Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PC Keeps Freezing maybe Malware?


  • Please log in to reply

#1
Sarah Rose

Sarah Rose

    New Member

  • Member
  • Pip
  • 1 posts
Cant open task manager and many programs dont respond got a good 2 minutes, then it unfreezes and is ok for about 10 or 20 seconds then goes back and freezes again. Once i restart the pc it fixes this problem but only for about 30 minutes. Its only really been bad since last night when i downloaded some games. Please help me :D

I think its malware thats infected my pc.



OTL logfile created on: 1/5/2011 1:35:23 PM - Run 2
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Sarah Obscene\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 267.44 Gb Free Space | 28.71% Space Free | Partition Type: NTFS
Drive D: | 481.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: OBSCENE-PC | User Name: Sarah Obscene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/28 11:27:30 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
PRC - [2010/12/19 21:59:30 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/12/19 21:59:30 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/17 14:41:20 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010/11/17 10:30:40 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2010/11/06 18:06:53 | 003,257,696 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/26 02:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2010/05/20 16:26:28 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2010/04/30 17:11:40 | 001,159,504 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\LU\LogitechUpdate.exe
PRC - [2010/04/30 17:11:30 | 000,341,328 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\LU\LULnchr.exe
PRC - [2009/09/25 13:51:04 | 000,906,496 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\ApVxdWin.exe
PRC - [2009/09/25 13:51:04 | 000,201,984 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pavjobs.exe
PRC - [2009/09/23 19:10:30 | 002,324,224 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\Iface.exe
PRC - [2009/09/17 13:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pavsrvx86.exe
PRC - [2009/09/07 17:40:04 | 000,198,400 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
PRC - [2009/08/25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\psksvc.exe
PRC - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsCtrlS.exe
PRC - [2009/08/10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavFnSvr.exe
PRC - [2009/08/10 14:45:48 | 000,111,872 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavBckPT.exe
PRC - [2009/04/23 13:31:16 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\WebProxy.exe
PRC - [2009/04/17 11:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\TPSrvWow.exe
PRC - [2009/04/08 11:56:24 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Program Files (x86)\Panda Security\Panda Internet Security 2010\FIREWALL\PSHost.exe
PRC - [2008/12/04 03:15:28 | 005,406,720 | ---- | M] (Honeder Lacher Wallner Softwareentwicklung OEG) -- C:\Program Files (x86)\HLW\iTap\iTap.exe
PRC - [2008/06/27 14:23:00 | 000,091,392 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\SrvLoad.exe
PRC - [2008/06/19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsImSvc.exe
PRC - [2008/05/15 18:26:02 | 000,087,344 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\OLYMPUS Master.exe
PRC - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe
PRC - [2008/01/14 23:18:20 | 003,182,248 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.exe


========== Modules (SafeList) ==========

MOD - [2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
MOD - [2010/08/21 16:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/08/10 14:46:20 | 000,025,344 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\sysHelper32.dll
MOD - [2009/08/10 14:46:00 | 000,148,736 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavTrc.dll
MOD - [2009/08/10 14:45:54 | 000,095,488 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavOEpl.dll
MOD - [2009/03/30 19:32:26 | 000,545,536 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\PavSHookWow.dll
MOD - [2009/03/30 19:32:26 | 000,087,296 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\PavLspHookWow.dll
MOD - [2008/01/14 23:15:34 | 000,159,744 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.dll
MOD - [2003/03/19 06:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSVCP71.DLL
MOD - [2003/02/21 15:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSVCR71.DLL


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010/11/26 13:54:12 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/05/20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2010/05/06 20:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/12/28 11:27:30 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/11/17 14:41:20 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/17 13:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pavsrvx86.exe -- (PAVSRV)
SRV - [2009/08/25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PskSvc.exe -- (PskSvcRetail)
SRV - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/08/10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/17 11:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\TPSrvWow.exe -- (TPSrv)
SRV - [2009/04/08 11:56:24 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\program files (x86)\panda security\panda internet security 2010\firewall\PSHOST.EXE -- (PSHost)
SRV - [2008/07/02 15:09:42 | 000,072,448 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\GWMsrv64.dll -- (Gwmsrv)
SRV - [2008/06/19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)
SRV - [2007/05/31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Prot6Flt.sys -- (Prot6Flt)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\Windows\SysNative\PavTPK.sys -- (PavTPK.sys)
DRV:64bit: - [2010/11/26 15:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/11/26 15:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/11/26 13:16:46 | 000,289,792 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/09/18 14:50:20 | 000,015,928 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\COMFiltr.sys -- (ComFiltr)
DRV:64bit: - [2010/09/03 00:22:18 | 000,088,864 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2010/06/23 17:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/05/24 20:07:58 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010/05/20 16:26:28 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/18 20:00:40 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2010/03/18 20:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/03/18 20:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/10/01 00:07:44 | 000,116,744 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\APPFLT64.SYS -- (APPFLT)
DRV:64bit: - [2009/09/09 11:29:18 | 000,214,536 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\n64i1639.sys -- (NETIMFLT01060039)
DRV:64bit: - [2009/08/13 09:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009/08/06 13:29:18 | 000,057,352 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM)
DRV:64bit: - [2009/07/14 12:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 12:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 12:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 11:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/30 11:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/16 14:33:02 | 000,074,760 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\wnmflt64.sys -- (WNMFLT)
DRV:64bit: - [2009/06/16 14:33:00 | 000,170,504 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NETTDI64.SYS -- (NETFLTDI)
DRV:64bit: - [2009/06/16 14:33:00 | 000,078,856 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idsflt64.sys -- (IDSFLT)
DRV:64bit: - [2009/06/16 14:32:58 | 000,082,952 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\dsaflt64.sys -- (DSAFLT)
DRV:64bit: - [2009/06/11 07:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/03/28 12:25:06 | 000,031,800 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fnetm64.sys -- (FNETMON)
DRV:64bit: - [2008/02/28 15:37:42 | 000,046,136 | ---- | M] (Panda Security, S.L.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ShldFlt.sys -- (ShldFlt)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A 38 31 78 89 A1 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o...?o=14200&l=dis"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: [email protected]:7.1.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:3.9.1.14019
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/09/18 14:28:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/19 21:59:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/28 18:55:31 | 000,000,000 | ---D | M]

[2010/11/26 13:20:33 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Extensions
[2011/01/05 13:19:27 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Firefox\Profiles\75apic9n.default\extensions
[2010/12/19 18:15:21 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Firefox\Profiles\75apic9n.default\extensions\[email protected]
[2010/12/29 07:53:33 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Mozilla\Firefox\Profiles\75apic9n.default\extensions\[email protected]
[2010/12/28 18:55:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/03 18:44:47 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/12/28 18:55:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/28 18:55:25 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/09/18 14:10:09 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TaskTray] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [iTap] C:\Program Files (x86)\HLW\iTap\iTap.exe (Honeder Lacher Wallner Softwareentwicklung OEG)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Panda_cleaner] C:\Program Files (x86)\Panda Security\Panda Internet Security 2010\pskdr.exe (Panda Security S.L.)
O4 - Startup: C:\Users\Sarah Obscene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\SysNative\idmmbc.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...6/uploader2.cab (UploadListView Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\avldr: DllName - Reg Error: Key error. - C:\Windows\SysNative\avldr64.dll (Panda Security, S.L.)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/21 02:42:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/28 10:10:00 | 000,000,143 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup\rsrc\AUTORUN.EXE -- [2000/01/18 03:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <[email protected]>)
O33 - MountPoints2\{59376f2b-c2f1-11df-bba1-806e6f6e6963}\Shell\dinstall\command - "" = D:\DirectX\dxsetup.exe -- [2003/08/19 11:15:00 | 000,467,456 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.part1.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\GuardiansOfGraxia-Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/04 19:33:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zeno Clash
[2011/01/04 19:08:58 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Bully Scholarship Edition
[2011/01/04 01:05:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2011/01/04 01:05:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2011/01/04 00:58:02 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\ATI
[2011/01/04 00:58:02 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Local\ATI
[2011/01/04 00:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/01/02 20:27:36 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\st
[2011/01/02 19:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/01/02 19:19:04 | 000,000,000 | ---D | C] -- C:\ViewSonic
[2011/01/02 19:17:34 | 000,369,864 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2011/01/02 19:17:34 | 000,307,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2011/01/02 19:17:34 | 000,307,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2011/01/02 19:17:34 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2011/01/02 19:17:34 | 000,095,432 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2011/01/02 19:17:34 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2011/01/02 19:16:51 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Leadertech
[2011/01/02 19:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2011/01/02 19:15:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2011/01/02 19:15:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2011/01/02 19:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011/01/02 19:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2011/01/02 19:14:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Logitech
[2011/01/02 19:14:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Logishrd
[2011/01/02 19:13:29 | 000,344,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011/01/02 19:07:44 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011/01/02 19:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011/01/02 19:07:16 | 000,000,000 | ---D | C] -- C:\Intel
[2011/01/02 18:41:43 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\DriverGenius
[2011/01/02 18:40:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2011/01/02 18:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/01/02 18:24:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/01/02 18:23:56 | 000,000,000 | ---D | C] -- C:\ATI
[2011/01/02 18:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2011/01/02 17:56:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amnesia - The Dark Descent
[2011/01/02 17:30:56 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Amnesia
[2011/01/02 16:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Space Trader
[2011/01/02 02:23:41 | 001,073,152 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll
[2011/01/02 02:23:41 | 000,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\ssleay32.dll
[2011/01/02 02:20:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011/01/02 02:19:35 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\uTorrent
[2011/01/02 01:26:36 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\MDownloader
[2011/01/02 01:26:32 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\adma
[2011/01/02 01:15:15 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Petroglyph
[2011/01/02 01:15:09 | 000,000,000 | RH-D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\SecuROM
[2011/01/01 23:21:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guardians of Graxia
[2010/12/28 19:04:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\FrostWire
[2010/12/28 19:04:19 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\FrostWire
[2010/12/28 18:55:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/12/28 18:55:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/12/28 18:55:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010/12/28 18:45:25 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Ventrilo
[2010/12/28 11:47:28 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Local\PunkBuster
[2010/12/28 11:29:14 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Battlefield 2
[2010/12/28 11:28:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameSpy
[2010/12/28 11:25:37 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Local\GameSpy
[2010/12/27 22:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010/12/27 22:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010/12/27 18:41:17 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\XnView
[2010/12/27 18:41:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XnView
[2010/12/24 14:02:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mirage Line Online
[2010/12/23 16:57:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/12/21 15:47:24 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
[2010/12/19 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Bioshock
[2010/12/19 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\AppData\Roaming\Bioshock
[2010/12/19 13:22:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOOM 3
[2010/12/19 10:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2010/12/19 10:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2010/12/17 16:12:07 | 000,000,000 | ---D | C] -- C:\68ea54836d0365453f
[2010/12/07 13:32:35 | 000,000,000 | ---D | C] -- C:\Users\Sarah Obscene\Documents\Thief - Deadly Shadows
[2010/12/07 13:31:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Thief - Deadly Shadows
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/05 13:11:32 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/05 13:11:32 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/05 13:09:22 | 000,007,608 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Local\Resmon.ResmonCfg
[2011/01/05 13:06:27 | 000,000,390 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\pfdnnt.act
[2011/01/05 13:05:01 | 000,448,608 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck
[2011/01/05 13:05:01 | 000,448,608 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT
[2011/01/05 13:05:01 | 000,418,468 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls.bck
[2011/01/05 13:05:01 | 000,418,468 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls
[2011/01/05 13:05:01 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck
[2011/01/05 13:05:01 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG
[2011/01/05 13:05:01 | 000,000,252 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\IdsFlt.cfg.bck
[2011/01/05 13:05:01 | 000,000,252 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\IdsFlt.cfg
[2011/01/05 13:05:01 | 000,000,092 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetLoc.wlt.bck
[2011/01/05 13:05:01 | 000,000,092 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetLoc.wlt
[2011/01/05 13:05:01 | 000,000,068 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetFlt.cfg.bck
[2011/01/05 13:05:01 | 000,000,068 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetFlt.cfg
[2011/01/05 13:05:01 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\WnmFlt.cfg.bck
[2011/01/05 13:05:01 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\WnmFlt.cfg
[2011/01/05 13:05:01 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.cfg.bck
[2011/01/05 13:05:01 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.cfg
[2011/01/05 13:02:34 | 000,000,136 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAdapt.cfg.bck
[2011/01/05 13:02:34 | 000,000,136 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAdapt.cfg
[2011/01/05 13:02:32 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAR.wlt.bck
[2011/01/05 13:02:32 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAR.wlt
[2011/01/05 13:02:13 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/05 13:01:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/05 13:01:37 | 3219,890,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/05 12:00:30 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/04 23:49:39 | 000,720,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/01/04 23:49:39 | 000,623,348 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/01/04 23:49:39 | 000,109,332 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/01/04 19:44:04 | 000,001,033 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Zeno Clash.lnk
[2011/01/03 19:48:21 | 000,001,280 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\SAW - The Video Game (TPTB).lnk
[2011/01/03 01:20:12 | 000,152,576 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/03 00:10:49 | 000,000,132 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/01/02 19:17:18 | 000,001,361 | ---- | M] () -- C:\Users\Sarah Obscene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/01/02 18:40:33 | 000,001,118 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Driver Genius Professional Edition.lnk
[2011/01/02 16:47:07 | 000,001,059 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Space Trader.lnk
[2010/12/30 15:24:46 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/12/30 15:24:46 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/28 11:43:25 | 000,002,630 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\cc_20101228_114321.reg
[2010/12/28 11:37:54 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/12/28 11:27:30 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/12/28 11:27:29 | 000,794,408 | ---- | M] () -- C:\Windows\SysWow64\Pbsvc.exe
[2010/12/27 22:36:41 | 000,000,262 | ---- | M] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/12/27 22:36:38 | 000,000,920 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Ventrilo.lnk
[2010/12/27 18:41:32 | 000,000,926 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\XnView.lnk
[2010/12/27 18:41:10 | 000,000,950 | ---- | M] () -- C:\Users\Sarah Obscene\Application Data\Microsoft\Internet Explorer\Quick Launch\XnView.lnk
[2010/12/24 20:24:55 | 000,001,136 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\MLO Launcher.lnk
[2010/12/23 18:11:15 | 000,002,595 | ---- | M] () -- C:\Users\Public\Desktop\FriendAdderElite.lnk
[2010/12/21 15:47:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah Obscene\Desktop\OTL.exe
[2010/12/20 00:40:25 | 000,000,979 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Doom3.lnk
[2010/12/19 21:16:34 | 004,840,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/12/19 10:54:26 | 000,001,026 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\Virtual DJ.lnk
[2010/12/17 16:21:02 | 000,007,731 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\netgear.cfg
[2010/12/17 15:07:33 | 000,017,147 | ---- | M] () -- C:\Users\Sarah Obscene\Desktop\jess noob.jpg
[2010/12/08 01:48:36 | 000,025,381 | ---- | M] () -- C:\Users\Sarah Obscene\Documents\why does.png
[2010/12/06 18:39:36 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/05 13:09:22 | 000,007,608 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Local\Resmon.ResmonCfg
[2011/01/04 19:44:04 | 000,001,033 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Zeno Clash.lnk
[2011/01/03 19:40:53 | 000,001,280 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\SAW - The Video Game (TPTB).lnk
[2011/01/02 19:17:18 | 000,001,361 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/01/02 19:13:29 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011/01/02 18:40:33 | 000,001,118 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Driver Genius Professional Edition.lnk
[2011/01/02 16:47:07 | 000,001,059 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Space Trader.lnk
[2010/12/28 11:50:20 | 000,234,536 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/12/28 11:43:23 | 000,002,630 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\cc_20101228_114321.reg
[2010/12/28 11:37:54 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/12/28 11:27:42 | 000,234,536 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/28 11:27:29 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\Pbsvc.exe
[2010/12/28 11:27:29 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/12/27 22:36:38 | 000,000,920 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Ventrilo.lnk
[2010/12/27 22:36:29 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/12/27 18:41:10 | 000,000,950 | ---- | C] () -- C:\Users\Sarah Obscene\Application Data\Microsoft\Internet Explorer\Quick Launch\XnView.lnk
[2010/12/27 18:41:10 | 000,000,926 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\XnView.lnk
[2010/12/24 20:24:55 | 000,001,136 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\MLO Launcher.lnk
[2010/12/20 00:40:25 | 000,000,979 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Doom3.lnk
[2010/12/19 11:12:30 | 000,017,147 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\jess noob.jpg
[2010/12/19 10:54:26 | 000,001,026 | ---- | C] () -- C:\Users\Sarah Obscene\Desktop\Virtual DJ.lnk
[2010/12/17 16:21:01 | 000,007,731 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\netgear.cfg
[2010/12/08 01:48:36 | 000,025,381 | ---- | C] () -- C:\Users\Sarah Obscene\Documents\why does.png
[2010/12/06 18:39:36 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/12/03 18:50:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/12 09:57:27 | 000,000,544 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/09/24 19:11:27 | 000,000,132 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/09/19 16:07:25 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/09/19 16:07:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/09/19 16:07:19 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/09/19 16:07:19 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/09/19 16:07:19 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/09/19 01:36:55 | 000,152,576 | ---- | C] () -- C:\Users\Sarah Obscene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/18 14:40:48 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009/07/14 10:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 08:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/26 18:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini

========== LOP Check ==========

[2011/01/02 01:26:32 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\adma
[2010/12/19 14:22:02 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Bioshock
[2010/10/13 16:57:05 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/01/05 12:59:01 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\DMCache
[2011/01/05 10:24:26 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\FrostWire
[2011/01/02 16:06:05 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\IDM
[2011/01/02 19:16:51 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Leadertech
[2010/09/26 13:24:39 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\NCH Swift Sound
[2010/09/18 14:45:01 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\Panda Security
[2010/10/28 01:48:26 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/01/05 12:55:21 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\uTorrent
[2011/01/05 01:29:35 | 000,000,000 | ---D | M] -- C:\Users\Sarah Obscene\AppData\Roaming\XnView
[2010/11/16 12:17:31 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >


there was no extra file that opened after this one.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP