I think its malware thats infected my pc.
OTL logfile created on: 1/5/2011 1:35:23 PM - Run 2
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Sarah Obscene\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 267.44 Gb Free Space | 28.71% Space Free | Partition Type: NTFS
Drive D: | 481.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: OBSCENE-PC | User Name: Sarah Obscene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/28 11:27:30 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
PRC - [2010/12/19 21:59:30 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/12/19 21:59:30 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/17 14:41:20 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010/11/17 10:30:40 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2010/11/06 18:06:53 | 003,257,696 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/26 02:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2010/05/20 16:26:28 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2010/04/30 17:11:40 | 001,159,504 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\LU\LogitechUpdate.exe
PRC - [2010/04/30 17:11:30 | 000,341,328 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\LU\LULnchr.exe
PRC - [2009/09/25 13:51:04 | 000,906,496 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\ApVxdWin.exe
PRC - [2009/09/25 13:51:04 | 000,201,984 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pavjobs.exe
PRC - [2009/09/23 19:10:30 | 002,324,224 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\Iface.exe
PRC - [2009/09/17 13:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pavsrvx86.exe
PRC - [2009/09/07 17:40:04 | 000,198,400 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
PRC - [2009/08/25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\psksvc.exe
PRC - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsCtrlS.exe
PRC - [2009/08/10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavFnSvr.exe
PRC - [2009/08/10 14:45:48 | 000,111,872 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavBckPT.exe
PRC - [2009/04/23 13:31:16 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\WebProxy.exe
PRC - [2009/04/17 11:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\TPSrvWow.exe
PRC - [2009/04/08 11:56:24 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Program Files (x86)\Panda Security\Panda Internet Security 2010\FIREWALL\PSHost.exe
PRC - [2008/12/04 03:15:28 | 005,406,720 | ---- | M] (Honeder Lacher Wallner Softwareentwicklung OEG) -- C:\Program Files (x86)\HLW\iTap\iTap.exe
PRC - [2008/06/27 14:23:00 | 000,091,392 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\SrvLoad.exe
PRC - [2008/06/19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsImSvc.exe
PRC - [2008/05/15 18:26:02 | 000,087,344 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\OLYMPUS Master.exe
PRC - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe
PRC - [2008/01/14 23:18:20 | 003,182,248 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.exe
========== Modules (SafeList) ==========
MOD - [2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
MOD - [2010/08/21 16:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/08/10 14:46:20 | 000,025,344 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\sysHelper32.dll
MOD - [2009/08/10 14:46:00 | 000,148,736 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavTrc.dll
MOD - [2009/08/10 14:45:54 | 000,095,488 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavOEpl.dll
MOD - [2009/03/30 19:32:26 | 000,545,536 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\PavSHookWow.dll
MOD - [2009/03/30 19:32:26 | 000,087,296 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\PavLspHookWow.dll
MOD - [2008/01/14 23:15:34 | 000,159,744 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.dll
MOD - [2003/03/19 06:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSVCP71.DLL
MOD - [2003/02/21 15:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSVCR71.DLL
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010/11/26 13:54:12 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/05/20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2010/05/06 20:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/12/28 11:27:30 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/11/17 14:41:20 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/17 13:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pavsrvx86.exe -- (PAVSRV)
SRV - [2009/08/25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PskSvc.exe -- (PskSvcRetail)
SRV - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/08/10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/17 11:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\TPSrvWow.exe -- (TPSrv)
SRV - [2009/04/08 11:56:24 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\program files (x86)\panda security\panda internet security 2010\firewall\PSHOST.EXE -- (PSHost)
SRV - [2008/07/02 15:09:42 | 000,072,448 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\GWMsrv64.dll -- (Gwmsrv)
SRV - [2008/06/19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)
SRV - [2007/05/31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Prot6Flt.sys -- (Prot6Flt)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\Windows\SysNative\PavTPK.sys -- (PavTPK.sys)
DRV:64bit: - [2010/11/26 15:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/11/26 15:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/11/26 13:16:46 | 000,289,792 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/09/18 14:50:20 | 000,015,928 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\COMFiltr.sys -- (ComFiltr)
DRV:64bit: - [2010/09/03 00:22:18 | 000,088,864 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2010/06/23 17:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/05/24 20:07:58 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010/05/20 16:26:28 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/18 20:00:40 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2010/03/18 20:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/03/18 20:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/10/01 00:07:44 | 000,116,744 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\APPFLT64.SYS -- (APPFLT)
DRV:64bit: - [2009/09/09 11:29:18 | 000,214,536 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\n64i1639.sys -- (NETIMFLT01060039)
DRV:64bit: - [2009/08/13 09:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009/08/06 13:29:18 | 000,057,352 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM)
DRV:64bit: - [2009/07/14 12:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 12:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 12:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 11:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/30 11:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/16 14:33:02 | 000,074,760 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\wnmflt64.sys -- (WNMFLT)
DRV:64bit: - [2009/06/16 14:33:00 | 000,170,504 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NETTDI64.SYS -- (NETFLTDI)
DRV:64bit: - [2009/06/16 14:33:00 | 000,078,856 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idsflt64.sys -- (IDSFLT)
DRV:64bit: - [2009/06/16 14:32:58 | 000,082,952 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\dsaflt64.sys -- (DSAFLT)
DRV:64bit: - [2009/06/11 07:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/03/28 12:25:06 | 000,031,800 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fnetm64.sys -- (FNETMON)
DRV:64bit: - [2008/02/28 15:37:42 | 000,046,136 | ---- | M] (Panda Security, S.L.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ShldFlt.sys -- (ShldFlt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A 38 31 78 89 A1 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o...?o=14200&l=dis"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: [email protected]:7.1.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:3.9.1.14019
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/09/18 14:28:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/19 21:59:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/28 18:55:31 | 000,000,000 | ---D | M]
[2010/11/26 13:20:33 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Extensions
[2011/01/05 13:19:27 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Firefox\Profiles\75apic9n.default\extensions
[2010/12/19 18:15:21 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Firefox\Profiles\75apic9n.default\extensions\[email protected]
[2010/12/29 07:53:33 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Firefox\Profiles\75apic9n.default\extensions\[email protected]
[2010/12/28 18:55:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/03 18:44:47 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/12/28 18:55:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/28 18:55:25 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010/09/18 14:10:09 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TaskTray] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [iTap] C:\Program Files (x86)\HLW\iTap\iTap.exe (Honeder Lacher Wallner Softwareentwicklung OEG)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Panda_cleaner] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pskdr.exe (Panda Security S.L.)
O4 - Startup: C:\Users\Sarah Obscene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\SysNative\idmmbc.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...6/uploader2.cab (UploadListView Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\avldr: DllName - Reg Error: Key error. - C:\Windows\SysNative\avldr64.dll (Panda Security, S.L.)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/21 02:42:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/28 10:10:00 | 000,000,143 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup\rsrc\AUTORUN.EXE -- [2000/01/18 03:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <[email protected]>)
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell\dinstall\command - "" = D:\DirectX\dxsetup.exe -- [2003/08/19 11:15:00 | 000,467,456 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.part1.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\GuardiansOfGraxia-Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/01/04 19:33:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zeno Clash
[2011/01/04 19:08:58 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Bully Scholarship Edition
[2011/01/04 01:05:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2011/01/04 01:05:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2011/01/04 00:58:02 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\ATI
[2011/01/04 00:58:02 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Local\ATI
[2011/01/04 00:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/01/02 20:27:36 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\st
[2011/01/02 19:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/01/02 19:19:04 | 000,000,000 | ---D | C] -- C:\ViewSonic
[2011/01/02 19:17:34 | 000,369,864 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2011/01/02 19:17:34 | 000,307,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2011/01/02 19:17:34 | 000,307,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2011/01/02 19:17:34 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2011/01/02 19:17:34 | 000,095,432 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2011/01/02 19:17:34 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2011/01/02 19:16:51 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Leadertech
[2011/01/02 19:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2011/01/02 19:15:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2011/01/02 19:15:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2011/01/02 19:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011/01/02 19:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2011/01/02 19:14:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Logitech
[2011/01/02 19:14:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Logishrd
[2011/01/02 19:13:29 | 000,344,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011/01/02 19:07:44 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011/01/02 19:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011/01/02 19:07:16 | 000,000,000 | ---D | C] -- C:\Intel
[2011/01/02 18:41:43 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\DriverGenius
[2011/01/02 18:40:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2011/01/02 18:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/01/02 18:24:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/01/02 18:23:56 | 000,000,000 | ---D | C] -- C:\ATI
[2011/01/02 18:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2011/01/02 17:56:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amnesia - The Dark Descent
[2011/01/02 17:30:56 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Amnesia
[2011/01/02 16:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Space Trader
[2011/01/02 02:23:41 | 001,073,152 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll
[2011/01/02 02:23:41 | 000,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\ssleay32.dll
[2011/01/02 02:20:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011/01/02 02:19:35 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\uTorrent
[2011/01/02 01:26:36 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\MDownloader
[2011/01/02 01:26:32 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\adma
[2011/01/02 01:15:15 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Petroglyph
[2011/01/02 01:15:09 | 000,000,000 | RH-D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\SecuROM
[2011/01/01 23:21:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guardians of Graxia
[2010/12/28 19:04:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\FrostWire
[2010/12/28 19:04:19 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\FrostWire
[2010/12/28 18:55:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/12/28 18:55:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/12/28 18:55:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010/12/28 18:45:25 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Ventrilo
[2010/12/28 11:47:28 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Local\PunkBuster
[2010/12/28 11:29:14 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Battlefield 2
[2010/12/28 11:28:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameSpy
[2010/12/28 11:25:37 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Local\GameSpy
[2010/12/27 22:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010/12/27 22:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010/12/27 18:41:17 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\XnView
[2010/12/27 18:41:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XnView
[2010/12/24 14:02:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mirage Line Online
[2010/12/23 16:57:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/12/21 15:47:24 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
[2010/12/19 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Bioshock
[2010/12/19 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Bioshock
[2010/12/19 13:22:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOOM 3
[2010/12/19 10:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2010/12/19 10:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2010/12/17 16:12:07 | 000,000,000 | ---D | C] -- C:\68ea54836d0365453f
[2010/12/07 13:32:35 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Thief - Deadly Shadows
[2010/12/07 13:31:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Thief - Deadly Shadows
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/05 13:11:32 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/05 13:11:32 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/05 13:09:22 | 000,007,608 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Local\Resmon.ResmonCfg
[2011/01/05 13:06:27 | 000,000,390 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\pfdnnt.act
[2011/01/05 13:05:01 | 000,448,608 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck
[2011/01/05 13:05:01 | 000,448,608 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT
[2011/01/05 13:05:01 | 000,418,468 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls.bck
[2011/01/05 13:05:01 | 000,418,468 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls
[2011/01/05 13:05:01 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck
[2011/01/05 13:05:01 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG
[2011/01/05 13:05:01 | 000,000,252 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\IdsFlt.cfg.bck
[2011/01/05 13:05:01 | 000,000,252 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\IdsFlt.cfg
[2011/01/05 13:05:01 | 000,000,092 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetLoc.wlt.bck
[2011/01/05 13:05:01 | 000,000,092 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetLoc.wlt
[2011/01/05 13:05:01 | 000,000,068 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetFlt.cfg.bck
[2011/01/05 13:05:01 | 000,000,068 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetFlt.cfg
[2011/01/05 13:05:01 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\WnmFlt.cfg.bck
[2011/01/05 13:05:01 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\WnmFlt.cfg
[2011/01/05 13:05:01 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.cfg.bck
[2011/01/05 13:05:01 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.cfg
[2011/01/05 13:02:34 | 000,000,136 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAdapt.cfg.bck
[2011/01/05 13:02:34 | 000,000,136 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAdapt.cfg
[2011/01/05 13:02:32 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAR.wlt.bck
[2011/01/05 13:02:32 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAR.wlt
[2011/01/05 13:02:13 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/05 13:01:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/05 13:01:37 | 3219,890,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/05 12:00:30 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/04 23:49:39 | 000,720,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/01/04 23:49:39 | 000,623,348 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/01/04 23:49:39 | 000,109,332 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/01/04 19:44:04 | 000,001,033 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Zeno Clash.lnk
[2011/01/03 19:48:21 | 000,001,280 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\SAW - The Video Game (TPTB).lnk
[2011/01/03 01:20:12 | 000,152,576 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/03 00:10:49 | 000,000,132 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/01/02 19:17:18 | 000,001,361 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/01/02 18:40:33 | 000,001,118 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Driver Genius Professional Edition.lnk
[2011/01/02 16:47:07 | 000,001,059 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Space Trader.lnk
[2010/12/30 15:24:46 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/12/30 15:24:46 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/28 11:43:25 | 000,002,630 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\cc_20101228_114321.reg
[2010/12/28 11:37:54 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/12/28 11:27:30 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/12/28 11:27:29 | 000,794,408 | ---- | M] () -- C:\Windows\SysWow64\Pbsvc.exe
[2010/12/27 22:36:41 | 000,000,262 | ---- | M] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/12/27 22:36:38 | 000,000,920 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Ventrilo.lnk
[2010/12/27 18:41:32 | 000,000,926 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\XnView.lnk
[2010/12/27 18:41:10 | 000,000,950 | ---- | M] () -- C:\Users\Sarah Obscene\Application Data\Microsoft\Internet Explorer\Quick Launch\XnView.lnk
[2010/12/24 20:24:55 | 000,001,136 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\MLO Launcher.lnk
[2010/12/23 18:11:15 | 000,002,595 | ---- | M] () -- C:\Users\Public\Desktop\FriendAdderElite.lnk
[2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
[2010/12/20 00:40:25 | 000,000,979 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Doom3.lnk
[2010/12/19 21:16:34 | 004,840,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/12/19 10:54:26 | 000,001,026 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Virtual DJ.lnk
[2010/12/17 16:21:02 | 000,007,731 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\netgear.cfg
[2010/12/17 15:07:33 | 000,017,147 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\jess noob.jpg
[2010/12/08 01:48:36 | 000,025,381 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\why does.png
[2010/12/06 18:39:36 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/01/05 13:09:22 | 000,007,608 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Local\Resmon.ResmonCfg
[2011/01/04 19:44:04 | 000,001,033 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Zeno Clash.lnk
[2011/01/03 19:40:53 | 000,001,280 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\SAW - The Video Game (TPTB).lnk
[2011/01/02 19:17:18 | 000,001,361 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/01/02 19:13:29 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011/01/02 18:40:33 | 000,001,118 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Driver Genius Professional Edition.lnk
[2011/01/02 16:47:07 | 000,001,059 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Space Trader.lnk
[2010/12/28 11:50:20 | 000,234,536 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/12/28 11:43:23 | 000,002,630 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\cc_20101228_114321.reg
[2010/12/28 11:37:54 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/12/28 11:27:42 | 000,234,536 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/28 11:27:29 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\Pbsvc.exe
[2010/12/28 11:27:29 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/12/27 22:36:38 | 000,000,920 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Ventrilo.lnk
[2010/12/27 22:36:29 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/12/27 18:41:10 | 000,000,950 | ---- | C] () -- C:\Users\Sarah Obscene\Application Data\Microsoft\Internet Explorer\Quick Launch\XnView.lnk
[2010/12/27 18:41:10 | 000,000,926 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\XnView.lnk
[2010/12/24 20:24:55 | 000,001,136 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\MLO Launcher.lnk
[2010/12/20 00:40:25 | 000,000,979 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Doom3.lnk
[2010/12/19 11:12:30 | 000,017,147 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\jess noob.jpg
[2010/12/19 10:54:26 | 000,001,026 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Virtual DJ.lnk
[2010/12/17 16:21:01 | 000,007,731 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\netgear.cfg
[2010/12/08 01:48:36 | 000,025,381 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\why does.png
[2010/12/06 18:39:36 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/12/03 18:50:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/12 09:57:27 | 000,000,544 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/09/24 19:11:27 | 000,000,132 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/09/19 16:07:25 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/09/19 16:07:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/09/19 16:07:19 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/09/19 16:07:19 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/09/19 16:07:19 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/09/19 01:36:55 | 000,152,576 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/18 14:40:48 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009/07/14 10:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 08:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/26 18:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
========== LOP Check ==========
[2011/01/02 01:26:32 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\adma
[2010/12/19 14:22:02 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Bioshock
[2010/10/13 16:57:05 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/01/05 12:59:01 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\DMCache
[2011/01/05 10:24:26 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\FrostWire
[2011/01/02 16:06:05 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\IDM
[2011/01/02 19:16:51 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Leadertech
[2010/09/26 13:24:39 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\NCH Swift Sound
[2010/09/18 14:45:01 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Panda Security
[2010/10/28 01:48:26 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/01/05 12:55:21 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\uTorrent
[2011/01/05 01:29:35 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\XnView
[2010/11/16 12:17:31 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
there was no extra file that opened after this one.