OTL logfile created on: 7/7/2011 11:36:52 AM - Run 2 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\shannon\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.96 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 52.94% Memory free 3.92 Gb Paging File | 2.95 Gb Available in Paging File | 75.13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 103.85 Gb Total Space | 61.92 Gb Free Space | 59.62% Space Free | Partition Type: NTFS Drive D: | 30.25 Gb Total Space | 29.53 Gb Free Space | 97.62% Space Free | Partition Type: NTFS Drive E: | 1.16 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: SHANNON-PC | User Name: shannon | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/07/07 11:21:37 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\shannon\Desktop\OTL.com PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe PRC - [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe PRC - [2010/08/05 08:46:02 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe PRC - [2009/07/14 15:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/07/07 11:21:37 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\shannon\Desktop\OTL.com MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011/05/30 11:33:54 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd) SRV - [2010/08/05 08:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2010/07/22 16:20:14 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009/09/22 19:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc) SRV - [2009/08/14 15:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc) SRV - [2009/07/14 15:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter) SRV - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IgrsSvcs.exe -- (PS_MDP) SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/04/14 21:28:30 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86) DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011/02/22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV - [2011/02/10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011/02/10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2010/03/13 03:39:18 | 000,054,800 | ---- | M] () [Kernel | System | Running] -- C:\windows\System32\drivers\funfrm.sys -- (funfrm) DRV - [2009/09/14 19:04:28 | 000,217,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2009/07/28 22:09:36 | 000,063,240 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdbridge.sys -- (Bridge0) DRV - [2009/07/21 22:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd) DRV - [2009/07/16 13:37:14 | 000,011,792 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror) DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/07/13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R) DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM) DRV - [2009/06/19 17:18:26 | 000,168,704 | ---- | M] (SMI) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMIksdrv.sys -- (usbsmi) DRV - [2009/06/15 03:46:22 | 000,475,648 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2009/05/19 14:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC) DRV - [2008/08/06 13:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/webhp?sourceid=navclient&ie=UTF-8 IE - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () IE - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\shannon\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\shannon\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/23 20:02:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/26 18:10:45 | 000,000,000 | ---D | M] [2010/08/24 16:22:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shannon\AppData\Roaming\Mozilla\Extensions [2010/08/24 16:22:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shannon\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O3 - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools) O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe (Lenovo) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab () O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab (RIM AxLoader) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-3485257981-137355879-1672897492-1005..exefile [open] -- "C:\Users\shannon\AppData\Local\teg.exe" -a "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-3485257981-137355879-1672897492-1005\...exe [@ = exefile] -- "C:\Users\shannon\AppData\Local\teg.exe" -a "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/07/07 11:32:04 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\shannon\Desktop\OTL.com [2011/07/01 01:02:26 | 000,000,000 | -H-D | C] -- C:\$AVG [2011/06/29 08:40:10 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tquery.dll [2011/06/29 08:40:10 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssrch.dll [2011/06/29 08:40:09 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssvp.dll [2011/06/29 08:40:09 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssph.dll [2011/06/29 08:40:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssphtb.dll [2011/06/29 08:40:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msscntrs.dll [2011/06/24 13:55:58 | 000,000,000 | ---D | C] -- C:\Users\shannon\AppData\Local\ABBYY [2011/06/15 21:24:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll [2011/06/15 21:24:21 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2011/06/15 21:24:20 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2011/06/15 21:24:20 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2011/06/15 21:24:19 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2011/06/15 21:24:19 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2011/06/15 21:24:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2011/06/15 21:24:19 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2011/06/15 21:24:19 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2011/06/15 21:24:19 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2011/06/15 21:24:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2011/06/15 21:24:18 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2011/06/13 22:02:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2011/06/13 22:02:22 | 000,000,000 | ---D | C] -- C:\Users\shannon\AppData\Roaming\Canon [2 C:\Users\Public\Documents\*.tmp files -> C:\Users\Public\Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/07/07 11:37:18 | 003,670,016 | -HS- | M] () -- C:\Users\shannon\ntuser.dat [2011/07/07 11:29:01 | 000,000,916 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3485257981-137355879-1672897492-1005UA.job [2011/07/07 11:21:37 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\shannon\Desktop\OTL.com [2011/07/07 11:16:53 | 000,000,607 | ---- | M] () -- C:\Users\shannon\Desktop\unhook.inf [2011/07/07 11:14:43 | 000,000,607 | ---- | M] () -- C:\Users\shannon\Desktop\unhook.ini [2011/07/07 10:42:00 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/07/07 10:42:00 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/07/07 10:41:27 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2011/07/07 10:35:35 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2011/07/07 10:33:51 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2011/07/07 10:33:39 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011/07/07 10:33:26 | 1579,634,688 | -HS- | M] () -- C:\hiberfil.sys [2011/07/07 10:14:31 | 001,422,358 | -H-- | M] () -- C:\Users\shannon\AppData\Local\IconCache.db [2011/07/07 10:03:43 | 121,362,516 | ---- | M] () -- C:\windows\System32\drivers\AVG\incavi.avm [2011/07/02 21:52:59 | 000,047,550 | ---- | M] () -- C:\windows\System32\drivers\AVG\iavichjg.avm [2011/07/01 14:20:35 | 000,010,944 | -HS- | M] () -- C:\Users\shannon\AppData\Local\wjyj7l673vh84f2ra13a2543nc82t06128w4cg [2011/07/01 14:20:35 | 000,010,944 | -HS- | M] () -- C:\ProgramData\wjyj7l673vh84f2ra13a2543nc82t06128w4cg [2011/06/30 18:20:33 | 000,212,992 | -HS- | M] () -- C:\Users\shannon\AppData\Local\158k3.dll [2011/06/30 17:29:00 | 000,000,864 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3485257981-137355879-1672897492-1005Core.job [2011/06/30 14:35:50 | 000,468,432 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2011/06/29 15:30:04 | 000,002,588 | ---- | M] () -- C:\Users\shannon\Desktop\Google Chrome.lnk [2011/06/23 20:02:29 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk [2011/06/15 22:16:56 | 000,806,058 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2011/06/15 22:16:56 | 000,670,886 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011/06/15 22:16:56 | 000,124,044 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011/06/12 16:55:22 | 000,113,461 | ---- | M] () -- C:\windows\System32\drivers\AVG\iavichjw.avm [2 C:\Users\Public\Documents\*.tmp files -> C:\Users\Public\Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/07/07 11:16:53 | 000,000,607 | ---- | C] () -- C:\Users\shannon\Desktop\unhook.inf [2011/07/07 11:14:43 | 000,000,607 | ---- | C] () -- C:\Users\shannon\Desktop\unhook.ini [2011/06/30 18:20:37 | 000,010,944 | -HS- | C] () -- C:\Users\shannon\AppData\Local\wjyj7l673vh84f2ra13a2543nc82t06128w4cg [2011/06/30 18:20:37 | 000,010,944 | -HS- | C] () -- C:\ProgramData\wjyj7l673vh84f2ra13a2543nc82t06128w4cg [2011/06/30 18:20:33 | 000,212,992 | -HS- | C] () -- C:\Users\shannon\AppData\Local\158k3.dll [2011/05/12 17:11:58 | 000,000,000 | ---- | C] () -- C:\Users\shannon\AppData\Local\rx_image.Cache [2011/03/21 11:58:32 | 001,422,358 | -H-- | C] () -- C:\Users\shannon\AppData\Local\IconCache.db [2011/01/01 13:22:15 | 000,057,344 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2010/08/25 08:48:55 | 000,111,932 | ---- | C] () -- C:\windows\System32\EPPICPrinterDB.dat [2010/08/25 08:48:55 | 000,001,120 | ---- | C] () -- C:\windows\System32\EPPICPresetData_IT.dat [2010/08/25 08:48:55 | 000,001,107 | ---- | C] () -- C:\windows\System32\EPPICPresetData_GE.dat [2010/08/25 08:48:55 | 000,000,097 | ---- | C] () -- C:\windows\System32\PICSDK.ini [2010/08/25 08:48:54 | 000,031,053 | ---- | C] () -- C:\windows\System32\EPPICPattern131.dat [2010/08/25 08:48:54 | 000,027,417 | ---- | C] () -- C:\windows\System32\EPPICPattern121.dat [2010/08/25 08:48:54 | 000,026,154 | ---- | C] () -- C:\windows\System32\EPPICPattern1.dat [2010/08/25 08:48:54 | 000,024,903 | ---- | C] () -- C:\windows\System32\EPPICPattern3.dat [2010/08/25 08:48:54 | 000,021,390 | ---- | C] () -- C:\windows\System32\EPPICPattern5.dat [2010/08/25 08:48:54 | 000,020,148 | ---- | C] () -- C:\windows\System32\EPPICPattern2.dat [2010/08/25 08:48:54 | 000,011,811 | ---- | C] () -- C:\windows\System32\EPPICPattern4.dat [2010/08/25 08:48:54 | 000,004,943 | ---- | C] () -- C:\windows\System32\EPPICPattern6.dat [2010/08/25 08:48:54 | 000,001,146 | ---- | C] () -- C:\windows\System32\EPPICPresetData_DU.dat [2010/08/25 08:48:54 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_PT.dat [2010/08/25 08:48:54 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_BP.dat [2010/08/25 08:48:54 | 000,001,136 | ---- | C] () -- C:\windows\System32\EPPICPresetData_ES.dat [2010/08/25 08:48:54 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_FR.dat [2010/08/25 08:48:54 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_CF.dat [2010/08/25 08:48:54 | 000,001,104 | ---- | C] () -- C:\windows\System32\EPPICPresetData_EN.dat [2010/08/25 08:34:24 | 000,000,025 | ---- | C] () -- C:\windows\CDE DX8400DEFGIPS.ini [2010/08/15 12:41:00 | 000,037,336 | ---- | C] () -- C:\windows\System32\CleanMFT32.exe [2010/07/20 22:03:56 | 000,127,080 | ---- | C] () -- C:\Users\shannon\AppData\Local\GDIPFONTCACHEV1.DAT [2010/03/13 03:40:05 | 002,110,728 | ---- | C] () -- C:\windows\System32\Apblend.dll [2010/03/13 03:40:05 | 001,410,312 | ---- | C] () -- C:\windows\System32\IcnOvrly.dll [2010/03/13 03:40:05 | 001,171,456 | ---- | C] () -- C:\windows\System32\PicNotify.dll [2010/03/13 03:40:05 | 000,660,744 | ---- | C] () -- C:\windows\System32\EncIcons.dll [2010/03/13 03:40:05 | 000,513,288 | ---- | C] () -- C:\windows\System32\SimpleExt.dll [2010/03/13 03:39:52 | 001,044,480 | ---- | C] () -- C:\windows\System32\3DImageRenderer.dll [2010/03/13 03:39:18 | 000,057,344 | ---- | C] () -- C:\windows\AsfHelper.dll [2010/03/13 03:39:18 | 000,054,800 | ---- | C] () -- C:\windows\System32\drivers\funfrm.sys [2010/03/13 03:39:07 | 000,163,840 | ---- | C] () -- C:\windows\System32\SM37XCoInst.dll [2010/03/13 03:37:33 | 000,140,288 | ---- | C] () -- C:\windows\System32\igfxtvcx.dll [2010/03/13 03:33:13 | 000,016,648 | R--- | C] () -- C:\windows\System32\LogAPI.dll [2010/03/13 03:31:20 | 000,982,220 | ---- | C] () -- C:\windows\System32\igkrng500.bin [2010/03/13 03:31:19 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin [2010/03/13 03:31:19 | 000,092,216 | ---- | C] () -- C:\windows\System32\igfcg500m.bin [2010/03/13 03:31:18 | 000,439,300 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin [2010/02/01 19:18:30 | 000,806,058 | ---- | C] () -- C:\windows\System32\PerfStringBackup.INI [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\windows\System32\OGACheckControl.dll [2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\windows\System32\OGAEXEC.exe [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2009/07/14 05:33:53 | 000,468,432 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,670,886 | ---- | C] () -- C:\windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,124,044 | ---- | C] () -- C:\windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT [2009/07/14 03:04:57 | 000,001,405 | ---- | C] () -- C:\windows\msdfmap.ini [2009/07/14 03:04:23 | 000,000,613 | ---- | C] () -- C:\windows\win.ini [2009/07/14 03:04:23 | 000,000,219 | ---- | C] () -- C:\windows\system.ini [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll [2009/07/13 22:41:56 | 000,053,552 | ---- | C] () -- C:\windows\System32\dosx.exe [2009/07/13 22:41:05 | 000,000,718 | ---- | C] () -- C:\windows\System32\mscdexnt.exe [2009/07/13 22:41:04 | 000,002,842 | ---- | C] () -- C:\windows\System32\redir.exe [2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\share.exe [2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\fastopen.exe [2009/07/13 22:41:01 | 000,019,694 | ---- | C] () -- C:\windows\System32\GRAPHICS.COM [2009/07/13 22:40:59 | 000,014,710 | ---- | C] () -- C:\windows\System32\KB16.COM [2009/07/13 22:40:57 | 000,007,052 | ---- | C] () -- C:\windows\System32\nlsfunc.exe [2009/07/13 22:40:57 | 000,001,131 | ---- | C] () -- C:\windows\System32\LOADFIX.COM [2009/07/13 22:40:56 | 000,039,274 | ---- | C] () -- C:\windows\System32\mem.exe [2009/07/13 22:40:54 | 000,011,753 | ---- | C] () -- C:\windows\System32\setver.exe [2009/07/13 22:40:52 | 000,020,634 | ---- | C] () -- C:\windows\System32\debug.exe [2009/07/13 22:40:51 | 000,008,424 | ---- | C] () -- C:\windows\System32\exe2bin.exe [2009/07/13 22:40:50 | 000,012,642 | ---- | C] () -- C:\windows\System32\edlin.exe [2009/07/13 22:40:49 | 000,012,498 | ---- | C] () -- C:\windows\System32\append.exe [2009/07/13 22:40:48 | 000,050,648 | ---- | C] () -- C:\windows\System32\COMMAND.COM [2009/07/13 22:40:44 | 000,027,097 | ---- | C] () -- C:\windows\System32\country.sys [2009/07/13 22:40:43 | 000,042,809 | ---- | C] () -- C:\windows\System32\KEY01.SYS [2009/07/13 22:40:43 | 000,042,537 | ---- | C] () -- C:\windows\System32\KEYBOARD.SYS [2009/07/13 22:40:41 | 000,009,029 | ---- | C] () -- C:\windows\System32\ANSI.SYS [2009/07/13 22:40:40 | 000,004,768 | ---- | C] () -- C:\windows\System32\HIMEM.SYS [2009/07/13 22:40:39 | 000,029,274 | ---- | C] () -- C:\windows\System32\NTDOS412.SYS [2009/07/13 22:40:35 | 000,029,370 | ---- | C] () -- C:\windows\System32\NTDOS411.SYS [2009/07/13 22:40:31 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS404.SYS [2009/07/13 22:40:27 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS804.SYS [2009/07/13 22:40:23 | 000,027,866 | ---- | C] () -- C:\windows\System32\NTDOS.SYS [2009/07/13 22:40:19 | 000,035,536 | ---- | C] () -- C:\windows\System32\NTIO412.SYS [2009/07/13 22:40:17 | 000,035,776 | ---- | C] () -- C:\windows\System32\NTIO411.SYS [2009/07/13 22:40:15 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO404.SYS [2009/07/13 22:40:13 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO804.SYS [2009/07/13 22:40:11 | 000,033,952 | ---- | C] () -- C:\windows\System32\NTIO.SYS [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\System32\msjetoledb40.dll [2009/07/13 21:29:46 | 000,013,312 | ---- | C] () -- C:\windows\System32\win87em.dll [2009/06/10 22:42:32 | 000,069,886 | ---- | C] () -- C:\windows\System32\edit.com [2009/06/10 22:39:59 | 000,060,124 | ---- | C] () -- C:\windows\System32\tcpmon.ini [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2010/10/24 12:59:46 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\AVG10 [2010/09/20 22:18:20 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\Blackberry Desktop [2011/06/13 22:02:22 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\Canon [2010/07/20 22:18:05 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\EasyCapture [2010/08/25 09:31:12 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\EPSON [2011/03/17 13:36:26 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\FrostWire [2010/09/12 19:17:34 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\IMVU [2010/09/12 17:28:23 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\IMVUClient [2010/09/20 22:33:48 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\Research In Motion [2011/03/20 21:16:41 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\Spotify [2010/08/24 16:38:11 | 000,000,000 | ---D | M] -- C:\Users\shannon\AppData\Roaming\Vivox [2011/06/19 16:56:11 | 000,032,592 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 76 bytes -> C:\Users\Public\Documents\Lucky (Glee Cast Version).mp3:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Public\Documents\heads will roll lyrics.mp3:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Public\Documents\Glee - Thong Song With Lyrics.mp3:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Public\Documents\Glee - Firework (Full Studio Version) Lyrics in Description.mp3:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Public\Documents\Black Eyed Peas - Just Can't Get Enough.mp3:Roxio EMC Stream @Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:D1B5B4F1 < End of report >