OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Sarah Obscene\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 28.00% Memory free
8.00 Gb Paging File | 4.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 216.28 Gb Free Space | 23.22% Space Free | Partition Type: NTFS
Drive D: | 481.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: OBSCENE-PC | User Name: Sarah Obscene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
PRC - [2010/11/17 14:41:20 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010/11/17 10:30:40 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2010/11/06 18:06:53 | 003,257,696 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/10/21 16:52:10 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/09/18 14:25:07 | 000,223,184 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10g_ActiveX.exe
PRC - [2010/09/01 15:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/26 02:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2010/05/20 16:26:28 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2009/09/25 13:51:04 | 000,906,496 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\ApVxdWin.exe
PRC - [2009/09/17 13:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pavsrvx86.exe
PRC - [2009/09/07 17:40:04 | 000,198,400 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
PRC - [2009/08/25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\psksvc.exe
PRC - [2009/08/12 10:23:26 | 000,744,704 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\Upgrader.exe
PRC - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsCtrlS.exe
PRC - [2009/08/10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavFnSvr.exe
PRC - [2009/08/10 14:45:48 | 000,111,872 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavBckPT.exe
PRC - [2009/04/23 13:31:16 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\WebProxy.exe
PRC - [2009/04/17 11:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\TPSrvWow.exe
PRC - [2009/04/08 11:56:24 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Program Files (x86)\Panda Security\Panda Internet Security 2010\FIREWALL\PSHost.exe
PRC - [2008/12/04 03:15:28 | 005,406,720 | ---- | M] (Honeder Lacher Wallner Softwareentwicklung OEG) -- C:\Program Files (x86)\HLW\iTap\iTap.exe
PRC - [2008/06/27 14:23:00 | 000,091,392 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\SrvLoad.exe
PRC - [2008/06/19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsImSvc.exe
PRC - [2008/06/19 13:59:48 | 000,065,792 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\avciman.exe
PRC - [2008/05/15 18:26:02 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
PRC - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe
========== Modules (SafeList) ==========
MOD - [2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
MOD - [2010/08/21 16:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/08/10 14:46:20 | 000,025,344 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\sysHelper32.dll
MOD - [2009/08/10 14:45:54 | 000,095,488 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavOEpl.dll
MOD - [2009/03/30 19:32:26 | 000,545,536 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\PavSHookWow.dll
MOD - [2003/03/19 06:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSVCP71.DLL
MOD - [2003/02/21 15:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSVCR71.DLL
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/05/20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/17 14:41:20 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/17 13:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pavsrvx86.exe -- (PAVSRV)
SRV - [2009/08/25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PskSvc.exe -- (PskSvcRetail)
SRV - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/08/10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/17 11:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\TPSrvWow.exe -- (TPSrv)
SRV - [2009/04/08 11:56:24 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\program files (x86)\panda security\panda internet security 2010\firewall\PSHOST.EXE -- (PSHost)
SRV - [2008/07/02 15:09:42 | 000,072,448 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\GWMsrv64.dll -- (Gwmsrv)
SRV - [2008/06/19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)
SRV - [2007/05/31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Prot6Flt.sys -- (Prot6Flt)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\Windows\SysNative\PavTPK.sys -- (PavTPK.sys)
DRV:64bit: - [2010/09/18 14:50:20 | 000,015,928 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\COMFiltr.sys -- (ComFiltr)
DRV:64bit: - [2010/09/03 00:22:18 | 000,088,864 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2010/05/20 16:26:28 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/10/01 00:07:44 | 000,116,744 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\APPFLT64.SYS -- (APPFLT)
DRV:64bit: - [2009/09/09 11:29:18 | 000,214,536 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\n64i1639.sys -- (NETIMFLT01060039)
DRV:64bit: - [2009/08/13 09:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009/08/06 13:29:18 | 000,057,352 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM)
DRV:64bit: - [2009/07/14 12:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 12:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 12:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 11:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/14 08:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/30 11:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/16 14:33:02 | 000,074,760 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\wnmflt64.sys -- (WNMFLT)
DRV:64bit: - [2009/06/16 14:33:00 | 000,170,504 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NETTDI64.SYS -- (NETFLTDI)
DRV:64bit: - [2009/06/16 14:33:00 | 000,078,856 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idsflt64.sys -- (IDSFLT)
DRV:64bit: - [2009/06/16 14:32:58 | 000,082,952 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\dsaflt64.sys -- (DSAFLT)
DRV:64bit: - [2009/06/11 07:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 07:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/03/28 12:25:06 | 000,031,800 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fnetm64.sys -- (FNETMON)
DRV:64bit: - [2008/02/28 15:37:42 | 000,046,136 | ---- | M] (Panda Security, S.L.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ShldFlt.sys -- (ShldFlt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE 3D 10 75 EA 9B CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: [email protected]:7.1.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.0
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/09/18 14:28:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/19 21:59:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/19 21:59:31 | 000,000,000 | ---D | M]
[2010/11/26 13:20:33 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Extensions
[2010/12/19 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Firefox\Profiles\75apic9n.default\extensions
[2010/12/19 18:15:21 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Firefox\Profiles\75apic9n.default\extensions\[email protected]
[2010/12/03 18:44:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/03 18:44:47 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
O1 HOSTS File: ([2010/09/18 14:10:09 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\Inicio.exe (Panda Security, S.L.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [iTap] C:\Program Files (x86)\HLW\iTap\iTap.exe (Honeder Lacher Wallner Softwareentwicklung OEG)
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Panda_cleaner] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pskdr.exe (Panda Security S.L.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\SysNative\idmmbc.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...6/uploader2.cab (UploadListView Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\avldr: DllName - Reg Error: Key error. - C:\Windows\SysNative\avldr64.dll (Panda Security, S.L.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/21 02:42:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/28 10:10:00 | 000,000,143 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup\rsrc\AUTORUN.EXE -- [2000/01/18 03:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <[email protected]>)
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell\dinstall\command - "" = D:\DirectX\dxsetup.exe -- [2003/08/19 11:15:00 | 000,467,456 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\BSAutoRun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/12/21 15:47:24 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
[2010/12/19 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Bioshock
[2010/12/19 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Bioshock
[2010/12/19 13:22:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOOM 3
[2010/12/19 13:03:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2010/12/19 10:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2010/12/19 10:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2010/12/17 16:12:07 | 000,000,000 | ---D | C] -- C:\68ea54836d0365453f
[2010/12/07 14:20:22 | 000,000,000 | ---D | C] -- C:\Team17
[2010/12/07 13:32:35 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Thief - Deadly Shadows
[2010/12/07 13:31:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Thief - Deadly Shadows
[2010/12/07 13:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thief - Deadly Shadows
[2010/12/03 18:50:56 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\skypePM
[2010/12/03 18:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/12/03 18:44:16 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/12/03 18:44:16 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Skype
[2010/12/03 18:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/12/02 15:47:53 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Media Player Classic
[2010/12/01 23:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/12/01 23:40:35 | 000,000,000 | ---D | C] -- C:\Fraps
[2010/12/01 11:29:12 | 000,000,000 | ---D | C] -- C:\adobeTemp
[2010/11/26 13:20:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla
[2010/11/26 13:20:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Local\Mozilla
[2010/11/26 13:20:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/11/23 22:43:15 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Local\Cranium
[2010/11/23 17:31:53 | 000,000,000 | ---D | C] -- C:\sw3dg
[2010/11/23 16:42:18 | 000,000,000 | R-SD | C] -- C:\Users\Sarah Obscene\Documents\My Stationery
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
[2010/12/21 14:59:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/21 13:51:21 | 000,003,965 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\pfdnnt.act
[2010/12/21 13:36:36 | 000,000,132 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/12/21 11:38:47 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/21 11:38:47 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/21 11:32:10 | 000,412,672 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck
[2010/12/21 11:32:10 | 000,412,672 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT
[2010/12/21 11:32:10 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck
[2010/12/21 11:32:10 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG
[2010/12/21 11:32:10 | 000,000,252 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\IdsFlt.cfg.bck
[2010/12/21 11:32:10 | 000,000,252 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\IdsFlt.cfg
[2010/12/21 11:32:10 | 000,000,092 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetLoc.wlt.bck
[2010/12/21 11:32:10 | 000,000,092 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetLoc.wlt
[2010/12/21 11:32:10 | 000,000,068 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetFlt.cfg.bck
[2010/12/21 11:32:10 | 000,000,068 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetFlt.cfg
[2010/12/21 11:32:10 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\WnmFlt.cfg.bck
[2010/12/21 11:32:10 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\WnmFlt.cfg
[2010/12/21 11:32:10 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.cfg.bck
[2010/12/21 11:32:10 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.cfg
[2010/12/21 11:32:08 | 000,418,468 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls.bck
[2010/12/21 11:32:08 | 000,418,468 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls
[2010/12/21 11:30:18 | 000,000,136 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAdapt.cfg.bck
[2010/12/21 11:30:18 | 000,000,136 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAdapt.cfg
[2010/12/21 11:30:15 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAR.wlt.bck
[2010/12/21 11:30:15 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAR.wlt
[2010/12/21 11:30:13 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/21 11:29:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/21 11:29:36 | 3219,890,176 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/20 13:59:55 | 000,720,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/20 13:59:55 | 000,623,348 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/20 13:59:55 | 000,109,332 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/20 00:40:25 | 000,000,979 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Doom3.lnk
[2010/12/19 21:16:34 | 004,840,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/12/19 14:16:33 | 000,000,343 | ---- | M] () -- C:\Windows\doom3.ini
[2010/12/19 13:03:10 | 000,001,384 | ---- | M] () -- C:\Users\Public\Desktop\Bioshock.lnk
[2010/12/19 10:54:26 | 000,001,026 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Virtual DJ.lnk
[2010/12/19 10:51:43 | 000,145,920 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/17 16:21:02 | 000,007,731 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\netgear.cfg
[2010/12/17 15:07:33 | 000,017,147 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\jess noob.jpg
[2010/12/16 14:55:20 | 564,234,287 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/12/08 01:48:36 | 000,025,381 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\why does.png
[2010/12/07 14:20:32 | 000,000,761 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix Demo.lnk
[2010/12/06 18:39:36 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2010/12/05 23:52:14 | 000,065,775 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\after-effects-logo.png
[2010/12/05 23:51:11 | 000,026,219 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\Adobe-After-Effects-CS3-icon.png
[2010/12/04 09:52:10 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2010/12/03 22:32:53 | 000,108,822 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\jean lol.jpg
[2010/12/03 18:50:58 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/12/03 18:44:17 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/12/03 16:09:03 | 000,016,858 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\OMG.png
[2010/12/02 03:56:38 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2010/12/02 00:48:50 | 000,092,260 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\1.jpg
[2010/12/02 00:48:42 | 000,081,342 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\2.jpg
[2010/12/01 23:40:36 | 000,000,569 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Fraps.lnk
[2010/12/01 11:07:40 | 000,099,475 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Sarah Obscene.png
[2010/12/01 10:55:07 | 000,045,844 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\my hair outline a final.png
[2010/12/01 10:54:47 | 001,084,312 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\my hair outline a final.ai
[2010/11/30 22:06:36 | 000,784,650 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\hans.bmp
[2010/11/27 15:24:40 | 000,058,979 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\Sarah Obscene Facebook.png
[2010/11/27 15:22:05 | 000,095,669 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\dean lmfao.png
[2010/11/23 23:54:37 | 000,041,686 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\mp3.jpg
[2010/11/23 23:36:37 | 000,219,709 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\iPhone3LCD.jpg
[2010/11/23 17:32:29 | 000,001,701 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Evochron Mercenary.lnk
[2010/11/22 12:18:44 | 000,071,512 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\155222_480236523496_562718496_5515039_5231588_n.jpg
[2010/11/21 18:01:11 | 000,098,793 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\sarahobsceneavatar.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/12/20 00:40:25 | 000,000,979 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Doom3.lnk
[2010/12/19 14:16:33 | 000,000,343 | ---- | C] () -- C:\Windows\doom3.ini
[2010/12/19 13:03:10 | 000,001,384 | ---- | C] () -- C:\Users\Public\Desktop\Bioshock.lnk
[2010/12/19 11:12:30 | 000,017,147 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\jess noob.jpg
[2010/12/19 10:54:26 | 000,001,026 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Virtual DJ.lnk
[2010/12/17 16:21:01 | 000,007,731 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\netgear.cfg
[2010/12/08 01:48:36 | 000,025,381 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\why does.png
[2010/12/07 14:20:32 | 000,000,761 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix Demo.lnk
[2010/12/06 18:39:36 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/12/05 23:52:19 | 000,065,775 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\after-effects-logo.png
[2010/12/05 23:51:18 | 000,026,219 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\Adobe-After-Effects-CS3-icon.png
[2010/12/03 22:33:01 | 000,108,822 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\jean lol.jpg
[2010/12/03 18:50:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/12/03 18:44:17 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/12/03 16:09:03 | 000,016,858 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\OMG.png
[2010/12/02 00:49:17 | 000,081,342 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\2.jpg
[2010/12/02 00:49:11 | 000,092,260 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\1.jpg
[2010/12/01 23:40:36 | 000,000,569 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Fraps.lnk
[2010/12/01 11:07:38 | 000,099,475 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Sarah Obscene.png
[2010/12/01 10:54:59 | 000,045,844 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\my hair outline a final.png
[2010/12/01 10:54:41 | 001,084,312 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\my hair outline a final.ai
[2010/11/30 22:06:16 | 000,784,650 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\hans.bmp
[2010/11/27 15:24:40 | 000,058,979 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\Sarah Obscene Facebook.png
[2010/11/23 23:54:42 | 000,041,686 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\mp3.jpg
[2010/11/23 23:37:53 | 000,219,709 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\iPhone3LCD.jpg
[2010/11/23 17:32:29 | 000,001,701 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Evochron Mercenary.lnk
[2010/11/22 12:18:54 | 000,071,512 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\155222_480236523496_562718496_5515039_5231588_n.jpg
[2010/11/21 22:59:29 | 011,079,282 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Pub.uxx
[2010/11/21 18:01:21 | 000,098,793 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\sarahobsceneavatar.jpg
[2010/10/12 09:57:27 | 000,000,544 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/09/24 19:11:27 | 000,000,132 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/09/19 16:07:25 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/09/19 16:07:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/09/19 16:07:19 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/09/19 16:07:19 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/09/19 16:07:19 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/09/19 01:36:55 | 000,145,920 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/18 14:40:48 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2009/07/14 10:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 08:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/26 18:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
========== LOP Check ==========
[2010/12/19 14:22:02 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Bioshock
[2010/10/13 16:57:05 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/12/20 23:59:32 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\DMCache
[2010/12/12 15:13:16 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\IDM
[2010/09/26 13:24:39 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\NCH Swift Sound
[2010/09/18 14:45:01 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Panda Security
[2010/10/28 01:48:26 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/11/16 12:17:31 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
OTL Extras logfile created on: 12/21/2010 3:48:01 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Sarah Obscene\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 28.00% Memory free
8.00 Gb Paging File | 4.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 216.28 Gb Free Space | 23.22% Space Free | Partition Type: NTFS
Drive D: | 481.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: OBSCENE-PC | User Name: Sarah Obscene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = jsfile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.jse[@ = JSEFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbe[@ = VBEFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbs[@ = VBSFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsf[@ = WSFFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsh[@ = WSHFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = jsfile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.jse [@ = JSEFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbe [@ = VBEFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbs [@ = VBSFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsf [@ = WSFFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsh [@ = WSHFile] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PAVSCRIP.EXE (Panda Security, S.L.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
jsefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
vbsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
wsffile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
wshfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
jsefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
vbsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
wsffile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
wshfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{67298824-5d56-44b9-8cf8-56e1eca79cb2}.sdb" = Virtua Fighter 2
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.9.0
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0815D55A-5EFF-4E1B-8C04-7035E914D90D}" = OLYMPUS Master 2
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15964283-007A-48A6-AD9C-49B1A466CF3C}" = FriendAdderElite
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22439E2F-1CF7-4F8B-992A-3AA3C0553929}" = Yu-Gi-Oh! ONLINE 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection
"{2F1F98D4-30F0-44FA-963C-DF8127B98B4D}" = Panda Internet Security 2010
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{568161BB-4D77-4534-AB92-55040CD92798}" = Panda Internet Security 2010
"{5AF68C3B-AAE3-4FDC-9105-91C5552D8E6C}" = iTap 2.2
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7926EFB6-7CB4-4A9D-AB01-095F67F9D519}" = Panda Internet Security 2010
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{98A7B057-68D0-4D00-98D5-D9BCD2ACD2E1}" = MFB-MySpace Friend Bomber
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B0B46A1F-EC96-44A4-A9FB-62FE33BAF7DE}" = Rapidshare Auto Downloader 4.1
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{C0AA232E-BD1B-40B5-A176-A2BEB67FFAE1}" = Adobe After Effects CS5 Third Party Content
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CD29B5CA-4727-4114-9AD9-25CCCE6E4014}" = Adobe After Effects CS5 Third Party Royalty Content
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"Adobe AIR" = Adobe AIR
"Age of Wonders Shadow Magic" = Age of Wonders Shadow Magic
"Blood_is1" = Blood
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Evochron Mercenary_is1" = Evochron Mercenary
"FL Studio 8" = FL Studio 8
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Guitar Pro 5_is1" = Guitar Pro 5.2
"IL Download Manager" = IL Download Manager
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"Internet Download Manager" = Internet Download Manager
"James Bond 007: Nightfire" = James Bond 007: Nightfire
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.4.0
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Pharaoh" = Pharaoh
"Phoenix Demo" = Phoenix Demo
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"Steam App 1250" = Killing Floor
"Steam App 1260" = Killing Floor SDK
"Steam App 35420" = Killing Floor Mod: Defence Alliance 2
"Steam App 550" = Left 4 Dead 2
"Steam App 60800" = Numen: Contest of Heroes
"Toxic Biohazard" = Toxic Biohazard
"Uninstall_is1" = Uninstall 1.0.0.1
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WavePad" = WavePad Sound Editor
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"WinDirStat" = WinDirStat 1.1.2
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/18/2010 10:17:28 PM | Computer Name = Obscene-Pc | Source = MsiInstaller | ID = 1013
Description =
Error - 12/18/2010 10:18:49 PM | Computer Name = Obscene-Pc | Source = MsiInstaller | ID = 1013
Description =
Error - 12/18/2010 10:19:04 PM | Computer Name = Obscene-Pc | Source = MsiInstaller | ID = 11704
Description =
Error - 12/18/2010 11:28:47 PM | Computer Name = Obscene-Pc | Source = Application Error | ID = 1000
Description = Faulting application name: Bioshock.exe, version: 1.0.0.0, time stamp:
0x46b7d7a9 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7c809e01 Faulting process id: 0x26b0 Faulting application
start time: 0x01cb9f2bd90b1102 Faulting application path: C:\Program Files (x86)\2K
Games\BioShock\Builds\Release\Bioshock.exe Faulting module path: unknown Report Id:
167ff284-0b20-11e0-b012-001fd02e25f7
Error - 12/19/2010 6:26:32 AM | Computer Name = Obscene-Pc | Source = Application Error | ID = 1000
Description = Faulting application name: AVENGINE.EXE, version: 2.2.26.0, time stamp:
0x4aa51899 Faulting module name: pskavs.dll_unloaded, version: 0.0.0.0, time stamp:
0x4a40bfd5 Exception code: 0xc0000005 Fault offset: 0x25531c50 Faulting process id:
0xb7c Faulting application start time: 0x01cb9f669ac4c33c Faulting application path:
C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
Faulting
module path: pskavs.dll Report Id: 72821e21-0b5a-11e0-93ef-001fd02e25f7
Error - 12/19/2010 8:11:44 PM | Computer Name = Obscene-Pc | Source = Application Error | ID = 1000
Description = Faulting application name: AVENGINE.EXE, version: 2.2.26.0, time stamp:
0x4aa51899 Faulting module name: pskavs.dll_unloaded, version: 0.0.0.0, time stamp:
0x4a40bfd5 Exception code: 0xc0000005 Fault offset: 0x25531c50 Faulting process id:
0xb8c Faulting application start time: 0x01cb9fda10049434 Faulting application path:
C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
Faulting
module path: pskavs.dll Report Id: b9c4e2ed-0bcd-11e0-855c-001fd02e25f7
Error - 12/20/2010 8:59:22 AM | Computer Name = Obscene-Pc | Source = Bonjour Service | ID = 100
Description = 220: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 12/20/2010 8:59:23 AM | Computer Name = Obscene-Pc | Source = Bonjour Service | ID = 100
Description = 472: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 12/20/2010 8:59:23 AM | Computer Name = Obscene-Pc | Source = Bonjour Service | ID = 100
Description = 572: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 12/20/2010 8:59:23 AM | Computer Name = Obscene-Pc | Source = Bonjour Service | ID = 100
Description = 376: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
[ System Events ]
Error - 12/18/2010 7:37:44 AM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058
Error - 12/18/2010 7:40:50 AM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058
Error - 12/18/2010 12:01:09 PM | Computer Name = Obscene-Pc | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft .NET Framework 4 on Windows
XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows
Server 2008 R2 for x64-based Systems (KB2160841).
Error - 12/18/2010 10:19:18 PM | Computer Name = Obscene-Pc | Source = DCOM | ID = 10001
Description =
Error - 12/19/2010 6:17:49 AM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058
Error - 12/19/2010 6:22:12 AM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058
Error - 12/19/2010 8:07:37 PM | Computer Name = Obscene-Pc | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:46:29 AM on ?20/?12/?2010 was unexpected.
Error - 12/19/2010 8:08:41 PM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058
Error - 12/20/2010 9:00:17 AM | Computer Name = Obscene-Pc | Source = DCOM | ID = 10010
Description =
Error - 12/20/2010 8:29:54 PM | Computer Name = Obscene-Pc | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Device (RFCOMM Protocol TDI) service failed to start
due to the following error: %%1058
< End of report >