OTL logfile created on: 10/14/2011 7:29:33 AM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Carrie Dearden\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.99 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 51.00% Memory free
6.18 Gb Paging File | 4.79 Gb Available in Paging File | 77.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 363.79 Gb Total Space | 219.47 Gb Free Space | 60.33% Space Free | Partition Type: NTFS
Drive D: | 8.82 Gb Total Space | 1.00 Gb Free Space | 11.34% Space Free | Partition Type: NTFS
Drive E: | 641.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: CARRIEDEARDE-PC | User Name: Carrie Dearden | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/10/12 02:11:02 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Carrie Dearden\Desktop\OTL.scr
PRC - [2011/09/13 00:26:05 | 002,076,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/09/24 00:57:08 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/17 00:39:10 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/17 00:38:54 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/03/06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2008/01/15 11:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/02/15 06:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/09/28 09:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2006/09/03 13:32:28 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
========== Modules (No Company Name) ========== MOD - [2009/09/04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/17 00:39:10 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/02/24 16:42:56 | 000,386,424 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008/01/29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/06/12 13:50:44 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/09/11 19:02:44 | 000,544,256 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service) Intel®
SRV - [2006/09/11 19:01:04 | 000,167,936 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL) Intel®
SRV - [2006/09/11 18:56:32 | 000,075,264 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -- (ISSM) Intel®
SRV - [2006/09/11 18:56:20 | 000,188,416 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService) Intel®
SRV - [2006/09/03 13:32:28 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/01 02:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server) Intel® Viiv™
SRV - [2006/05/10 12:13:52 | 000,029,696 | R--- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)
========== Driver Services (SafeList) ========== DRV - [2011/10/13 23:33:20 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\42338772.sys -- (42338772)
DRV - [2011/10/13 18:13:34 | 000,000,688 | -HS- | M] () [File_System | Unknown | Running] -- C:\Windows\3709753drv.spi -- (3709753drv)
DRV - [2011/09/13 00:25:59 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/05 17:17:33 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/17 00:38:59 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/02/22 03:44:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/08/26 06:33:00 | 000,026,368 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\optovcm.sys -- (optovcm)
DRV - [2009/08/26 06:33:00 | 000,018,432 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\optousb.sys -- (optousb)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/11/07 05:29:22 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/04/13 09:22:56 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2005/12/12 13:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [2005/06/24 17:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 10:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005/05/26 10:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.h...lion&pf=desktopIE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bing.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Carrie Dearden\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Users\Carrie Dearden\AppData\Roaming\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Carrie Dearden\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
[2011/10/05 09:30:14 | 000,002,223 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\websearch.xml
O1 HOSTS File: ([2011/10/12 18:48:26 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Carrie Dearden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_08484690.lnk = C:\Users\Carrie Dearden\AppData\Local\Temp\_uninst_08484690.bat ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Save with Download Manager... - file://C:\Program Files\Road Runner Music\DMDownload.htm File not found
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Carrie Dearden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (Bodog)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In
https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B8A9460-51EA-4547-B11D-E22D69E1C85D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Carrie Dearden\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Carrie Dearden\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/12 14:11:51 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003/08/27 04:47:12 | 000,000,000 | ---D | M] - E:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2003/08/27 04:47:12 | 000,000,059 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/10/13 16:16:52 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\42338772.sys
[2011/10/12 19:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/10/12 19:31:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/10/12 18:48:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/10/12 18:48:04 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/10/12 18:27:44 | 000,000,000 | ---D | C] -- C:\Users\Carrie Dearden\AppData\Roaming\UIIBBtzPNyc
[2011/10/12 18:27:44 | 000,000,000 | ---D | C] -- C:\Users\Carrie Dearden\AppData\Roaming\tA11uuvD2obFpm5
[2011/10/12 03:40:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/12 03:37:40 | 000,000,000 | ---D | C] -- C:\Users\Carrie Dearden\AppData\Roaming\zDDD3oonF4am5sJ
[2011/10/12 03:37:40 | 000,000,000 | ---D | C] -- C:\Users\Carrie Dearden\AppData\Roaming\uLL88gTTZqhCwUV
[2011/10/12 02:53:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/10/12 02:53:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/10/12 02:53:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/10/12 02:53:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/10/12 02:53:30 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/10/12 02:53:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/12 02:53:15 | 004,255,422 | R--- | C] (Swearware) -- C:\Users\Carrie Dearden\Desktop\ComboFix.exe
[2011/10/12 02:10:58 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Carrie Dearden\Desktop\OTL.scr
[2011/10/11 18:04:03 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/10/07 20:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/10/07 20:46:10 | 000,000,000 | ---D | C] -- C:\ProgramData\WSTB
[2011/10/06 00:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/06 00:43:46 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/10/06 00:43:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/05 22:11:31 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/10/05 22:11:27 | 000,000,000 | ---D | C] -- C:\Users\Carrie Dearden\AppData\Roaming\Malwarebytes
[2011/10/05 22:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/05 04:09:27 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/10/05 04:09:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/10/05 04:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/10/04 20:41:21 | 000,000,000 | ---D | C] -- C:\Users\Carrie Dearden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Build-a-lot - On Vacation
[2011/10/04 20:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build-a-lot - On Vacation
[2011/10/04 20:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Build-a-lot - On Vacation
[2008/01/26 04:07:12 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/10/14 07:06:58 | 000,003,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/14 07:06:58 | 000,003,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/14 06:16:29 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6E25402C-C311-427D-83F0-9DE5D4B02233}.job
[2011/10/13 23:33:20 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\42338772.sys
[2011/10/13 18:13:34 | 000,000,688 | -HS- | M] () -- C:\Windows\3709753drv.spi
[2011/10/13 16:13:01 | 000,967,636 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/13 16:13:01 | 000,222,132 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/13 16:06:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/13 16:01:08 | 000,004,618 | -HS- | M] () -- C:\Windows\4973551drv.spi
[2011/10/12 19:38:21 | 000,000,814 | ---- | M] () -- C:\Users\Carrie Dearden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_08484690.lnk
[2011/10/12 18:48:26 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/10/12 03:38:03 | 000,001,213 | ---- | M] () -- C:\Users\Carrie Dearden\AppData\Roaming\ldr.ini
[2011/10/12 03:23:12 | 000,000,129 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2011/10/12 02:49:37 | 004,255,422 | R--- | M] (Swearware) -- C:\Users\Carrie Dearden\Desktop\ComboFix.exe
[2011/10/12 02:11:02 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Carrie Dearden\Desktop\OTL.scr
[2011/10/12 01:45:41 | 000,000,150 | ---- | M] () -- C:\Users\Carrie Dearden\Desktop\rk-proxy.reg
[2011/10/11 19:07:37 | 286,807,291 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/06 00:44:00 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/10/06 00:43:49 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/06 00:39:00 | 001,008,092 | ---- | M] () -- C:\Users\Carrie Dearden\Desktop\rkill.com
[2011/10/05 04:10:20 | 001,869,232 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/10/05 04:08:22 | 000,512,992 | ---- | M] () -- C:\Users\Carrie Dearden\Desktop\sdsetup_aff[1].exe
[2011/10/04 20:41:40 | 000,001,799 | ---- | M] () -- C:\Users\Public\Desktop\Play Build-a-lot - On Vacation.lnk
[2011/10/04 20:41:40 | 000,001,574 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2011/10/04 20:18:30 | 087,011,417 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/10/13 18:13:32 | 000,000,688 | -HS- | C] () -- C:\Windows\3709753drv.spi
[2011/10/12 21:08:59 | 000,004,618 | -HS- | C] () -- C:\Windows\4973551drv.spi
[2011/10/12 19:38:21 | 000,000,814 | ---- | C] () -- C:\Users\Carrie Dearden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_08484690.lnk
[2011/10/12 03:37:40 | 000,001,213 | ---- | C] () -- C:\Users\Carrie Dearden\AppData\Roaming\ldr.ini
[2011/10/12 03:23:12 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/10/12 02:53:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/10/12 02:53:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/10/12 02:53:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/10/12 02:53:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/10/12 02:53:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/12 01:45:41 | 000,000,150 | ---- | C] () -- C:\Users\Carrie Dearden\Desktop\rk-proxy.reg
[2011/10/07 21:29:25 | 286,807,291 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/10/06 00:43:49 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/06 00:39:00 | 001,008,092 | ---- | C] () -- C:\Users\Carrie Dearden\Desktop\rkill.com
[2011/10/05 04:09:53 | 001,869,232 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2011/10/05 04:08:22 | 000,512,992 | ---- | C] () -- C:\Users\Carrie Dearden\Desktop\sdsetup_aff[1].exe
[2011/10/04 20:41:40 | 000,001,799 | ---- | C] () -- C:\Users\Public\Desktop\Play Build-a-lot - On Vacation.lnk
[2011/10/04 20:41:40 | 000,001,574 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2011/08/08 23:22:16 | 000,010,089 | ---- | C] () -- C:\Users\Carrie Dearden\AppData\Roaming\E900.A1A
[2010/12/29 05:40:45 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2010/09/12 00:33:05 | 000,161,603 | ---- | C] () -- C:\Windows\hpoins16.dat
[2010/09/12 00:33:05 | 000,004,602 | ---- | C] () -- C:\Windows\hpomdl16.dat
[2010/01/26 05:37:05 | 000,225,280 | ---- | C] () -- C:\Windows\System32\net_rim_plazmic_flint_dialog.dll
[2010/01/09 01:31:06 | 000,007,577 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2009/12/07 00:03:09 | 000,012,484 | ---- | C] () -- C:\Users\Carrie Dearden\AppData\Roaming\settings.dat
[2009/12/06 23:58:11 | 000,620,870 | ---- | C] () -- C:\Users\Carrie Dearden\AppData\Roaming\farm.bmp
[2009/10/22 21:44:51 | 000,157,512 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/03/02 04:56:41 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/02/05 18:17:13 | 000,000,532 | ---- | C] () -- C:\Windows\eReg.dat
[2008/10/02 03:43:35 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2008/04/03 03:23:04 | 000,000,038 | ---- | C] () -- C:\Windows\System32\w3url.dll
[2008/03/25 16:56:08 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1461.dll
[2008/03/25 16:42:46 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008/03/25 16:42:46 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008/03/25 16:42:46 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2008/02/17 18:26:42 | 000,041,984 | ---- | C] () -- C:\Users\Carrie Dearden\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/05 04:11:52 | 000,000,110 | ---- | C] () -- C:\Users\Carrie Dearden\AppData\Roaming\wklnhst.dat
[2007/08/24 20:46:48 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2007/08/24 20:38:54 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/08/24 20:38:54 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/06/12 14:02:43 | 000,103,521 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/06/12 13:52:56 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1268.dll
[2007/06/12 13:45:52 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe
[2007/06/12 13:43:01 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom24.dll
[2007/06/12 13:43:01 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes24.dll
[2007/03/06 04:47:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007/01/12 10:07:48 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2007/01/12 10:07:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 003,716,112 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,967,636 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,222,132 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/06/23 13:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
========== LOP Check ========== [2011/06/04 21:21:28 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Alawar
[2011/05/17 23:41:21 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Big Fish Games
[2010/02/04 00:23:33 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\BlamGames
[2011/05/17 17:55:09 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\blg
[2008/01/13 04:06:57 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\BloodTies
[2009/03/15 04:52:56 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Boolat Games
[2010/06/07 01:47:40 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Boomzap
[2008/07/21 04:24:35 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Canon
[2008/03/09 03:24:02 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\cerasus.media
[2010/01/27 00:10:14 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\DivoGames
[2010/03/27 22:28:01 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Facebook
[2011/01/03 22:59:20 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\FinalTorrent
[2010/01/11 01:48:52 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Flood Light Games
[2008/08/30 02:49:07 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\ForgottenRiddles2
[2011/07/19 15:28:17 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Friday's games
[2010/12/08 19:49:32 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\funkitron
[2008/12/08 17:53:14 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\GameInvest
[2008/11/17 00:55:20 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Gamelab
[2011/05/18 18:24:27 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\GamesCafe
[2011/03/17 15:26:45 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\GARMIN
[2008/10/03 03:57:48 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Go-Go Gourmet Chef of the Year
[2010/01/15 18:35:03 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Gold Casual Games
[2007/12/26 18:59:45 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Home Sweet Home
[2010/03/27 22:50:47 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Home Sweet Home 2
[2009/12/18 13:18:08 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Home Sweet Home Christmas
[2011/07/19 23:13:03 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Hotdog Hotshot
[2008/01/27 22:35:59 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Jane s Hotel
[2010/12/15 18:32:11 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Ludia
[2007/10/28 23:33:02 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Mysteryville2
[2008/02/19 02:40:40 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\New Tier
[2008/09/23 04:03:43 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Oberon Games
[2011/05/06 21:39:23 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Ph03nixNewMedia
[2011/05/25 02:59:12 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\PlayFirst
[2011/05/16 18:41:14 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\playmink
[2010/01/06 23:28:06 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Playrix Entertainment
[2010/12/27 23:42:39 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Pogo Games
[2010/03/17 17:58:04 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\QB9
[2010/01/26 05:37:05 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Research In Motion
[2008/04/03 03:23:33 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Road Runner Music
[2008/04/11 04:24:57 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Sandlot Games
[2008/10/30 15:48:53 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\SecretIslandEng
[2007/09/22 19:45:39 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Snapfish
[2010/12/29 06:44:58 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/06/07 22:32:22 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Stand O'Food 3
[2011/05/06 20:12:44 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\SulusGames
[2011/05/26 19:30:48 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Supermarket Mania 2
[2011/05/31 23:09:17 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\SupportSoft
[2011/10/12 18:27:45 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\tA11uuvD2obFpm5
[2007/12/05 04:11:53 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Template
[2010/01/11 17:20:47 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\TheFixerUpper
[2009/04/16 22:23:47 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Ubisoft
[2009/05/09 00:19:56 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\UClick
[2011/10/12 18:27:44 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\UIIBBtzPNyc
[2011/10/12 03:37:40 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\uLL88gTTZqhCwUV
[2011/08/09 00:15:59 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\Valusoft
[2009/02/24 18:46:01 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\ViquaSoft
[2010/12/29 05:44:58 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\WeatherBug
[2008/02/11 02:07:24 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\WinBatch
[2011/03/17 19:19:15 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\World-LooM
[2011/04/23 21:29:37 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\YoudaGames
[2011/10/12 03:37:41 | 000,000,000 | ---D | M] -- C:\Users\Carrie Dearden\AppData\Roaming\zDDD3oonF4am5sJ
[2011/10/13 16:05:15 | 000,032,528 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/10/14 06:16:29 | 000,000,436 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6E25402C-C311-427D-83F0-9DE5D4B02233}.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:BDF08FAF
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:15752405
@Alternate Data Stream - 247 bytes -> C:\ProgramData\TEMP:0DE96CF5
@Alternate Data Stream - 245 bytes -> C:\ProgramData\TEMP:A26AFC00
@Alternate Data Stream - 243 bytes -> C:\ProgramData\TEMP:E9900C74
@Alternate Data Stream - 242 bytes -> C:\ProgramData\TEMP:A02025CE
@Alternate Data Stream - 240 bytes -> C:\ProgramData\TEMP:5C4A588B
@Alternate Data Stream - 238 bytes -> C:\ProgramData\TEMP:DE9AC04F
@Alternate Data Stream - 237 bytes -> C:\ProgramData\TEMP:9D6EAEC3
@Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:0E22C5DB
@Alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:91FFEC32
@Alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:5FFC2819
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:5080697C
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:063969F8
@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:3B07E6F4
@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:04BB186B
@Alternate Data Stream - 230 bytes -> C:\ProgramData\TEMP:DB77E2C4
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:C22674B6
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:0E684AC9
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:073139EC
@Alternate Data Stream - 227 bytes -> C:\ProgramData\TEMP:A00BCDEF
@Alternate Data Stream - 227 bytes -> C:\ProgramData\TEMP:5AE33054
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:F1DEA771
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:A41FEAA2
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:48FEA089
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:27790C06
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:957E9765
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:848CC150
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:6C5EC3CD
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:8E5EA40F
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:7AF9CAEB
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:4E6B8D68
@Alternate Data Stream - 222 bytes -> C:\ProgramData\TEMP:08801FDB
@Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:E4FCDFD9
@Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:517B507A
@Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:11EFE63D
@Alternate Data Stream - 216 bytes -> C:\ProgramData\TEMP:DFC3B090
@Alternate Data Stream - 216 bytes -> C:\ProgramData\TEMP:DF0BC727
@Alternate Data Stream - 216 bytes -> C:\ProgramData\TEMP:90D89144
@Alternate Data Stream - 216 bytes -> C:\ProgramData\TEMP:708BB0FA
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:09708CB7
@Alternate Data Stream - 214 bytes -> C:\ProgramData\TEMP:E5F8E280
@Alternate Data Stream - 214 bytes -> C:\ProgramData\TEMP:9857FAE3
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:961B4D58
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:8F4E260C
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:33DB8278
@Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:7A0EFE63
@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:12EA4DC9
@Alternate Data Stream - 206 bytes -> C:\ProgramData\TEMP:7920E530
@Alternate Data Stream - 206 bytes -> C:\ProgramData\TEMP:059167AF
@Alternate Data Stream - 204 bytes -> C:\ProgramData\TEMP:D31BE97C
@Alternate Data Stream - 204 bytes -> C:\ProgramData\TEMP:6677D85A
@Alternate Data Stream - 204 bytes -> C:\ProgramData\TEMP:409A775B
@Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:6F55EB66
@Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:69FD6BF0
@Alternate Data Stream - 197 bytes -> C:\ProgramData\TEMP:60A4BB64
@Alternate Data Stream - 196 bytes -> C:\ProgramData\TEMP:0AC32449
@Alternate Data Stream - 195 bytes -> C:\ProgramData\TEMP:43982D5E
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:178093AE
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:F53B274A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:908A1B53
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:16ADBA30
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:3A0561F3
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:BCDC6E07
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:3571475C
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:0968E571
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:FEECF2C8
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2216A431
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:C6D0ABC3
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:3815BC84
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:EC2381A4
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:53DF4438
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:067F588D
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:EC0A74A1
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:D576A536
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:E5DE9C8F
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:8B51CAAE
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:895A78C5
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:4DCAC4BC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:CDB75348
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:538B96B5
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4C49306C
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:3AC0ED43
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:B1FBA7E1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:38B32B54
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:08D8BB20
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C35B4B19
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:B6FD7157
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:943E8182
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:5433DBEF
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:10D45FC3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9ACB70D7
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:70E897B5
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6C9F5E5E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:598E0FFA
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:E51234A9
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:9EF92A1A
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:90B52091
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:DE47A3DA
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:83ACAC73
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:393F7B1E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:1A5CC80A
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0DACB2B7
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0D52F295
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:DD629819
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:98F6F85C
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:61F0C8FB
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D46ECFD5
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:29B37860
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:F43B7E8F
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:E1D818F7
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:D055FC10
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:38D2EA83
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:DE9F4320
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:13AA281B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:D708EEF9
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:8401B6D5
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:5F1019FF
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:A561576B
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:89C6F032
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:CE6885F1
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:C86B29EB
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:1A5207FA
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:CB16385F
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:3790BACD
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:B3B7A337
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:4A1628E5
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:6B50A605
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:81653DC8
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:2BC498A4
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:067BF339
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:269C0B5C
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:13DF9DD1
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:10D98D98
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D8134D8F
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:FECEF728
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:969C0C96
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:8999FD56
< End of report >
This topic is locked
Sign In
Create Account
