Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Pc really slow and programs always crash

Started by SatanicSarahX , Dec 20 2010 10:56 PM

  • Please log in to reply

#1
SatanicSarahX
Posted 20 December 2010 - 10:56 PM

SatanicSarahX

    Member

  • Member
  • PipPip
  • 85 posts
OTL logfile created on: 12/21/2010 3:48:01 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Sarah Obscene\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 28.00% Memory free
8.00 Gb Paging File | 4.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 216.28 Gb Free Space | 23.22% Space Free | Partition Type: NTFS
Drive D: | 481.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: OBSCENE-PC | User Name: Sarah Obscene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
PRC - [2010/11/17 14:41:20 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010/11/17 10:30:40 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2010/11/06 18:06:53 | 003,257,696 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/10/21 16:52:10 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/09/18 14:25:07 | 000,223,184 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10g_ActiveX.exe
PRC - [2010/09/01 15:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/26 02:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2010/05/20 16:26:28 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2009/09/25 13:51:04 | 000,906,496 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\ApVxdWin.exe
PRC - [2009/09/17 13:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pavsrvx86.exe
PRC - [2009/09/07 17:40:04 | 000,198,400 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
PRC - [2009/08/25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\psksvc.exe
PRC - [2009/08/12 10:23:26 | 000,744,704 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\Upgrader.exe
PRC - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsCtrlS.exe
PRC - [2009/08/10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavFnSvr.exe
PRC - [2009/08/10 14:45:48 | 000,111,872 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavBckPT.exe
PRC - [2009/04/23 13:31:16 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\WebProxy.exe
PRC - [2009/04/17 11:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\TPSrvWow.exe
PRC - [2009/04/08 11:56:24 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Program Files (x86)\Panda Security\Panda Internet Security 2010\FIREWALL\PSHost.exe
PRC - [2008/12/04 03:15:28 | 005,406,720 | ---- | M] (Honeder Lacher Wallner Softwareentwicklung OEG) -- C:\Program Files (x86)\HLW\iTap\iTap.exe
PRC - [2008/06/27 14:23:00 | 000,091,392 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\SrvLoad.exe
PRC - [2008/06/19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsImSvc.exe
PRC - [2008/06/19 13:59:48 | 000,065,792 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\avciman.exe
PRC - [2008/05/15 18:26:02 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
PRC - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe


========== Modules (SafeList) ==========

MOD - [2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
MOD - [2010/08/21 16:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/08/10 14:46:20 | 000,025,344 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\sysHelper32.dll
MOD - [2009/08/10 14:45:54 | 000,095,488 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavOEpl.dll
MOD - [2009/03/30 19:32:26 | 000,545,536 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\PavSHookWow.dll
MOD - [2003/03/19 06:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSVCP71.DLL
MOD - [2003/02/21 15:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSVCR71.DLL


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/05/20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/17 14:41:20 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/17 13:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pavsrvx86.exe -- (PAVSRV)
SRV - [2009/08/25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PskSvc.exe -- (PskSvcRetail)
SRV - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/08/10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/17 11:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\TPSrvWow.exe -- (TPSrv)
SRV - [2009/04/08 11:56:24 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\program files (x86)\panda security\panda internet security 2010\firewall\PSHOST.EXE -- (PSHost)
SRV - [2008/07/02 15:09:42 | 000,072,448 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\GWMsrv64.dll -- (Gwmsrv)
SRV - [2008/06/19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)
SRV - [2007/05/31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Prot6Flt.sys -- (Prot6Flt)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\Windows\SysNative\PavTPK.sys -- (PavTPK.sys)
DRV:64bit: - [2010/09/18 14:50:20 | 000,015,928 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\COMFiltr.sys -- (ComFiltr)
DRV:64bit: - [2010/09/03 00:22:18 | 000,088,864 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2010/05/20 16:26:28 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/10/01 00:07:44 | 000,116,744 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\APPFLT64.SYS -- (APPFLT)
DRV:64bit: - [2009/09/09 11:29:18 | 000,214,536 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\n64i1639.sys -- (NETIMFLT01060039)
DRV:64bit: - [2009/08/13 09:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009/08/06 13:29:18 | 000,057,352 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM)
DRV:64bit: - [2009/07/14 12:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 12:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 12:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 11:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/14 08:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/30 11:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/16 14:33:02 | 000,074,760 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\wnmflt64.sys -- (WNMFLT)
DRV:64bit: - [2009/06/16 14:33:00 | 000,170,504 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NETTDI64.SYS -- (NETFLTDI)
DRV:64bit: - [2009/06/16 14:33:00 | 000,078,856 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idsflt64.sys -- (IDSFLT)
DRV:64bit: - [2009/06/16 14:32:58 | 000,082,952 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\dsaflt64.sys -- (DSAFLT)
DRV:64bit: - [2009/06/11 07:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 07:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/03/28 12:25:06 | 000,031,800 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fnetm64.sys -- (FNETMON)
DRV:64bit: - [2008/02/28 15:37:42 | 000,046,136 | ---- | M] (Panda Security, S.L.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ShldFlt.sys -- (ShldFlt)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE 3D 10 75 EA 9B CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: [email protected]:7.1.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.0
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/09/18 14:28:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/19 21:59:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/19 21:59:31 | 000,000,000 | ---D | M]

[2010/11/26 13:20:33 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Extensions
[2010/12/19 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Firefox\Profiles\75apic9n.default\extensions
[2010/12/19 18:15:21 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Firefox\Profiles\75apic9n.default\extensions\[email protected]
[2010/12/03 18:44:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/03 18:44:47 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

O1 HOSTS File: ([2010/09/18 14:10:09 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\Inicio.exe (Panda Security, S.L.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [iTap] C:\Program Files (x86)\HLW\iTap\iTap.exe (Honeder Lacher Wallner Softwareentwicklung OEG)
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Panda_cleaner] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pskdr.exe (Panda Security S.L.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\SysNative\idmmbc.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...6/uploader2.cab (UploadListView Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\avldr: DllName - Reg Error: Key error. - C:\Windows\SysNative\avldr64.dll (Panda Security, S.L.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/21 02:42:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/28 10:10:00 | 000,000,143 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup\rsrc\AUTORUN.EXE -- [2000/01/18 03:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <[email protected]>)
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell\dinstall\command - "" = D:\DirectX\dxsetup.exe -- [2003/08/19 11:15:00 | 000,467,456 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\BSAutoRun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/21 15:47:24 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
[2010/12/19 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Bioshock
[2010/12/19 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Bioshock
[2010/12/19 13:22:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOOM 3
[2010/12/19 13:03:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2010/12/19 10:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2010/12/19 10:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2010/12/17 16:12:07 | 000,000,000 | ---D | C] -- C:\68ea54836d0365453f
[2010/12/07 14:20:22 | 000,000,000 | ---D | C] -- C:\Team17
[2010/12/07 13:32:35 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Thief - Deadly Shadows
[2010/12/07 13:31:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Thief - Deadly Shadows
[2010/12/07 13:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thief - Deadly Shadows
[2010/12/03 18:50:56 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\skypePM
[2010/12/03 18:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/12/03 18:44:16 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/12/03 18:44:16 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Skype
[2010/12/03 18:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/12/02 15:47:53 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Media Player Classic
[2010/12/01 23:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/12/01 23:40:35 | 000,000,000 | ---D | C] -- C:\Fraps
[2010/12/01 11:29:12 | 000,000,000 | ---D | C] -- C:\adobeTemp
[2010/11/26 13:20:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla
[2010/11/26 13:20:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Local\Mozilla
[2010/11/26 13:20:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/11/23 22:43:15 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Local\Cranium
[2010/11/23 17:31:53 | 000,000,000 | ---D | C] -- C:\sw3dg
[2010/11/23 16:42:18 | 000,000,000 | R-SD | C] -- C:\Users\Sarah Obscene\Documents\My Stationery
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
[2010/12/21 14:59:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/21 13:51:21 | 000,003,965 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\pfdnnt.act
[2010/12/21 13:36:36 | 000,000,132 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/12/21 11:38:47 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/21 11:38:47 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/21 11:32:10 | 000,412,672 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck
[2010/12/21 11:32:10 | 000,412,672 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT
[2010/12/21 11:32:10 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck
[2010/12/21 11:32:10 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG
[2010/12/21 11:32:10 | 000,000,252 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\IdsFlt.cfg.bck
[2010/12/21 11:32:10 | 000,000,252 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\IdsFlt.cfg
[2010/12/21 11:32:10 | 000,000,092 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetLoc.wlt.bck
[2010/12/21 11:32:10 | 000,000,092 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetLoc.wlt
[2010/12/21 11:32:10 | 000,000,068 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetFlt.cfg.bck
[2010/12/21 11:32:10 | 000,000,068 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetFlt.cfg
[2010/12/21 11:32:10 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\WnmFlt.cfg.bck
[2010/12/21 11:32:10 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\WnmFlt.cfg
[2010/12/21 11:32:10 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.cfg.bck
[2010/12/21 11:32:10 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.cfg
[2010/12/21 11:32:08 | 000,418,468 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls.bck
[2010/12/21 11:32:08 | 000,418,468 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls
[2010/12/21 11:30:18 | 000,000,136 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAdapt.cfg.bck
[2010/12/21 11:30:18 | 000,000,136 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAdapt.cfg
[2010/12/21 11:30:15 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAR.wlt.bck
[2010/12/21 11:30:15 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAR.wlt
[2010/12/21 11:30:13 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/21 11:29:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/21 11:29:36 | 3219,890,176 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/20 13:59:55 | 000,720,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/20 13:59:55 | 000,623,348 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/20 13:59:55 | 000,109,332 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/20 00:40:25 | 000,000,979 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Doom3.lnk
[2010/12/19 21:16:34 | 004,840,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/12/19 14:16:33 | 000,000,343 | ---- | M] () -- C:\Windows\doom3.ini
[2010/12/19 13:03:10 | 000,001,384 | ---- | M] () -- C:\Users\Public\Desktop\Bioshock.lnk
[2010/12/19 10:54:26 | 000,001,026 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Virtual DJ.lnk
[2010/12/19 10:51:43 | 000,145,920 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/17 16:21:02 | 000,007,731 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\netgear.cfg
[2010/12/17 15:07:33 | 000,017,147 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\jess noob.jpg
[2010/12/16 14:55:20 | 564,234,287 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/12/08 01:48:36 | 000,025,381 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\why does.png
[2010/12/07 14:20:32 | 000,000,761 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix Demo.lnk
[2010/12/06 18:39:36 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2010/12/05 23:52:14 | 000,065,775 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\after-effects-logo.png
[2010/12/05 23:51:11 | 000,026,219 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\Adobe-After-Effects-CS3-icon.png
[2010/12/04 09:52:10 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2010/12/03 22:32:53 | 000,108,822 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\jean lol.jpg
[2010/12/03 18:50:58 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/12/03 18:44:17 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/12/03 16:09:03 | 000,016,858 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\OMG.png
[2010/12/02 03:56:38 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2010/12/02 00:48:50 | 000,092,260 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\1.jpg
[2010/12/02 00:48:42 | 000,081,342 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\2.jpg
[2010/12/01 23:40:36 | 000,000,569 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Fraps.lnk
[2010/12/01 11:07:40 | 000,099,475 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Sarah Obscene.png
[2010/12/01 10:55:07 | 000,045,844 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\my hair outline a final.png
[2010/12/01 10:54:47 | 001,084,312 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\my hair outline a final.ai
[2010/11/30 22:06:36 | 000,784,650 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\hans.bmp
[2010/11/27 15:24:40 | 000,058,979 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\Sarah Obscene Facebook.png
[2010/11/27 15:22:05 | 000,095,669 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\dean lmfao.png
[2010/11/23 23:54:37 | 000,041,686 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\mp3.jpg
[2010/11/23 23:36:37 | 000,219,709 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\iPhone3LCD.jpg
[2010/11/23 17:32:29 | 000,001,701 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Evochron Mercenary.lnk
[2010/11/22 12:18:44 | 000,071,512 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\155222_480236523496_562718496_5515039_5231588_n.jpg
[2010/11/21 18:01:11 | 000,098,793 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\sarahobsceneavatar.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/20 00:40:25 | 000,000,979 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Doom3.lnk
[2010/12/19 14:16:33 | 000,000,343 | ---- | C] () -- C:\Windows\doom3.ini
[2010/12/19 13:03:10 | 000,001,384 | ---- | C] () -- C:\Users\Public\Desktop\Bioshock.lnk
[2010/12/19 11:12:30 | 000,017,147 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\jess noob.jpg
[2010/12/19 10:54:26 | 000,001,026 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Virtual DJ.lnk
[2010/12/17 16:21:01 | 000,007,731 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\netgear.cfg
[2010/12/08 01:48:36 | 000,025,381 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\why does.png
[2010/12/07 14:20:32 | 000,000,761 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix Demo.lnk
[2010/12/06 18:39:36 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/12/05 23:52:19 | 000,065,775 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\after-effects-logo.png
[2010/12/05 23:51:18 | 000,026,219 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\Adobe-After-Effects-CS3-icon.png
[2010/12/03 22:33:01 | 000,108,822 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\jean lol.jpg
[2010/12/03 18:50:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/12/03 18:44:17 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/12/03 16:09:03 | 000,016,858 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\OMG.png
[2010/12/02 00:49:17 | 000,081,342 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\2.jpg
[2010/12/02 00:49:11 | 000,092,260 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\1.jpg
[2010/12/01 23:40:36 | 000,000,569 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Fraps.lnk
[2010/12/01 11:07:38 | 000,099,475 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Sarah Obscene.png
[2010/12/01 10:54:59 | 000,045,844 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\my hair outline a final.png
[2010/12/01 10:54:41 | 001,084,312 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\my hair outline a final.ai
[2010/11/30 22:06:16 | 000,784,650 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\hans.bmp
[2010/11/27 15:24:40 | 000,058,979 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\Sarah Obscene Facebook.png
[2010/11/23 23:54:42 | 000,041,686 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\mp3.jpg
[2010/11/23 23:37:53 | 000,219,709 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\iPhone3LCD.jpg
[2010/11/23 17:32:29 | 000,001,701 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Evochron Mercenary.lnk
[2010/11/22 12:18:54 | 000,071,512 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\155222_480236523496_562718496_5515039_5231588_n.jpg
[2010/11/21 22:59:29 | 011,079,282 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Pub.uxx
[2010/11/21 18:01:21 | 000,098,793 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\sarahobsceneavatar.jpg
[2010/10/12 09:57:27 | 000,000,544 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/09/24 19:11:27 | 000,000,132 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/09/19 16:07:25 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/09/19 16:07:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/09/19 16:07:19 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/09/19 16:07:19 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/09/19 16:07:19 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/09/19 01:36:55 | 000,145,920 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/18 14:40:48 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2009/07/14 10:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 08:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/26 18:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini

========== LOP Check ==========

[2010/12/19 14:22:02 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Bioshock
[2010/10/13 16:57:05 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/12/20 23:59:32 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\DMCache
[2010/12/12 15:13:16 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\IDM
[2010/09/26 13:24:39 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\NCH Swift Sound
[2010/09/18 14:45:01 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Panda Security
[2010/10/28 01:48:26 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/11/16 12:17:31 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >




OTL Extras logfile created on: 12/21/2010 3:48:01 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Sarah Obscene\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 28.00% Memory free
8.00 Gb Paging File | 4.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 216.28 Gb Free Space | 23.22% Space Free | Partition Type: NTFS
Drive D: | 481.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: OBSCENE-PC | User Name: Sarah Obscene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = jsfile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.jse[@ = JSEFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbe[@ = VBEFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbs[@ = VBSFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsf[@ = WSFFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsh[@ = WSHFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = jsfile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.jse [@ = JSEFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbe [@ = VBEFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbs [@ = VBSFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsf [@ = WSFFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsh [@ = WSHFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
jsefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
vbsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
wsffile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
wshfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
jsefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
vbsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
wsffile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
wshfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{67298824-5d56-44b9-8cf8-56e1eca79cb2}.sdb" = Virtua Fighter 2
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.9.0
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0815D55A-5EFF-4E1B-8C04-7035E914D90D}" = OLYMPUS Master 2
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15964283-007A-48A6-AD9C-49B1A466CF3C}" = FriendAdderElite
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22439E2F-1CF7-4F8B-992A-3AA3C0553929}" = Yu-Gi-Oh! ONLINE 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection
"{2F1F98D4-30F0-44FA-963C-DF8127B98B4D}" = Panda Internet Security 2010
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{568161BB-4D77-4534-AB92-55040CD92798}" = Panda Internet Security 2010
"{5AF68C3B-AAE3-4FDC-9105-91C5552D8E6C}" = iTap 2.2
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7926EFB6-7CB4-4A9D-AB01-095F67F9D519}" = Panda Internet Security 2010
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{98A7B057-68D0-4D00-98D5-D9BCD2ACD2E1}" = MFB-MySpace Friend Bomber
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B0B46A1F-EC96-44A4-A9FB-62FE33BAF7DE}" = Rapidshare Auto Downloader 4.1
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{C0AA232E-BD1B-40B5-A176-A2BEB67FFAE1}" = Adobe After Effects CS5 Third Party Content
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CD29B5CA-4727-4114-9AD9-25CCCE6E4014}" = Adobe After Effects CS5 Third Party Royalty Content
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"Adobe AIR" = Adobe AIR
"Age of Wonders Shadow Magic" = Age of Wonders Shadow Magic
"Blood_is1" = Blood
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Evochron Mercenary_is1" = Evochron Mercenary
"FL Studio 8" = FL Studio 8
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Guitar Pro 5_is1" = Guitar Pro 5.2
"IL Download Manager" = IL Download Manager
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"Internet Download Manager" = Internet Download Manager
"James Bond 007: Nightfire" = James Bond 007: Nightfire
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.4.0
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Pharaoh" = Pharaoh
"Phoenix Demo" = Phoenix Demo
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"Steam App 1250" = Killing Floor
"Steam App 1260" = Killing Floor SDK
"Steam App 35420" = Killing Floor Mod: Defence Alliance 2
"Steam App 550" = Left 4 Dead 2
"Steam App 60800" = Numen: Contest of Heroes
"Toxic Biohazard" = Toxic Biohazard
"Uninstall_is1" = Uninstall 1.0.0.1
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WavePad" = WavePad Sound Editor
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"WinDirStat" = WinDirStat 1.1.2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/18/2010 10:17:28 PM | Computer Name = Obscene-Pc | Source = MsiInstaller | ID = 1013
Description =

Error - 12/18/2010 10:18:49 PM | Computer Name = Obscene-Pc | Source = MsiInstaller | ID = 1013
Description =

Error - 12/18/2010 10:19:04 PM | Computer Name = Obscene-Pc | Source = MsiInstaller | ID = 11704
Description =

Error - 12/18/2010 11:28:47 PM | Computer Name = Obscene-Pc | Source = Application Error | ID = 1000
Description = Faulting application name: Bioshock.exe, version: 1.0.0.0, time stamp:
0x46b7d7a9 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7c809e01 Faulting process id: 0x26b0 Faulting application
start time: 0x01cb9f2bd90b1102 Faulting application path: C:\Program Files (x86)\2K
Games\BioShock\Builds\Release\Bioshock.exe Faulting module path: unknown Report Id:
167ff284-0b20-11e0-b012-001fd02e25f7

Error - 12/19/2010 6:26:32 AM | Computer Name = Obscene-Pc | Source = Application Error | ID = 1000
Description = Faulting application name: AVENGINE.EXE, version: 2.2.26.0, time stamp:
0x4aa51899 Faulting module name: pskavs.dll_unloaded, version: 0.0.0.0, time stamp:
0x4a40bfd5 Exception code: 0xc0000005 Fault offset: 0x25531c50 Faulting process id:
0xb7c Faulting application start time: 0x01cb9f669ac4c33c Faulting application path:
C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
Faulting
module path: pskavs.dll Report Id: 72821e21-0b5a-11e0-93ef-001fd02e25f7

Error - 12/19/2010 8:11:44 PM | Computer Name = Obscene-Pc | Source = Application Error | ID = 1000
Description = Faulting application name: AVENGINE.EXE, version: 2.2.26.0, time stamp:
0x4aa51899 Faulting module name: pskavs.dll_unloaded, version: 0.0.0.0, time stamp:
0x4a40bfd5 Exception code: 0xc0000005 Fault offset: 0x25531c50 Faulting process id:
0xb8c Faulting application start time: 0x01cb9fda10049434 Faulting application path:
C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
Faulting
module path: pskavs.dll Report Id: b9c4e2ed-0bcd-11e0-855c-001fd02e25f7

Error - 12/20/2010 8:59:22 AM | Computer Name = Obscene-Pc | Source = Bonjour Service | ID = 100
Description = 220: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/20/2010 8:59:23 AM | Computer Name = Obscene-Pc | Source = Bonjour Service | ID = 100
Description = 472: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/20/2010 8:59:23 AM | Computer Name = Obscene-Pc | Source = Bonjour Service | ID = 100
Description = 572: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/20/2010 8:59:23 AM | Computer Name = Obscene-Pc | Source = Bonjour Service | ID = 100
Description = 376: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ System Events ]
Error - 12/18/2010 7:37:44 AM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058

Error - 12/18/2010 7:40:50 AM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058

Error - 12/18/2010 12:01:09 PM | Computer Name = Obscene-Pc | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft .NET Framework 4 on Windows
XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows
Server 2008 R2 for x64-based Systems (KB2160841).

Error - 12/18/2010 10:19:18 PM | Computer Name = Obscene-Pc | Source = DCOM | ID = 10001
Description =

Error - 12/19/2010 6:17:49 AM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058

Error - 12/19/2010 6:22:12 AM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058

Error - 12/19/2010 8:07:37 PM | Computer Name = Obscene-Pc | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:46:29 AM on ?20/?12/?2010 was unexpected.

Error - 12/19/2010 8:08:41 PM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058

Error - 12/20/2010 9:00:17 AM | Computer Name = Obscene-Pc | Source = DCOM | ID = 10010
Description =

Error - 12/20/2010 8:29:54 PM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP