLXGD.OCX
[2011/06/29 14:35:09 | 000,264,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DS32.AX
[2011/06/29 14:35:09 | 000,188,416 | ---- | C] (Unreal Streaming Technologies Group.) -- C:\Windows\System32\UScreenCapture.ax
[2011/06/29 14:35:09 | 000,126,976 | ---- | C] (Ariel Systems) -- C:\Windows\System32\ArielColorCtrl.ocx
[2011/06/29 14:35:09 | 000,073,728 | ---- | C] (PCWinSoft Systems Ltd) -- C:\Windows\System32\TOverlay.ax
[2011/06/29 14:35:09 | 000,053,248 | ---- | C] (DeskShare) -- C:\Windows\System32\DSTimeStamp.ax
[2011/06/29 14:35:09 | 000,036,864 | ---- | C] (Axis) -- C:\Windows\System32\Sof2FFTPrj.ocx
[2011/06/29 14:35:09 | 000,028,672 | ---- | C] (Axis) -- C:\Windows\System32\SpecBarPrj.ocx
[2011/06/29 14:34:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\1AVCapture
[2011/06/29 14:34:59 | 000,000,000 | ---D | C] -- C:\Program Files\1AVCapture
[2011/06/28 21:26:22 | 000,000,000 | ---D | C] -- C:\Taz Wanted
[2011/06/28 20:21:35 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/06/28 20:21:35 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/06/28 20:21:34 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/06/28 20:21:34 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/06/28 20:21:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/06/28 20:21:33 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/06/26 12:14:31 | 000,000,000 | ---D | C] -- C:\Users\Phill\FrostWire
[2011/06/26 12:14:15 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\FrostWire
[2011/06/26 12:14:05 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire
[2011/06/26 12:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2011/06/22 13:32:44 | 000,000,000 | ---D | C] -- C:\Users\Phill\Documents\StarCraft II
[2011/06/22 13:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/06/22 13:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2011/06/22 13:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2011/06/22 10:50:19 | 000,000,000 | -H-D | C] -- C:\Windows\System32\explorer
[2011/06/21 14:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/06/21 04:29:05 | 000,000,000 | ---D | C] -- C:\Users\Phill\Desktop\Starcraft_II_Wings_Of_Liberty_Proper-Razor1911
[2011/06/20 23:50:56 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft
[2011/06/20 23:26:51 | 000,000,000 | ---D | C] -- C:\StarCraft
[2011/06/20 22:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft Shareware(ED)
[2011/06/20 22:29:34 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Starcraft Shareware(ED)
[2011/06/20 22:29:33 | 000,068,608 | ---- | C] (Blizzard Entertainment) -- C:\Windows\ScEdUnin.exe
[2011/06/20 22:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft Shareware(ED)
[2011/06/19 12:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/19 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/03/11 19:01:23 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxebcomm.dll
[2010/04/14 20:56:04 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\lxebih.exe
[2010/04/14 20:56:02 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\lxebcoms.exe
[2010/04/14 20:56:00 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\lxebcfg.exe
[2010/04/13 20:41:34 | 000,442,368 | ---- | C] ( ) -- C:\Windows\System32\lxebcoin.dll
[2009/12/09 20:47:50 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxebpmui.dll
[2009/12/09 20:43:14 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxebserv.dll
[2009/12/09 20:41:22 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxebhbn3.dll
[2009/12/09 20:40:12 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxebusb1.dll
[2009/12/09 20:37:32 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxebhcp.dll
[2009/12/09 20:36:32 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxeblmpm.dll
[2009/12/09 20:35:50 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxebiesc.dll
[2009/12/09 20:35:44 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxebcomc.dll
[2009/12/09 20:35:30 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxebinpa.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/07/18 13:40:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Phill\Desktop\OTL.exe
[2011/07/18 13:32:05 | 000,000,512 | ---- | M] () -- C:\Users\Phill\Desktop\MBR.dat
[2011/07/18 13:31:32 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/18 13:31:32 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/18 13:24:29 | 000,000,437 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011/07/18 13:24:11 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2011/07/18 13:24:11 | 000,000,312 | -HS- | M] () -- C:\Windows\tasks\ITAX.job
[2011/07/18 13:24:09 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2011/07/18 13:24:07 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/07/18 13:24:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/18 13:23:53 | 703,107,072 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/18 13:19:59 | 001,913,344 | ---- | M] (AVAST Software) -- C:\Users\Phill\Desktop\aswMBR.exe
[2011/07/18 13:17:17 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2992413630-1469070986-2887152357-1001UA.job
[2011/07/18 13:10:42 | 000,459,264 | ---- | M] () -- C:\Users\Phill\Desktop\CKScanner.exe
[2011/07/18 12:00:04 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2011/07/18 01:17:03 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2992413630-1469070986-2887152357-1001Core.job
[2011/07/17 17:00:00 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011/07/17 11:16:26 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\67329092.sys
[2011/07/17 05:02:56 | 000,190,032 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2011/07/17 05:02:56 | 000,056,400 | ---- | M] (trend_company_name) -- C:\Windows\System32\drivers\tmrkb.sys
[2011/07/17 03:29:14 | 013,405,541 | ---- | M] () -- C:\Users\Phill\AppData\Roaming\SMRBackup200.dat
[2011/07/17 03:08:59 | 000,002,198 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/07/17 03:07:34 | 000,652,490 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/17 03:07:34 | 000,113,900 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/17 02:39:18 | 000,001,568 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011/07/16 20:00:36 | 000,000,084 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/07/16 17:19:30 | 000,007,613 | ---- | M] () -- C:\Users\Phill\AppData\Local\resmon.resmoncfg
[2011/07/15 18:37:37 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/07/15 18:37:37 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/07/15 03:19:43 | 000,064,000 | RHS- | M] () -- C:\Windows\System32\dhcpsapi4.dll
[2011/07/13 18:23:01 | 001,747,101 | ---- | M] () -- C:\Users\Phill\Desktop\Sonic 2 Music Emerald Hill Zone 2-player.mp3
[2011/07/13 18:22:06 | 003,145,303 | ---- | M] () -- C:\Users\Phill\Desktop\Nte The Great - Emerald Hill Zone 2-Player Version Nte The Great Remix.mp3
[2011/07/13 00:12:14 | 000,259,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/12 22:45:09 | 004,023,725 | ---- | M] () -- C:\Users\Phill\Desktop\Pokemon Orchestral Arrangement National Park.mp3
[2011/07/12 21:34:16 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011/07/12 21:34:16 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/07/12 21:33:44 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/12 21:33:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/12 21:33:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/07/12 21:33:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/07/12 21:33:43 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/07/12 21:33:43 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/12 21:32:47 | 002,334,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/07/11 15:11:00 | 000,134,308 | ---- | M] () -- C:\Users\Phill\Documents\fim.Mosko.Mobi.CAB
[2011/07/02 13:03:20 | 000,001,092 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Run Registration Tool.lnk
[2011/06/26 12:14:05 | 000,001,201 | ---- | M] () -- C:\Users\Phill\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.8.lnk
[2011/06/26 12:14:05 | 000,001,177 | ---- | M] () -- C:\Users\Phill\Desktop\FrostWire 4.21.8.lnk
[2011/06/26 10:49:58 | 000,073,728 | ---- | M] (PCWinSoft Systems Ltd) -- C:\Windows\System32\TOverlay.ax
[2011/06/25 22:09:34 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/06/22 23:02:39 | 000,001,509 | ---- | M] () -- C:\Users\Phill\Desktop\StarCraft II.lnk
[2011/06/20 23:38:03 | 000,000,945 | ---- | M] () -- C:\Users\Phill\Desktop\StarCraft.lnk
[2011/06/20 22:29:37 | 000,007,306 | ---- | M] () -- C:\Windows\scedunin.dat
[2011/06/20 22:29:34 | 000,000,967 | ---- | M] () -- C:\Windows\ScEdUnin.pif
[2011/06/20 22:29:33 | 000,068,608 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScEdUnin.exe
[2011/06/19 19:32:26 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/18 13:32:05 | 000,000,512 | ---- | C] () -- C:\Users\Phill\Desktop\MBR.dat
[2011/07/18 13:10:36 | 000,459,264 | ---- | C] () -- C:\Users\Phill\Desktop\CKScanner.exe
[2011/07/17 03:28:31 | 013,405,541 | ---- | C] () -- C:\Users\Phill\AppData\Roaming\SMRBackup200.dat
[2011/07/17 03:07:23 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/07/17 02:38:40 | 000,001,568 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011/07/16 09:43:46 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011/07/15 17:54:07 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/07/15 17:54:07 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/07/15 03:19:43 | 000,000,312 | -HS- | C] () -- C:\Windows\tasks\ITAX.job
[2011/07/15 03:19:41 | 000,064,000 | RHS- | C] () -- C:\Windows\System32\dhcpsapi4.dll
[2011/07/13 18:22:54 | 001,747,101 | ---- | C] () -- C:\Users\Phill\Desktop\Sonic 2 Music Emerald Hill Zone 2-player.mp3
[2011/07/13 18:21:58 | 003,145,303 | ---- | C] () -- C:\Users\Phill\Desktop\Nte The Great - Emerald Hill Zone 2-Player Version Nte The Great Remix.mp3
[2011/07/12 22:44:59 | 004,023,725 | ---- | C] () -- C:\Users\Phill\Desktop\Pokemon Orchestral Arrangement National Park.mp3
[2011/07/11 15:10:59 | 000,134,308 | ---- | C] () -- C:\Users\Phill\Documents\fim.Mosko.Mobi.CAB
[2011/07/02 13:03:20 | 000,001,092 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Run Registration Tool.lnk
[2011/06/29 14:35:10 | 000,008,587 | ---- | C] () -- C:\Windows\System32\msaudio.cat
[2011/06/29 14:35:09 | 000,040,960 | ---- | C] () -- C:\Windows\System32\wavdest.ax
[2011/06/29 14:35:09 | 000,008,608 | ---- | C] () -- C:\Windows\System32\mpeg4ax.cat
[2011/06/26 12:14:05 | 000,001,201 | ---- | C] () -- C:\Users\Phill\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.8.lnk
[2011/06/26 12:14:05 | 000,001,177 | ---- | C] () -- C:\Users\Phill\Desktop\FrostWire 4.21.8.lnk
[2011/06/22 23:02:39 | 000,001,509 | ---- | C] () -- C:\Users\Phill\Desktop\StarCraft II.lnk
[2011/06/20 23:36:22 | 000,000,945 | ---- | C] () -- C:\Users\Phill\Desktop\StarCraft.lnk
[2011/06/20 22:29:37 | 000,007,306 | ---- | C] () -- C:\Windows\scedunin.dat
[2011/06/20 22:29:33 | 000,000,967 | ---- | C] () -- C:\Windows\ScEdUnin.pif
[2011/06/10 12:33:00 | 000,000,000 | ---- | C] () -- C:\Users\Phill\AppData\Roaming\FileOut.cns
[2011/06/10 12:33:00 | 000,000,000 | ---- | C] () -- C:\Users\Phill\AppData\Roaming\FileIn.cns
[2011/05/21 20:35:59 | 000,162,082 | ---- | C] () -- C:\Windows\DP Animation Maker Uninstaller.exe
[2011/04/15 23:25:33 | 000,029,008 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/04/15 23:25:33 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/03/21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011/03/12 00:17:40 | 000,000,044 | -H-- | C] () -- C:\Windows\System32\lxebrwrd.ini
[2011/03/11 19:01:27 | 000,331,776 | ---- | C] () -- C:\Windows\System32\LXEBinst.dll
[2011/02/22 21:25:40 | 000,668,160 | ---- | C] () -- C:\Windows\System32\autochk.exe
[2011/02/15 07:46:02 | 014,135,296 | ---- | C] () -- C:\Windows\System32\common_res.dll
[2011/01/09 11:46:21 | 000,002,552 | ---- | C] () -- C:\Windows\WAVEMIX.INI
[2011/01/09 11:46:02 | 000,000,888 | ---- | C] () -- C:\Windows\INSPACE.INI
[2011/01/08 12:24:38 | 000,189,051 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/01/08 11:18:38 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 17:59:56 | 000,040,960 | ---- | C] () -- C:\Windows\98Setup.exe
[2011/01/04 03:55:42 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2011/01/04 03:55:31 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2011/01/02 08:26:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/12/29 08:21:26 | 000,001,355 | ---- | C] () -- C:\Windows\kaillera.ini
[2010/12/28 17:13:24 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll
[2010/12/28 17:12:26 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.exe
[2010/12/28 15:33:55 | 000,007,613 | ---- | C] () -- C:\Users\Phill\AppData\Local\resmon.resmoncfg
[2010/02/11 00:30:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009/11/09 09:06:50 | 000,106,496 | ---- | C] () -- C:\Windows\System32\lxebinsr.dll
[2009/11/09 09:06:48 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxebcur.dll
[2009/11/09 09:06:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxebjswr.dll
[2009/11/09 09:06:24 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxebinsb.dll
[2009/11/09 09:06:22 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxebcub.dll
[2009/11/09 09:06:12 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxebgrd.dll
[2009/11/09 09:06:06 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxebcu.dll
[2009/11/09 09:05:54 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxebins.dll
[2009/11/09 08:59:58 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxebgcfg.dll
[2009/10/21 11:06:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxebcui.dll
[2009/10/21 11:06:20 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxebcuir.dll
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,259,776 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,652,490 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,113,900 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/20 09:48:44 | 000,023,552 | ---- | C] () -- C:\Windows\System32\lxebsmr.dll
[2009/02/20 09:48:04 | 000,299,008 | ---- | C] () -- C:\Windows\System32\lxebsm.dll
[2008/12/01 21:08:40 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/03/05 03:55:36 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxebvs.dll
[2006/11/02 10:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
========== LOP Check ==========
[2011/03/27 16:13:35 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\.visualvm
[2011/03/18 21:26:41 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\Aura4You
[2011/07/15 12:50:36 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\AVG10
[2011/01/01 08:25:15 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\enchant
[2011/07/17 20:10:41 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\FrostWire
[2011/07/15 06:27:50 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\IObit
[2011/05/30 00:42:41 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\Laconic Software
[2011/06/16 23:10:12 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\PCDr
[2011/07/08 18:18:43 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\Software Informer
[2011/07/16 22:06:31 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\uTorrent
[2011/07/18 13:24:11 | 000,000,312 | -HS- | M] () -- C:\Windows\Tasks\ITAX.job
[2011/06/25 22:09:34 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/05/28 16:08:23 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/07/18 12:00:04 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
[2011/07/18 13:24:07 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 193 bytes -> C:\ProgramData\TEMP:EEDA5B17
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:96D0C06F
< End of report >
OTL Extras logfile created on: 7/18/2011 1:46:15 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Phill\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
894.05 Mb Total Physical Memory | 226.96 Mb Available Physical Memory | 25.39% Memory free
1.87 Gb Paging File | 1.09 Gb Available in Paging File | 58.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55.72 Gb Total Space | 5.45 Gb Free Space | 9.79% Space Free | Partition Type: NTFS
Drive D: | 2.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 3.66 Gb Total Space | 0.19 Gb Free Space | 5.23% Space Free | Partition Type: FAT32
Drive G: | 7.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 5.67 Gb Total Space | 0.23 Gb Free Space | 4.11% Space Free | Partition Type: FAT32
Computer Name: PHILL-PC | User Name: Phill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{080E275F-67BF-6E44-10A5-6B25BD0C73E6}" = ccc-utility
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 26
"{282C4EAA-F162-F52F-7BAF-C7B50DAAA00A}" = ccc-utility
"{2866B2D9-B57E-4829-A554-47DF68868F15}" = Fiesta
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{3B321407-8558-4C72-86F6-C1E72AC9F8BA}" = Continuum
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype 5.3
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{5F577CD8-A997-2E11-83BC-4445DD2D4542}" = AMD VISION Engine Control Center
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{658DE1DF-D156-DD5A-800E-20C693806F65}" = Catalyst Control Center InstallProxy
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{6844F85B-1AEE-093A-5FC9-235035B3A127}" = Catalyst Control Center Graphics Previews Common
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{71790311-0C42-B5BC-AF01-97BFFEF2A30B}" = ATI Catalyst Install Manager
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{8004E5FD-A3A1-F723-EDAF-D5808A756DDC}" = Catalyst Control Center Graphics Previews Common
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3A3C74-0163-F062-08D6-C8AC7430669E}" = ccc-utility
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8EB278E8-7FDA-4ED9-A429-C87A76F95087}_is1" = 1AVCapture version 1.9.0.01
"{8FD4407C-A901-092A-EB3C-602B52C361DC}" = Catalyst Control Center
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9A6F4E4F-9FAB-78A2-020B-3DAED3B2E0E1}" = AMD Fuel
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B7749EE2-5318-D255-F0EE-14D5845B0925}" = CCC Help English
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C24B0741-A616-6C3F-F952-BAC0CE90761F}" = CCC Help English
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = PC CIF Camer@
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E127B28D-1A2A-45C4-A74E-C817E0A74E3E}" = Fiesta
"{E15E74CC-E9D1-9042-4481-BE3B573620BA}" = AMD Fuel
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{E9BECF5D-5BA8-950F-7757-17D825A37371}" = Catalyst Control Center InstallProxy
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Dell Support Center" = Dell Support Center
"DMX5_is1" = DriverMax 5
"DP Animation Maker" = DP Animation Maker
"Fantastic Flame Screensaver" = Fantastic Flame Screensaver
"FormatFactory" = FormatFactory 2.60
"FrostWire" = FrostWire 4.21.8
"Lexmark Pro200-S500 Series" = Lexmark Pro200-S500 Series
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NoLimits Coasters full" = NoLimits Coasters 1.7 (remove only)
"OGPlanet Game Launcher US" = OGPlanet Game Launcher
"RumbleFighter" = Rumble Fighter
"Smart Defrag 2_is1" = Smart Defrag 2
"Software Informer_is1" = Software Informer 1.1
"StarCraft II" = StarCraft II
"Starcraft Shareware(ED)" = Starcraft Shareware(ED)
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"TinyWord2" = TinyWord 2.9.0
"Train Simulator 1.0" = Microsoft Train Simulator
"uTorrent" = µTorrent
"WiFiConnector" = Nintendo Wi-Fi USB Connector Registration Tool
"Windows Mobile Device Handbook" = HTC Touch Pro2 User Guide
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7192
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
7/18/2011 3:07:13 PM
mbam-log-2011-07-18 (15-06-57).txt
Scan type: Full scan (C:\|)
Objects scanned: 302799
Time elapsed: 1 hour(s), 10 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\XMZH42I4GI (Trojan.FakeAlert.SA) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)