I ran OTL just now (I clicked "scan" before I read that I should click "quick scan," I hope that's not a problem), and I just ran a full scan with malware bytes again for good measure, so I will include both in this post. Also, OTL generated an "Extras" text file, so I'll include that after the main entry. OTL first:
OTL logfile created on: 12/8/2012 12:48:54 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dovvy\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 48.96% Memory free
5.99 Gb Paging File | 4.20 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 462.39 Gb Total Space | 234.11 Gb Free Space | 50.63% Space Free | Partition Type: NTFS
Computer Name: DOVVY-PC | User Name: Dovvy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/12/08 00:47:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dovvy\Desktop\OTL.exe
PRC - [2012/10/30 16:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 16:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/09/29 19:54:26 | 000,981,656 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/09/27 18:38:42 | 000,473,088 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012/09/27 18:38:02 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/07/06 20:30:04 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
========== Modules (No Company Name) ==========
MOD - [2012/11/27 20:43:17 | 000,460,904 | ---- | M] () -- C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll
MOD - [2012/11/27 20:43:16 | 012,456,040 | ---- | M] () -- C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
MOD - [2012/11/27 20:43:15 | 004,008,040 | ---- | M] () -- C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
MOD - [2012/11/27 20:42:30 | 000,587,880 | ---- | M] () -- C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\libglesv2.dll
MOD - [2012/11/27 20:42:29 | 000,124,520 | ---- | M] () -- C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\libegl.dll
MOD - [2012/11/27 20:42:22 | 000,157,304 | ---- | M] () -- C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
MOD - [2012/11/27 20:42:21 | 002,168,952 | ---- | M] () -- C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
MOD - [2012/11/27 20:42:21 | 000,275,576 | ---- | M] () -- C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
MOD - [2012/11/15 17:06:33 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\1352c3e5dd49f3bf8c2f8e106ceb79fb\WindowsFormsIntegration.ni.dll
MOD - [2012/11/15 17:04:31 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\9fedec1f005f9e39f8dde611c4c27cab\UIAutomationProvider.ni.dll
MOD - [2012/11/15 17:04:30 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4209aa9559e29ce30e4e92f31ac3472f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/15 17:04:22 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5e3ccfdf88ccd6a9ff4e6ddae7e3fec6\System.Xaml.ni.dll
MOD - [2012/11/15 01:35:31 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c881e2d2ec912499834feb85c4c2e483\PresentationFramework.ni.dll
MOD - [2012/11/15 01:35:17 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll
MOD - [2012/11/15 01:35:07 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll
MOD - [2012/11/15 01:35:06 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cbb227c0a77a5b15a1255220984239f2\PresentationFramework.Aero.ni.dll
MOD - [2012/11/15 01:33:46 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll
MOD - [2012/11/15 01:33:38 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll
MOD - [2012/11/15 01:33:28 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll
MOD - [2012/11/15 01:33:27 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll
MOD - [2012/11/15 01:33:23 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll
MOD - [2012/11/15 01:33:20 | 009,093,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll
MOD - [2012/11/15 01:33:14 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
========== Services (SafeList) ==========
SRV - [2012/10/30 16:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/09/27 18:38:02 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/01 02:10:15 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2012/12/07 23:27:21 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/10/30 16:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 16:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 16:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 16:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 16:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/15 09:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/09/27 19:20:20 | 009,107,968 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012/09/27 18:12:10 | 000,370,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012/05/13 23:12:28 | 000,086,656 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 03:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/05/06 02:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/01/06 16:20:00 | 000,583,680 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/10/07 07:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009/07/13 17:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 15:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2009/07/13 15:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...yE&cr=961627022
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 36 BD FF 5D 6E 69 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...yE&cr=961627022
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dovvy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dovvy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dovvy\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Java Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Dovvy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: New Tab = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\5.1_0\
CHR - Extension: Google Search = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Tampermonkey = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\2.8.2932_0\
CHR - Extension: Home Sheep Home 2 Lost in London = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmnioigcgnbckabimjiejhkhoijlmhme\1.0.1_0\
CHR - Extension: LastPass = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
CHR - Extension: IE Tab = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.10.10.1_0\
CHR - Extension: avast! WebRep = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: RuneScape Wiki Browser = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jonhaaaeeggjfhmpihhelogminkpicpn\2.0_0\
CHR - Extension: Chrono Days Sim Date = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\klgadbdcffhaklfdpmmhfgpngpmohpfo\13.4331.235_0\
CHR - Extension: Google Play Books = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0\
CHR - Extension: Citelighter = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgpbmbhocboaalioananelcgfahjpai\1.0.1.10_1\
CHR - Extension: Runescape Toolbar For Google Chrome = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkoedpgiabakfkoefehjfmnlkpepfmp\1.5.2_0\
CHR - Extension: Gmail = C:\Users\Dovvy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 14:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83BF0FA5-D1B7-4810-955E-57AB8EC01A8F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4282dd67-187c-11e2-90f2-001d099201fc}\Shell - "" = AutoRun
O33 - MountPoints2\{4282dd67-187c-11e2-90f2-001d099201fc}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{8dfd5a7e-c33a-11e1-876d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8dfd5a7e-c33a-11e1-876d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/12/08 00:46:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dovvy\Desktop\OTL.exe
[2012/12/07 23:27:21 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/12/07 23:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/12/07 23:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/12/07 23:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/12/07 23:00:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/12/07 23:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/12/01 10:30:41 | 000,000,000 | ---D | C] -- C:\Users\Dovvy\AppData\Roaming\Malwarebytes
[2012/12/01 10:30:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/01 10:30:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/12/01 10:30:30 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/12/01 10:30:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/11/22 18:55:23 | 000,450,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioTransform2.dll
[2012/11/22 18:55:23 | 000,335,872 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioVisualization2.dll
[2012/11/22 18:55:23 | 000,196,608 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTWMAFile2.dll
[2012/11/22 18:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free CD Ripper
[2012/11/22 18:55:22 | 001,843,200 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioFile2.dll
[2012/11/22 18:55:22 | 001,040,384 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioInformation2.dll
[2012/11/22 18:55:22 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\System32\NCTAudioCDGrabber2.dll
[2012/11/22 18:55:22 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2012/11/22 18:55:22 | 000,315,392 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioPlayer2.dll
[2012/11/22 18:55:22 | 000,270,336 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioDisplay2.dll
[2012/11/22 18:55:21 | 004,057,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmfdist.exe
[2012/11/22 18:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\FreeCDRipper
[2012/11/20 16:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lionhead Studios Ltd
[2012/11/20 16:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Lionhead Studios Ltd
[2012/11/20 16:16:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/11/15 01:29:05 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/11/15 01:29:05 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012/11/15 01:28:36 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/11/15 01:28:35 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/11/15 01:28:35 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/11/15 01:28:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/11/15 01:28:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/11/15 01:28:06 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/11/15 01:28:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/11/15 01:28:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/11/15 01:28:04 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/11/15 01:28:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/11/15 01:28:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/11/14 10:32:26 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/11/14 10:32:25 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012/11/14 10:32:21 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2012/11/14 10:32:21 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012/11/14 10:32:20 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/11/14 10:32:15 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2012/11/14 10:32:15 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012/11/09 12:58:23 | 000,000,000 | ---D | C] -- C:\Users\Dovvy\Documents\Outlook Files
========== Files - Modified Within 30 Days ==========
[2012/12/08 00:55:08 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1388260493-977638928-4198337394-1000UA.job
[2012/12/08 00:47:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dovvy\Desktop\OTL.exe
[2012/12/07 23:27:21 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/12/07 23:12:54 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/07 19:55:03 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1388260493-977638928-4198337394-1000Core.job
[2012/12/07 11:31:52 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/07 11:31:52 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/07 11:28:03 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/07 11:28:03 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/07 11:23:07 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2012/12/07 11:23:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/07 11:22:58 | 2414,481,408 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/05 19:42:38 | 000,004,476 | ---- | M] () -- C:\Users\Dovvy\Desktop\wurmclient.jnlp
[2012/12/05 16:42:59 | 000,001,121 | ---- | M] () -- C:\Users\Dovvy\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/22 18:55:23 | 000,001,004 | ---- | M] () -- C:\Users\Dovvy\Desktop\Free CD Ripper.lnk
[2012/11/22 18:53:38 | 000,290,500 | ---- | M] () -- C:\Users\Dovvy\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/15 16:09:15 | 000,409,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/11/09 12:58:26 | 000,001,137 | ---- | M] () -- C:\Users\Dovvy\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
========== Files Created - No Company Name ==========
[2012/12/07 23:12:54 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/05 19:42:23 | 000,004,476 | ---- | C] () -- C:\Users\Dovvy\Desktop\wurmclient.jnlp
[2012/12/05 16:42:59 | 000,001,121 | ---- | C] () -- C:\Users\Dovvy\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/22 18:55:23 | 000,001,004 | ---- | C] () -- C:\Users\Dovvy\Desktop\Free CD Ripper.lnk
[2012/11/22 18:55:22 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2012/11/22 18:53:56 | 000,290,500 | ---- | C] () -- C:\Users\Dovvy\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/15 01:29:07 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/15 01:28:35 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/09 12:58:26 | 000,001,137 | ---- | C] () -- C:\Users\Dovvy\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/09/28 14:36:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012/08/09 21:08:54 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012/08/09 21:08:22 | 000,000,660 | RHS- | C] () -- C:\Users\Dovvy\ntuser.pol
[2012/07/01 20:45:52 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/07/01 20:42:40 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/07/01 00:50:28 | 000,000,045 | ---- | C] () -- C:\Users\Dovvy\jagex_cl_runescape_LIVE1.dat
[2012/07/01 00:50:28 | 000,000,032 | ---- | C] () -- C:\Users\Dovvy\jagex_cl_runescape_LIVE.dat
[2012/07/01 00:50:16 | 000,000,024 | ---- | C] () -- C:\Users\Dovvy\jagexappletviewer.preferences
[2012/06/30 23:52:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/06/30 23:17:55 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012/06/11 09:41:48 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012/06/11 09:41:48 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012/05/23 08:31:02 | 000,632,252 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2011/09/12 15:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
========== ZeroAccess Check ==========
[2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
OTL Extras logfile created on: 12/8/2012 12:48:54 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dovvy\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 48.96% Memory free
5.99 Gb Paging File | 4.20 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 462.39 Gb Total Space | 234.11 Gb Free Space | 50.63% Space Free | Partition Type: NTFS
Computer Name: DOVVY-PC | User Name: Dovvy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1105960D-D63A-48AE-A58F-7EBA0774DE74}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{11E93158-3B5B-44F8-A470-603AA557127E}" = rport=445 | protocol=6 | dir=out | app=system |
"{14BD40AB-0E48-406C-AB00-A0C892909022}" = lport=139 | protocol=6 | dir=in | app=system |
"{15ABBD03-46CC-4274-A50F-BFB0DCB03EF7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1D229810-D776-4A5D-A2DE-4A6A45DFC0F7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B9F478F-4ABE-4569-8214-15BBA49ADE0F}" = rport=138 | protocol=17 | dir=out | app=system |
"{2FBAD6B3-E9F6-4CF9-B91C-AA4DEA77D032}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3783E010-6A02-440B-9C11-2ACAD22AD5A9}" = lport=137 | protocol=17 | dir=in | app=system |
"{3B521B00-6776-42C6-8F0C-45DE788BF465}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{634203B4-F1AE-445D-AA52-8B87D3EBE18F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6D207805-D964-4380-BE9C-2B01937E4F19}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7D1504CC-DD91-4E43-8B01-C7E57A5ADAD6}" = rport=137 | protocol=17 | dir=out | app=system |
"{8FA8F9A3-E9E8-42E7-B408-D586D6784EE4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AD1DA213-5DE3-47C0-AC03-458C2DDD8E12}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C0FC1AB3-3C8A-4D4A-92CD-46536FF2DDA7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C121C5A1-ABC4-413B-A3F2-54C7A5143C87}" = lport=445 | protocol=6 | dir=in | app=system |
"{C8873537-0F21-4C6C-97E9-1A20898CD02F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{C90BD8D4-84FE-4959-90B5-E66D9954B86B}" = rport=139 | protocol=6 | dir=out | app=system |
"{D5F0BFB0-6865-416C-9B8F-ED0D22559B35}" = lport=138 | protocol=17 | dir=in | app=system |
"{E779E786-44D6-4DC4-A6B4-F8CAF0EA08E4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{EF4D7752-2E9A-448D-8378-90160440701F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6D9F7D3-3FCF-44A0-AADA-8790F5FBA0FE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F9496C99-36E1-44CB-A2F9-057C3E117FA9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF2ED91A-4C7D-4A0F-9A65-141A611A854B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05E74B08-C261-4067-80AC-E8ED26C2C67D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0BED39E3-7A77-4868-94DF-BA872C0A8E0C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1E821F1F-5F49-4EBB-B242-73453A16BB4B}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{30193EE1-5952-4FC0-8F67-F2D08B1C478C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{48341426-C7D4-48E5-85F3-30E7A0EA2FFA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4936BC73-D403-4CEA-969E-917FD0D54305}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D4581FC-819B-40D4-A4A4-EFFCCBA0F4E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4ECABCB2-C49C-43AD-8E6D-3F2F531A3734}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5084B33B-E92E-4324-9538-97B48E2A5F00}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{54D53104-6F86-491C-B40D-F39DDC280D91}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{5D244A92-4AA8-4ABD-8261-B0E0B307C133}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{6808A164-5F99-490C-953B-854171277DEB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{6CE8FB44-E319-4938-B198-61D927C972CD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6F4D3827-0CB0-4F06-9E71-C237AF287684}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{723EA46D-3980-4B4D-916F-34AD366A1941}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77E86E0C-005D-4CA7-B3E9-C8BE1FBE0662}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{7AF3AF6F-47F0-49F9-B9A5-1BFD5DD283F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{7E690026-26EF-4D51-BDD1-A72A4E65E8FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{861A1B95-03F7-4DDB-A6FA-65FF3B718DEE}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{8968F928-3961-4DDC-A735-B9274A79A44E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{9B8BD01F-BE93-4413-8A9E-FC19AD293414}" = protocol=6 | dir=out | app=system |
"{A0F8E496-B135-496B-8078-37B230B6F081}" = protocol=58 | dir=in | [email protected],-28545 |
"{A9FAB3E3-1BD8-4BC2-B871-591ED16104D8}" = protocol=1 | dir=in | [email protected],-28543 |
"{C1FB9639-8045-451C-9B4D-B8A5142821EC}" = protocol=1 | dir=out | [email protected],-28544 |
"{C2131D5A-32E8-43A6-A2CA-F89FC9599DB5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C4AFCAB8-5EE5-45D4-BFC4-6C7DD2EBDF16}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D05AD487-4889-4B99-A631-96C23CCF5F6F}" = protocol=58 | dir=out | [email protected],-28546 |
"{E0269558-1BF2-4F76-BC3A-B11988D48095}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FFCFB608-D515-4131-8AEB-C03C8003B185}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{940F3AA3-A4BB-47E2-8376-F0AAD0A16ED7}C:\program files\trillian\plugins\skypekit.exe" = protocol=6 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe |
"TCP Query User{FDC0F118-1525-447B-9438-A4873F7C86C2}C:\program files\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=6 | dir=in | app=c:\program files\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe |
"UDP Query User{02AD3347-04E4-4287-B7F8-B409540D5AE6}C:\program files\trillian\plugins\skypekit.exe" = protocol=17 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe |
"UDP Query User{29D4B1B6-B508-4C1B-B675-30A014AB03BB}C:\program files\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=17 | dir=in | app=c:\program files\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{03AEAB60-A7B3-A8DB-468B-EB30FB4B40B0}" = CCC Help German
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{162ABED6-E60C-6CFF-100E-43C16ABBC5BE}" = CCC Help Chinese Standard
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes
"{1CB724FF-D18C-8FFB-E7C9-0A09CF8EC066}" = CCC Help Japanese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C14CC3-5E3B-D39A-5B37-B15E59785063}" = CCC Help Chinese Traditional
"{2632A2C0-ECF4-7F79-7136-9FEA4C253A4C}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{30F712DA-64FE-5DBE-AE76-3F8EA3F8223C}" = CCC Help French
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C39B3CC-4EC8-C756-AF4B-72366504FCA5}" = CCC Help Hungarian
"{3E7D839E-A6E7-B6F8-F855-CF69756E6331}" = AMD Media Foundation Decoders
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CC9D761-A9B6-D8EA-D2A9-B74B5A90B108}" = CCC Help Norwegian
"{5180FB30-2AC7-1627-9856-AA0AE6ACB7E7}" = ccc-utility
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{54B227A6-BDBE-69FA-D450-B99609063044}" = CCC Help Greek
"{590C5920-1D67-48AB-A54B-AB9942DA7A28}" = CoinLab Mining Client
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.2
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7C587778-C433-980E-F3C1-203890DC4FBE}" = CCC Help Polish
"{7DC3EABF-66A2-6D79-B485-6328525CA387}" = CCC Help Swedish
"{7DCB635C-D999-9496-A6D1-AAABD23A04FD}" = ATI AVIVO Codecs
"{80827F8B-CBF5-FBF9-B91B-8DC58737A040}" = AMD Drag and Drop Transcoding
"{843603C6-75B7-BAB5-80DE-E76FB28DEEF2}" = CCC Help Finnish
"{876B50AF-D46A-ED35-C625-20F326FE0C49}" = AMD Accelerated Video Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BBC66FD-0195-29B4-5A58-E0B0554E8F42}" = Catalyst Control Center
"{8D9EEAC7-42D5-3951-612A-EAA7B684C592}" = CCC Help Italian
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{93A3AB24-36E8-41BA-80C6-CCEC237836DC}" = Alice Madness Returns
"{9791DAED-B734-2835-988B-157BDA087496}" = CCC Help Dutch
"{98B740C3-FAA4-C523-7478-4DBCAB7B27D1}" = Catalyst Control Center Graphics Previews Common
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F0CAC6D-9B0D-A95F-CF61-6E88952D6181}" = CCC Help Thai
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A625DB70-98D5-16FD-C49D-4B8B1B2304A4}" = CCC Help Spanish
"{A90214C3-3A0C-2F05-6083-E1A4BAD9E30D}" = CCC Help Danish
"{AA123216-6DE0-E57C-DC57-4FECEACB482F}" = CCC Help Russian
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFD89880-C544-4777-B645-FBF6D3391B11}" = Belkin F7D1101 Basic Wireless USB Adapter
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D0837A59-83E6-3392-1BD9-86D3445676DB}" = CCC Help Korean
"{D5068813-9F8D-9F7A-92C0-A3EECBA2D82B}" = AMD Catalyst Install Manager
"{D5134D14-A38D-A217-4310-5C8B6DFA08D0}" = HydraVision
"{D70AB273-113B-D7DE-5C8D-82CABA7CB0AF}" = Catalyst Control Center Localization All
"{DC8772D4-C75F-5235-63E2-BBC73F909B7A}" = CCC Help Czech
"{DED7FD3C-DDD2-43BB-B0F5-B07F9D0430D3}" = CCC Help Portuguese
"{E157F2EB-E06F-B57F-9105-68F348DB2EAD}" = CCC Help English
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy
"AudibleDownloadManager" = Audible Download Manager
"avast" = avast! Free Antivirus
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"Free CD Ripper_is1" = Free CD Ripper 3.1
"hott notes 4" = hott notes 4
"InstallShield_{AFD89880-C544-4777-B645-FBF6D3391B11}" = Belkin F7D1101 Basic Wireless USB Adapter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Origin" = Origin
"Trillian" = Trillian
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"XMind" = XMind
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bd4d3a0508d364f5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome
"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11/3/2012 11:20:47 PM | Computer Name = Dovvy-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iTunes.exe, version: 10.7.0.21, time stamp:
0x504d85d9 Faulting module name: JavaScriptCore.dll, version: 7536.26.7.2, time
stamp: 0x502dac30 Exception code: 0xc0000005 Fault offset: 0x0010e97c Faulting process
id: 0x15a0 Faulting application start time: 0x01cdba3879a47d20 Faulting application
path: C:\Program Files\iTunes\iTunes.exe Faulting module path: C:\Program Files\Common
Files\Apple\Apple Application Support\JavaScriptCore.dll Report Id: 9f8709fb-262e-11e2-9041-001d099201fc
Error - 11/7/2012 12:59:37 AM | Computer Name = Dovvy-PC | Source = Application Hang | ID = 1002
Description = The program JagexLauncher.exe version 0.0.0.0 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1694 Start
Time: 01cdbca495f05d2f Termination Time: 15 Application Path: C:\Users\Dovvy\jagexcache\jagexlauncher\bin\JagexLauncher.exe
Report
Id:
Error - 11/9/2012 1:42:10 AM | Computer Name = Dovvy-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: msxml3.dll, version: 8.110.7601.17857,
time stamp: 0x4fcee2f0 Exception code: 0xc0000005 Fault offset: 0x0002e64f Faulting
process id: 0x1748 Faulting application start time: 0x01cdbe3cf4572444 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\System32\msxml3.dll
Report
Id: 33fb777d-2a30-11e2-8be6-001d099201fc
Error - 11/9/2012 1:42:15 AM | Computer Name = Dovvy-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: aswWebRepIE.dll_unloaded, version: 0.0.0.0,
time stamp: 0x50905939 Exception code: 0xc0000005 Fault offset: 0x62d46bb8 Faulting
process id: 0x12b4 Faulting application start time: 0x01cdbe3ce50170e9 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: aswWebRepIE.dll
Report
Id: 36e55be9-2a30-11e2-8be6-001d099201fc
Error - 11/9/2012 1:47:26 AM | Computer Name = Dovvy-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: msxml3.dll, version: 8.110.7601.17857,
time stamp: 0x4fcee2f0 Exception code: 0xc0000005 Fault offset: 0x0002e64f Faulting
process id: 0xa78 Faulting application start time: 0x01cdbe3db096ae07 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\System32\msxml3.dll
Report
Id: f02f8f66-2a30-11e2-8be6-001d099201fc
Error - 11/9/2012 1:47:34 AM | Computer Name = Dovvy-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: aswWebRepIE.dll_unloaded, version: 0.0.0.0,
time stamp: 0x50905939 Exception code: 0xc0000005 Fault offset: 0x60a36bb8 Faulting
process id: 0xbfc Faulting application start time: 0x01cdbe3dad6908dd Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: aswWebRepIE.dll
Report
Id: f51e2502-2a30-11e2-8be6-001d099201fc
Error - 11/19/2012 9:01:00 PM | Computer Name = Dovvy-PC | Source = Application Hang | ID = 1002
Description = The program javaw.exe version 7.0.70.11 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 17e8 Start Time:
01cdc6953b6971b4 Termination Time: 1074 Application Path: C:\Program Files\Java\jre7\bin\javaw.exe
Report
Id:
Error - 11/19/2012 9:19:22 PM | Computer Name = Dovvy-PC | Source = Application Error | ID = 1000
Description = Faulting application name: javaw.exe, version: 7.0.70.11, time stamp:
0x5049b56c Faulting module name: OpenAL32.dll_unloaded, version: 0.0.0.0, time stamp:
0x4ea646d0 Exception code: 0xc0000005 Fault offset: 0x3cde9219 Faulting process id:
0x117c Faulting application start time: 0x01cdc6ba8726aaa1 Faulting application path:
C:\Program Files\Java\jre7\bin\javaw.exe Faulting module path: OpenAL32.dll Report
Id: 502133db-32b0-11e2-8b0b-001d099201fc
Error - 11/20/2012 1:30:34 AM | Computer Name = Dovvy-PC | Source = Application Error | ID = 1000
Description = Faulting application name: javaw.exe, version: 7.0.70.11, time stamp:
0x5049b56c Faulting module name: OpenAL32.dll_unloaded, version: 0.0.0.0, time stamp:
0x4ea646d0 Exception code: 0xc0000005 Fault offset: 0x41b69219 Faulting process id:
0x1370 Faulting application start time: 0x01cdc6c24527622e Faulting application path:
C:\Program Files\Java\jre7\bin\javaw.exe Faulting module path: OpenAL32.dll Report
Id: 67a2f878-32d3-11e2-8b0b-001d099201fc
Error - 12/2/2012 7:06:54 PM | Computer Name = Dovvy-PC | Source = Application Error | ID = 1000
Description = Faulting application name: javaw.exe, version: 7.0.70.11, time stamp:
0x5049b56c Faulting module name: OpenAL32.dll_unloaded, version: 0.0.0.0, time stamp:
0x4ea646d0 Exception code: 0xc0000005 Fault offset: 0x3ed39219 Faulting process id:
0xb28 Faulting application start time: 0x01cdd0af38f4c02f Faulting application path:
C:\Program Files\Java\jre7\bin\javaw.exe Faulting module path: OpenAL32.dll Report
Id: f663fdd8-3cd4-11e2-a450-001d099201fc
[ System Events ]
Error - 12/2/2012 3:46:26 AM | Computer Name = Dovvy-PC | Source = DCOM | ID = 10016
Description =
Error - 12/2/2012 1:04:44 PM | Computer Name = Dovvy-PC | Source = DCOM | ID = 10016
Description =
Error - 12/3/2012 12:06:17 PM | Computer Name = Dovvy-PC | Source = DCOM | ID = 10016
Description =
Error - 12/3/2012 8:21:16 PM | Computer Name = Dovvy-PC | Source = BROWSER | ID = 8032
Description =
Error - 12/4/2012 6:49:50 PM | Computer Name = Dovvy-PC | Source = DCOM | ID = 10016
Description =
Error - 12/5/2012 4:16:18 PM | Computer Name = Dovvy-PC | Source = DCOM | ID = 10016
Description =
Error - 12/7/2012 2:24:28 PM | Computer Name = Dovvy-PC | Source = DCOM | ID = 10016
Description =
Error - 12/8/2012 2:08:13 AM | Computer Name = Dovvy-PC | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 12/8/2012 2:08:30 AM | Computer Name = Dovvy-PC | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 2 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 12/8/2012 2:09:30 AM | Computer Name = Dovvy-PC | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Apple Mobile Device service,
but this action failed with the following error: %%1056
< End of report >
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Database version: v2012.12.01.07
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Dovvy :: DOVVY-PC [administrator]
12/7/2012 11:27:29 PM
mbam-log-2012-12-07 (23-27-29).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 465036
Time elapsed: 2 hour(s), 19 minute(s), 27 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)