Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

nuisance pop up window


  • This topic is locked This topic is locked

#1
nativetexan2

nativetexan2

    Member

  • Member
  • PipPip
  • 59 posts
I have a Dell laptop running windows xp professional and I started getting a pop-up window saying Disk not formatted. Then in the body of the window says the disk in drive c is not formatted. Do you want to format it now?

OTL logfile created on: 8/8/2011 11:47:05 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Meagan\My Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 42.36% Memory free
3.84 Gb Paging File | 2.90 Gb Available in Paging File | 75.48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 408.07 Gb Free Space | 87.61% Space Free | Partition Type: NTFS

Computer Name: MEAGAN-DELL | User Name: Meagan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/08 23:44:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meagan\My Documents\OTL.exe
PRC - [2011/06/28 06:19:47 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/06/28 06:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/06/27 17:04:23 | 004,771,184 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/21 13:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/15 21:51:06 | 000,206,136 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\ytbb.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/05/01 14:35:10 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/20 16:55:46 | 001,228,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/07/20 16:53:52 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/05/10 10:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2006/09/08 08:32:54 | 000,102,400 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
PRC - [2006/09/05 10:09:10 | 000,315,392 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Common\DataServer.exe
PRC - [2006/08/28 21:57:12 | 000,395,776 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2006/08/25 09:45:30 | 000,192,512 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
PRC - [2006/06/12 10:01:14 | 000,180,224 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
PRC - [2005/10/18 17:11:08 | 000,061,440 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2005/10/07 14:13:38 | 000,176,128 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2005/07/27 16:41:08 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2004/06/28 23:56:12 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe


========== Modules (SafeList) ==========

MOD - [2011/08/08 23:44:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meagan\My Documents\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/09/08 08:32:02 | 000,286,720 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll
MOD - [2006/09/08 08:30:44 | 000,004,096 | ---- | M] () -- C:\WINDOWS\system32\detoured.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/06/28 06:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/05/30 11:33:54 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/07/20 16:53:52 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/09/05 10:09:10 | 000,315,392 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Common\DataServer.exe -- (DataSvr2)
SRV - [2006/06/12 10:01:14 | 000,180,224 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2005/10/18 17:11:08 | 000,061,440 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)


========== Driver Services (SafeList) ==========

DRV - [2011/08/08 22:27:37 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE32CCCD-C06B-4554-B214-2F87086A124F}\MpKslb6b5c0c0.sys -- (MpKslb6b5c0c0)
DRV - [2011/05/25 02:00:36 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/05/25 02:00:36 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2007/12/23 17:18:48 | 000,068,696 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/10/09 19:17:42 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/01/16 10:22:00 | 000,031,744 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\csrbcxp.sys -- (CSRBC)
DRV - [2006/06/13 23:56:34 | 000,155,264 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2006/06/13 12:29:28 | 000,047,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/06/13 11:22:58 | 000,111,232 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2006/06/09 21:40:00 | 000,040,192 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006/05/29 13:11:20 | 000,060,672 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2006/03/16 10:45:12 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2006/03/15 10:52:40 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2006/01/10 11:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/12/09 15:35:00 | 000,018,816 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pbadrv.sys -- (PBADRV)
DRV - [2005/10/26 10:01:02 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/10/03 12:57:00 | 000,086,867 | R--- | M] (CSR) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCOREUSB.sys -- (BCOREUSB)
DRV - [2005/09/28 20:57:18 | 000,113,847 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/07/11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005/05/13 17:27:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2005/01/06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2003/04/24 16:21:50 | 000,006,025 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...bid=&Keywords="

FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Meagan\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Meagan\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/08/08 22:25:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011/06/12 18:41:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/07/24 21:09:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 21:59:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/10 13:31:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\SoMud\scripts\mozilla [2011/07/08 18:32:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\SoMud\scripts\mozilla [2011/07/08 18:32:14 | 000,000,000 | ---D | M]

[2011/06/12 18:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Meagan\Application Data\Mozilla\Extensions
[2011/08/03 21:53:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Meagan\Application Data\Mozilla\Firefox\Profiles\jfigda3e.default\extensions
[2011/08/03 21:53:25 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Meagan\Application Data\Mozilla\Firefox\Profiles\jfigda3e.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/07/10 13:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/10 13:31:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/08/08 22:25:35 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/06/12 18:41:09 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="7.005.030.004" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
[2011/07/10 13:31:06 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected]
[2011/07/08 18:32:14 | 000,000,000 | ---D | M] (SoMud) -- C:\PROGRAM FILES\SOMUD\SCRIPTS\MOZILLA
[2011/06/21 16:13:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/06/25 21:59:01 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/07/10 13:31:05 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [ares] File not found
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SoMud] C:\Program Files\SoMud\somud.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Driver performer.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe (Wave Systems Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download Web &Images with SoMud - C:\Program Files\SoMud\scripts\ie\images-url.html ()
O8 - Extra context menu item: Download with SoMud - C:\Program Files\SoMud\scripts\ie\link-url.html ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1307999754500 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (wxvault.dll) - C:\WINDOWS\System32\wxvault.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Meagan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Meagan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/12 12:54:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/08 23:44:40 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Meagan\My Documents\OTL.exe
[2011/08/08 13:20:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2011/08/08 08:16:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/08/08 08:15:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/08/07 23:55:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Meagan\Recent
[2011/08/07 23:45:06 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/08/07 20:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/08/03 21:53:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2011/08/03 21:53:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meagan\Application Data\Yahoo!
[2011/08/03 21:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/08/03 21:52:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2011/08/03 21:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2011/07/25 16:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate
[2011/07/25 16:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/07/25 16:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/07/25 16:28:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meagan\Local Settings\Application Data\Downloaded Installations
[2011/07/25 16:28:25 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2011/07/24 22:03:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/07/24 22:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/07/24 21:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/07/24 21:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meagan\Application Data\DDMSettings
[2011/07/24 21:08:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus
[2011/07/13 18:59:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/07/10 13:33:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011/07/10 13:31:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/07/10 13:31:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/07/10 13:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/07/10 13:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meagan\Application Data\Sun
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/08 23:50:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1979792683-725345543-1003UA.job
[2011/08/08 23:44:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meagan\My Documents\OTL.exe
[2011/08/08 22:28:22 | 000,069,983 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\252110_193209450743470_100001632487175_541366_7468964_n.jpg
[2011/08/08 22:28:17 | 000,064,883 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\282499_193209410743474_100001632487175_541364_52462_n.jpg
[2011/08/08 22:27:52 | 000,051,048 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\185378_193209684076780_100001632487175_541375_4445303_n.jpg
[2011/08/08 22:27:45 | 000,050,578 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\284531_193209637410118_100001632487175_541373_1151840_n.jpg
[2011/08/08 22:27:43 | 000,053,617 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\263312_193209617410120_100001632487175_541372_4993154_n.jpg
[2011/08/08 22:27:24 | 000,085,378 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\282050_193209384076810_100001632487175_541363_1515989_n.jpg
[2011/08/08 22:27:18 | 000,055,707 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\282522_193209357410146_100001632487175_541362_2159348_n.jpg
[2011/08/08 22:27:08 | 000,055,796 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\223026_193209350743480_100001632487175_541361_3464057_n.jpg
[2011/08/08 22:27:03 | 000,054,133 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\282104_193209317410150_100001632487175_541360_6703866_n.jpg
[2011/08/08 22:25:40 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/08/08 22:19:06 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/08/08 22:18:14 | 127,368,836 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/08/08 13:27:07 | 000,441,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/08 13:27:06 | 000,071,462 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/08 13:25:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/08 13:24:47 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/08/08 13:19:52 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/08/08 13:19:52 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/08/08 13:19:27 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/08/08 13:19:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/08 07:50:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1979792683-725345543-1003Core.job
[2011/08/07 23:37:34 | 000,048,588 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\223641_10150288441984265_509789264_7453008_3986667_n.jpg
[2011/08/07 23:36:56 | 000,042,601 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\281897_10150288447024265_509789264_7453020_1816217_n.jpg
[2011/08/07 23:36:52 | 000,045,829 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\215136_10150288446649265_509789264_7453019_3856416_n.jpg
[2011/08/07 23:36:49 | 000,106,198 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\267382_10150288446069265_509789264_7453017_5790860_n.jpg
[2011/08/07 20:38:04 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/08/07 09:29:45 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/03 21:52:44 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\Meagan\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/08/03 21:52:44 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/08/02 19:49:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/08/01 16:23:12 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/07/27 21:43:12 | 000,057,270 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\250020_2277478137640_1269342014_2737789_8130019_n.jpg
[2011/07/27 21:42:32 | 000,061,809 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\262445_2277467857383_1269342014_2737767_5880458_n.jpg
[2011/07/27 21:41:45 | 000,085,469 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\250225_2277465177316_1269342014_2737759_7255675_n.jpg
[2011/07/27 21:02:18 | 000,749,603 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\272017_10150278315005747_578380746_7708130_833920_o.jpg
[2011/07/27 21:02:13 | 000,750,666 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\280039_10150278315250747_578380746_7708131_555676_o.jpg
[2011/07/27 21:02:05 | 000,702,355 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\279859_10150278315555747_578380746_7708132_2183681_o.jpg
[2011/07/27 17:08:26 | 000,063,321 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397479892_1379474034_1466930_4337858_n.jpg
[2011/07/27 17:08:17 | 000,061,903 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397439891_1379474034_1466929_228972_n.jpg
[2011/07/27 17:07:56 | 000,062,373 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397519893_1379474034_1466931_7585644_n.jpg
[2011/07/25 16:34:43 | 000,001,863 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk
[2011/07/24 22:13:43 | 000,000,629 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/07/24 22:07:33 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Meagan\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/07/24 22:03:10 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/07/24 21:08:54 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2011/07/24 11:55:12 | 000,024,221 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\58630_158445954167027_100000048713446_476485_3464465_n.jpg
[2011/07/22 16:19:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/20 21:52:46 | 000,059,527 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\chessecake stuffed strawberries.JPG
[2011/07/20 20:47:48 | 000,046,696 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\285379_1904206721006_1116870019_31624494_6247933_n.jpg
[2011/07/20 20:47:44 | 000,051,117 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\282073_1904206521001_1116870019_31624493_5544336_n.jpg
[2011/07/20 20:46:36 | 000,038,709 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\226565_1742625041565_1116870019_31467196_5150905_n.jpg
[2011/07/20 17:41:54 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Meagan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/19 19:32:09 | 000,067,562 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\285119_206173412763445_100001123636060_565013_29608_n.jpg
[2011/07/14 20:46:04 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\Meagan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/13 19:27:16 | 000,067,599 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\27946_387486792809_117547687809_4093759_598300_n.jpg
[2011/07/13 19:27:14 | 000,060,408 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\27946_387486772809_117547687809_4093758_4699847_n.jpg
[2011/07/13 19:27:12 | 000,048,873 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\27946_387486757809_117547687809_4093757_1526582_n.jpg
[2011/07/13 19:27:09 | 000,056,089 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\27946_387486747809_117547687809_4093756_2182690_n.jpg
[2011/07/13 19:26:33 | 000,031,979 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\215146_10150144747162810_117547687809_6698860_2019878_n.jpg
[2011/07/13 19:26:30 | 000,064,856 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\217288_10150144747117810_117547687809_6698859_6443305_n.jpg
[2011/07/13 19:26:25 | 000,060,585 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\216421_10150144747077810_117547687809_6698858_1593702_n.jpg
[2011/07/13 19:26:21 | 000,071,361 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\208494_10150144747047810_117547687809_6698857_7484257_n.jpg
[2011/07/13 19:26:19 | 000,057,095 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\217123_10150144747002810_117547687809_6698856_6991796_n.jpg
[2011/07/12 16:29:25 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/10 14:45:25 | 000,070,989 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\262142_2020354602075_1640226485_1931132_6550311_n.jpg
[2011/07/10 14:45:19 | 000,088,597 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\261647_2020352482022_1640226485_1931126_4747201_n.jpg
[2011/07/10 14:45:07 | 000,072,202 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\263137_2020350641976_1640226485_1931121_4309366_n.jpg
[2011/07/10 14:45:00 | 000,078,178 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\259847_2020348521923_1640226485_1931112_5687463_n.jpg
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/08 22:28:21 | 000,069,983 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\252110_193209450743470_100001632487175_541366_7468964_n.jpg
[2011/08/08 22:28:17 | 000,064,883 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\282499_193209410743474_100001632487175_541364_52462_n.jpg
[2011/08/08 22:27:52 | 000,051,048 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\185378_193209684076780_100001632487175_541375_4445303_n.jpg
[2011/08/08 22:27:45 | 000,050,578 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\284531_193209637410118_100001632487175_541373_1151840_n.jpg
[2011/08/08 22:27:37 | 000,053,617 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\263312_193209617410120_100001632487175_541372_4993154_n.jpg
[2011/08/08 22:27:21 | 000,085,378 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\282050_193209384076810_100001632487175_541363_1515989_n.jpg
[2011/08/08 22:27:15 | 000,055,707 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\282522_193209357410146_100001632487175_541362_2159348_n.jpg
[2011/08/08 22:27:07 | 000,055,796 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\223026_193209350743480_100001632487175_541361_3464057_n.jpg
[2011/08/08 22:26:57 | 000,054,133 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\282104_193209317410150_100001632487175_541360_6703866_n.jpg
[2011/08/07 23:37:34 | 000,048,588 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\223641_10150288441984265_509789264_7453008_3986667_n.jpg
[2011/08/07 23:36:56 | 000,042,601 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\281897_10150288447024265_509789264_7453020_1816217_n.jpg
[2011/08/07 23:36:52 | 000,045,829 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\215136_10150288446649265_509789264_7453019_3856416_n.jpg
[2011/08/07 23:36:49 | 000,106,198 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\267382_10150288446069265_509789264_7453017_5790860_n.jpg
[2011/08/07 20:41:45 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/08/07 20:38:04 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/08/07 20:36:13 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/08/03 21:52:44 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\Meagan\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/08/03 21:52:44 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/07/27 21:43:12 | 000,057,270 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\250020_2277478137640_1269342014_2737789_8130019_n.jpg
[2011/07/27 21:42:32 | 000,061,809 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\262445_2277467857383_1269342014_2737767_5880458_n.jpg
[2011/07/27 21:41:44 | 000,085,469 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\250225_2277465177316_1269342014_2737759_7255675_n.jpg
[2011/07/27 21:02:17 | 000,749,603 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\272017_10150278315005747_578380746_7708130_833920_o.jpg
[2011/07/27 21:02:12 | 000,750,666 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\280039_10150278315250747_578380746_7708131_555676_o.jpg
[2011/07/27 21:02:04 | 000,702,355 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\279859_10150278315555747_578380746_7708132_2183681_o.jpg
[2011/07/27 17:08:25 | 000,063,321 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397479892_1379474034_1466930_4337858_n.jpg
[2011/07/27 17:08:17 | 000,061,903 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397439891_1379474034_1466929_228972_n.jpg
[2011/07/27 17:07:56 | 000,062,373 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397519893_1379474034_1466931_7585644_n.jpg
[2011/07/25 16:34:43 | 000,001,863 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk
[2011/07/24 22:13:42 | 000,000,629 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/07/24 22:03:10 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/07/24 21:08:54 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2011/07/24 11:55:10 | 000,024,221 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\58630_158445954167027_100000048713446_476485_3464465_n.jpg
[2011/07/22 16:19:52 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/20 21:52:46 | 000,059,527 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\chessecake stuffed strawberries.JPG
[2011/07/20 20:47:46 | 000,046,696 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\285379_1904206721006_1116870019_31624494_6247933_n.jpg
[2011/07/20 20:47:42 | 000,051,117 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\282073_1904206521001_1116870019_31624493_5544336_n.jpg
[2011/07/20 20:46:35 | 000,038,709 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\226565_1742625041565_1116870019_31467196_5150905_n.jpg
[2011/07/19 19:32:07 | 000,067,562 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\285119_206173412763445_100001123636060_565013_29608_n.jpg
[2011/07/13 19:27:16 | 000,067,599 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\27946_387486792809_117547687809_4093759_598300_n.jpg
[2011/07/13 19:27:14 | 000,060,408 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\27946_387486772809_117547687809_4093758_4699847_n.jpg
[2011/07/13 19:27:12 | 000,048,873 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\27946_387486757809_117547687809_4093757_1526582_n.jpg
[2011/07/13 19:27:09 | 000,056,089 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\27946_387486747809_117547687809_4093756_2182690_n.jpg
[2011/07/13 19:26:33 | 000,031,979 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\215146_10150144747162810_117547687809_6698860_2019878_n.jpg
[2011/07/13 19:26:30 | 000,064,856 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\217288_10150144747117810_117547687809_6698859_6443305_n.jpg
[2011/07/13 19:26:25 | 000,060,585 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\216421_10150144747077810_117547687809_6698858_1593702_n.jpg
[2011/07/13 19:26:21 | 000,071,361 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\208494_10150144747047810_117547687809_6698857_7484257_n.jpg
[2011/07/13 19:26:19 | 000,057,095 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\217123_10150144747002810_117547687809_6698856_6991796_n.jpg
[2011/07/10 14:45:25 | 000,070,989 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\262142_2020354602075_1640226485_1931132_6550311_n.jpg
[2011/07/10 14:45:19 | 000,088,597 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\261647_2020352482022_1640226485_1931126_4747201_n.jpg
[2011/07/10 14:45:07 | 000,072,202 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\263137_2020350641976_1640226485_1931121_4309366_n.jpg
[2011/07/10 14:45:00 | 000,078,178 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\259847_2020348521923_1640226485_1931112_5687463_n.jpg
[2011/06/19 11:43:44 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Meagan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/18 01:26:26 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/06/16 16:05:43 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/06/16 16:05:43 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/06/13 16:40:48 | 000,012,736 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/06/12 18:29:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/06/12 17:03:24 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2011/06/12 17:03:24 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2011/06/12 17:03:03 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Meagan\Local Settings\Application Data\fusioncache.dat
[2011/06/12 14:20:13 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/06/12 14:18:28 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2011/06/12 14:18:26 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2011/06/12 14:18:26 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2011/06/12 12:58:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/06/12 12:50:25 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/06/12 07:42:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/06/12 07:41:27 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/09/12 12:07:36 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2006/09/12 12:01:48 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2006/09/12 12:01:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2006/09/12 12:01:34 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2006/09/12 12:01:28 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2006/09/12 12:01:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2006/09/12 12:01:12 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2006/09/12 12:01:06 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2006/09/12 12:00:58 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2006/09/12 12:00:52 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2006/09/12 12:00:44 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2006/09/08 08:32:02 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2006/09/08 08:30:44 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\detoured.dll
[2006/09/05 10:05:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_en.dll
[2006/09/05 09:26:06 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2006/09/05 09:25:54 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2006/09/05 09:25:42 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2006/09/05 09:25:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2006/09/05 09:25:20 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2006/09/05 09:25:10 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2006/09/05 09:24:58 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2006/09/05 09:24:48 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2006/09/05 09:24:36 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2006/09/05 09:24:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_RUS.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ITA.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_FRA.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ESN.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ENU.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_DEU.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_CHS.dll
[2006/06/12 10:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\Tsp.dll
[2005/12/01 14:41:20 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2005/09/20 13:36:06 | 000,798,720 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2005/09/01 21:44:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2005/03/21 18:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 18:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/01/21 12:02:28 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2004/08/04 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 05:00:00 | 000,441,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 05:00:00 | 000,071,462 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/21 15:03:14 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/07/20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/07/20 14:27:52 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/03/18 18:01:20 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2004/01/15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll

========== LOP Check ==========

[2011/06/13 16:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/06/18 01:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/06/12 18:41:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/06/12 21:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/06/12 13:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Novatel Wireless
[2011/06/26 10:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuestScan
[2011/07/25 16:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/06/12 17:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2011/06/12 17:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2011/06/12 21:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/06/12 21:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meagan\Application Data\AVG10
[2011/08/08 23:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meagan\Application Data\BitTorrent
[2011/07/24 21:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meagan\Application Data\DDMSettings
[2011/07/11 16:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meagan\Application Data\SoMud
[2011/08/08 13:19:27 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/08/08 13:24:47 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========


< End of report >


OTL Extras logfile created on: 8/8/2011 11:47:05 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Meagan\My Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 42.36% Memory free
3.84 Gb Paging File | 2.90 Gb Available in Paging File | 75.48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 408.07 Gb Free Space | 87.61% Space Free | Partition Type: NTFS

Computer Name: MEAGAN-DELL | User Name: Meagan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\SoMud\somud.exe" = C:\Program Files\SoMud\somud.exe:*:Enabled:SoMud - The Ultimate Download and Share Program -- ()
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{071B9AFA-EBE8-4ABF-8F4A-9F92612F517E}" = Broadcom ASF Management Applications
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0BA2A0BA-7F4D-4B7B-AE94-5F0233AC8A5A}" = NTRU Hybrid TSS v2.0.25
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20EAC554-95F9-4926-8D9A-C4FF3EC44C72}" = AVG 2011
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Advanced Control Suite
"{2764CA82-DFB9-4498-AF85-719340BF5305}" = Dell Resource CD
"{2D91C34E-12CC-4B1B-90D5-31DAD47B6F48}" = OZ776 SCR CardBus Windows Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35748B06-FCFC-4700-8285-DAD41689E4FE}" = Broadcom TPM Driver Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{685DEA21-3622-455A-A41B-89557A168DFD}" = Ad-Aware
"{695B13B2-7919-4EC5-8601-092F0D2DE069}" = AVG 2011
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72FECEA1-E87F-4192-89FA-D0FBF92885BB}" = ETS Upgrade
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7A35F91E-1D16-454F-A248-B9B782A2327C}" = Dell Support 3.2.1
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8E7D7400-4F4F-409D-8F8A-43BF1DAC575A}" = TouchChip USB Driver 2.6
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B7F54262-AB66-44B3-88BF-9FC69941B643}" = Broadcom Gigabit Integrated Controller
"{BE40EC9E-9466-4288-916D-C1D6C13F4A40}" = upekmsi
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDD4761A-3D3F-4487-9AAF-7855A36E0D31}" = Wave Infrastructure Installer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{DD41AC25-61B2-4FC9-90AA-672F32139AC3}" = ETS Launch Pad
"{DF62D775-BB7C-4AFA-9CA4-DDA1C4855F28}" = Dell Mobile Broadband Card Utility
"{E6095BEA-8C97-4342-B771-13BB72AC1D88}" = biolsp patch
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6F019F1-DFB6-4853-A87D-6E31624755A9}" = Seagate Manager Installer
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{EDC2B89F-3F72-48EA-B63E-985BC51622E4}" = OZ776 SCR Driver V1.1.4.202
"{EE2EE62C-E27D-486A-AF6D-FA4A06E67476}" = Preboot Manager
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{F1802FA6-54E9-4B24-BD2A-B50866819795}" = EMBASSY Trust Suite by Wave Systems
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG" = AVG 2011
"BitTorrent" = BitTorrent
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"DivX Setup.divx.com" = DivX Setup
"ie8" = Windows Internet Explorer 8
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{2D91C34E-12CC-4B1B-90D5-31DAD47B6F48}" = OZ776 SCR CardBus Windows Driver
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{72FECEA1-E87F-4192-89FA-D0FBF92885BB}" = ETS Upgrade
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{DD41AC25-61B2-4FC9-90AA-672F32139AC3}" = ETS Launch Pad
"InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}" = Seagate Manager Installer
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EDC2B89F-3F72-48EA-B63E-985BC51622E4}" = OZ776 SCR Driver V1.1.4.202
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"MSNINST" = MSN
"SoMud" = SoMud 1.3.3
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/5/2011 1:11:46 PM | Computer Name = MEAGAN-DELL | Source = ESENT | ID = 481
Description = wuauclt (2192) An attempt to read from the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
at offset 127488 (0x000000000001f200) for 512 (0x00000200) bytes failed with system
error 23 (0x00000017): "Data error (cyclic redundancy check). ". The read operation
will fail with error -1022 (0xfffffc02). If this error persists then the file
may be damaged and may need to be restored from a previous backup.

Error - 8/5/2011 1:11:53 PM | Computer Name = MEAGAN-DELL | Source = ESENT | ID = 465
Description = wuauclt (2192) Corruption was detected during soft recovery in logfile
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. The failing checksum record
is located at position END. Data not matching the log-file fill pattern first appeared
in sector 249 (0x000000F9). This logfile has been damaged and is unusable.

Error - 8/5/2011 1:12:47 PM | Computer Name = MEAGAN-DELL | Source = Broadcom ASF IP Monitor | ID = 0
Description = !ERROR 53 Refreshing BMAPI data

Error - 8/5/2011 1:13:34 PM | Computer Name = MEAGAN-DELL | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 8/7/2011 9:36:28 PM | Computer Name = MEAGAN-DELL | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8402.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 8/7/2011 9:38:04 PM | Computer Name = MEAGAN-DELL | Source = Microsoft Security Client | ID = 5000
Description =

Error - 8/7/2011 9:51:08 PM | Computer Name = MEAGAN-DELL | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile,
P4 3.0.8402.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 8/8/2011 12:02:35 AM | Computer Name = MEAGAN-DELL | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0, P2 moaccapability, P3 3.0.8402.0, P4
0, P5 0, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 8/8/2011 2:20:19 PM | Computer Name = MEAGAN-DELL | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile,
P4 3.0.8402.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 8/8/2011 2:53:01 PM | Computer Name = MEAGAN-DELL | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ System Events ]
Error - 8/8/2011 11:18:08 PM | Computer Name = MEAGAN-DELL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 8/8/2011 11:18:08 PM | Computer Name = MEAGAN-DELL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 8/8/2011 11:18:08 PM | Computer Name = MEAGAN-DELL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 8/8/2011 11:18:08 PM | Computer Name = MEAGAN-DELL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 8/8/2011 11:18:17 PM | Computer Name = MEAGAN-DELL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 8/8/2011 11:18:17 PM | Computer Name = MEAGAN-DELL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 8/8/2011 11:18:17 PM | Computer Name = MEAGAN-DELL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 8/8/2011 11:18:17 PM | Computer Name = MEAGAN-DELL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 8/8/2011 11:18:17 PM | Computer Name = MEAGAN-DELL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 8/8/2011 11:19:08 PM | Computer Name = MEAGAN-DELL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.


< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there and sorry for the delay, could I have a fresh look at your system please


  • Run OTL.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

THEN

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0

#3
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Hi,
I ran otl again and have attached the txt log.

OTL logfile created on: 8/13/2011 12:40:41 PM - Run 4
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Meagan\My Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 42.63% Memory free
3.84 Gb Paging File | 2.92 Gb Available in Paging File | 76.16% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 406.79 Gb Free Space | 87.34% Space Free | Partition Type: NTFS

Computer Name: MEAGAN-DELL | User Name: Meagan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/08 23:44:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meagan\My Documents\OTL.exe
PRC - [2011/06/28 06:19:47 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/06/28 06:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/06/27 20:42:50 | 003,888,128 | ---- | M] () -- C:\Program Files\SoMud\somud.exe
PRC - [2011/06/27 17:04:23 | 004,771,184 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2011/06/25 21:59:01 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/21 13:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/05/01 14:35:10 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/20 16:55:46 | 001,228,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/07/20 16:53:52 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/05/10 10:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2006/09/08 08:32:54 | 000,102,400 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
PRC - [2006/09/05 10:09:10 | 000,315,392 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Common\DataServer.exe
PRC - [2006/08/28 21:57:12 | 000,395,776 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2006/08/25 09:45:30 | 000,192,512 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
PRC - [2006/06/12 10:01:14 | 000,180,224 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
PRC - [2005/10/18 17:11:08 | 000,061,440 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2005/10/07 14:13:38 | 000,176,128 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2005/07/27 16:41:08 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2004/06/28 23:56:12 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe


========== Modules (SafeList) ==========

MOD - [2011/08/08 23:44:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meagan\My Documents\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/09/08 08:32:02 | 000,286,720 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll
MOD - [2006/09/08 08:30:44 | 000,004,096 | ---- | M] () -- C:\WINDOWS\system32\detoured.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/06/28 06:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/05/30 11:33:54 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/07/20 16:53:52 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/09/05 10:09:10 | 000,315,392 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Common\DataServer.exe -- (DataSvr2)
SRV - [2006/06/12 10:01:14 | 000,180,224 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2005/10/18 17:11:08 | 000,061,440 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)


========== Driver Services (SafeList) ==========

DRV - [2011/08/13 12:32:19 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{49FDE5F9-F3F0-44FA-BB66-8B67787A72D6}\MpKsl6431a6dd.sys -- (MpKsl6431a6dd)
DRV - [2011/05/25 02:00:36 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/05/25 02:00:36 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2007/12/23 17:18:48 | 000,068,696 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/10/09 19:17:42 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/01/16 10:22:00 | 000,031,744 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\csrbcxp.sys -- (CSRBC)
DRV - [2006/06/13 23:56:34 | 000,155,264 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2006/06/13 12:29:28 | 000,047,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/06/13 11:22:58 | 000,111,232 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2006/06/09 21:40:00 | 000,040,192 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006/05/29 13:11:20 | 000,060,672 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2006/03/16 10:45:12 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2006/03/15 10:52:40 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2006/01/10 11:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/12/09 15:35:00 | 000,018,816 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pbadrv.sys -- (PBADRV)
DRV - [2005/10/26 10:01:02 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/10/03 12:57:00 | 000,086,867 | R--- | M] (CSR) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCOREUSB.sys -- (BCOREUSB)
DRV - [2005/09/28 20:57:18 | 000,113,847 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/07/11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005/05/13 17:27:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2005/01/06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2003/04/24 16:21:50 | 000,006,025 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1844237615-1979792683-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-1844237615-1979792683-725345543-1003\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1844237615-1979792683-725345543-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1844237615-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1844237615-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..keyword.URL: "http://search.avg.co...s&lng=en-US&q="

FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Meagan\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Meagan\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/08/08 22:25:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011/06/12 18:41:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/07/24 21:09:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 21:59:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/10 13:31:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\SoMud\scripts\mozilla [2011/07/08 18:32:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\SoMud\scripts\mozilla [2011/07/08 18:32:14 | 000,000,000 | ---D | M]

[2011/06/12 18:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Meagan\Application Data\Mozilla\Extensions
[2011/08/09 16:45:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Meagan\Application Data\Mozilla\Firefox\Profiles\jfigda3e.default\extensions
[2011/07/10 13:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/10 13:31:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MEAGAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\JFIGDA3E.DEFAULT\EXTENSIONS\{20CC25E2-48C9-45E1-9A1F-1CCC1882B81B}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MEAGAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\JFIGDA3E.DEFAULT\EXTENSIONS\[email protected]
[2011/08/08 22:25:35 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/06/12 18:41:09 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="7.005.030.004" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
[2011/07/10 13:31:06 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/07/08 18:32:14 | 000,000,000 | ---D | M] (SoMud) -- C:\PROGRAM FILES\SOMUD\SCRIPTS\MOZILLA
[2011/06/21 16:13:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/06/25 21:59:01 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/07/10 13:31:05 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/10 20:00:05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1844237615-1979792683-725345543-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKU\S-1-5-21-1844237615-1979792683-725345543-1003..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-1844237615-1979792683-725345543-1003..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-1844237615-1979792683-725345543-1003..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-1844237615-1979792683-725345543-1003..\Run: [SoMud] C:\Program Files\SoMud\somud.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Driver performer.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe (Wave Systems Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1844237615-1979792683-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1844237615-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1844237615-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1844237615-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download Web &Images with SoMud - C:\Program Files\SoMud\scripts\ie\images-url.html ()
O8 - Extra context menu item: Download with SoMud - C:\Program Files\SoMud\scripts\ie\link-url.html ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1307999754500 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\wxvault.dll) - C:\WINDOWS\system32\wxvault.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Meagan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Meagan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/12 12:54:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/08/12 18:55:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/08/10 19:47:50 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/08/10 19:34:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/08/10 19:34:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/08/10 19:34:10 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/08/10 19:34:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/08/10 19:34:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/08/10 19:19:14 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/10 19:19:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Meagan\Start Menu\Programs\Administrative Tools
[2011/08/10 19:11:33 | 004,168,557 | R--- | C] (Swearware) -- C:\Documents and Settings\Meagan\My Documents\PCHelpForum.exe
[2011/08/10 00:40:35 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Meagan\My Documents\aswMBR.exe
[2011/08/10 00:08:03 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Meagan\My Documents\OTL.com
[2011/08/08 23:44:40 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Meagan\My Documents\OTL.exe
[2011/08/08 13:20:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2011/08/08 08:16:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/08/08 08:15:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/08/07 23:55:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Meagan\Recent
[2011/08/07 23:45:06 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/08/07 20:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/08/03 21:53:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2011/08/03 21:53:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meagan\Application Data\Yahoo!
[2011/08/03 21:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/08/03 21:52:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2011/08/03 21:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2011/07/25 16:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate
[2011/07/25 16:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/07/25 16:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/07/25 16:28:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meagan\Local Settings\Application Data\Downloaded Installations
[2011/07/25 16:28:25 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2011/07/24 22:03:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/07/24 22:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/07/24 21:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/07/24 21:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meagan\Application Data\DDMSettings
[2011/07/24 21:08:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/13 12:38:25 | 127,946,322 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/08/13 12:37:19 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/08/13 12:36:40 | 000,441,924 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/13 12:36:40 | 000,071,694 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/13 12:32:57 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/08/13 12:32:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/13 12:32:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/12 21:28:01 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/08/12 20:50:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1979792683-725345543-1003UA.job
[2011/08/12 17:45:11 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/08/12 17:45:11 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/08/10 20:00:05 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/08/10 19:47:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/08/10 19:11:44 | 004,168,557 | R--- | M] (Swearware) -- C:\Documents and Settings\Meagan\My Documents\PCHelpForum.exe
[2011/08/10 00:40:40 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Meagan\My Documents\aswMBR.exe
[2011/08/10 00:08:07 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meagan\My Documents\OTL.com
[2011/08/09 23:06:30 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/08 23:44:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meagan\My Documents\OTL.exe
[2011/08/08 22:25:40 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/08/08 07:50:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1979792683-725345543-1003Core.job
[2011/08/07 23:37:34 | 000,048,588 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\223641_10150288441984265_509789264_7453008_3986667_n.jpg
[2011/08/07 23:36:56 | 000,042,601 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\281897_10150288447024265_509789264_7453020_1816217_n.jpg
[2011/08/07 23:36:52 | 000,045,829 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\215136_10150288446649265_509789264_7453019_3856416_n.jpg
[2011/08/07 23:36:49 | 000,106,198 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\267382_10150288446069265_509789264_7453017_5790860_n.jpg
[2011/08/07 20:38:04 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/08/07 09:29:45 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/03 21:52:44 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\Meagan\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/08/03 21:52:44 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/08/02 19:49:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/08/01 16:23:12 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/07/27 21:43:12 | 000,057,270 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\250020_2277478137640_1269342014_2737789_8130019_n.jpg
[2011/07/27 21:42:32 | 000,061,809 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\262445_2277467857383_1269342014_2737767_5880458_n.jpg
[2011/07/27 21:41:45 | 000,085,469 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\250225_2277465177316_1269342014_2737759_7255675_n.jpg
[2011/07/27 21:02:18 | 000,749,603 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\272017_10150278315005747_578380746_7708130_833920_o.jpg
[2011/07/27 21:02:13 | 000,750,666 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\280039_10150278315250747_578380746_7708131_555676_o.jpg
[2011/07/27 21:02:05 | 000,702,355 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\279859_10150278315555747_578380746_7708132_2183681_o.jpg
[2011/07/27 17:08:26 | 000,063,321 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397479892_1379474034_1466930_4337858_n.jpg
[2011/07/27 17:08:17 | 000,061,903 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397439891_1379474034_1466929_228972_n.jpg
[2011/07/27 17:07:56 | 000,062,373 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397519893_1379474034_1466931_7585644_n.jpg
[2011/07/25 16:34:43 | 000,001,863 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk
[2011/07/24 22:13:43 | 000,000,629 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/07/24 22:07:33 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Meagan\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/07/24 22:03:10 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/07/24 21:08:54 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2011/07/24 11:55:12 | 000,024,221 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\58630_158445954167027_100000048713446_476485_3464465_n.jpg
[2011/07/22 16:19:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/20 21:52:46 | 000,059,527 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\chessecake stuffed strawberries.JPG
[2011/07/20 20:47:48 | 000,046,696 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\285379_1904206721006_1116870019_31624494_6247933_n.jpg
[2011/07/20 20:47:44 | 000,051,117 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\282073_1904206521001_1116870019_31624493_5544336_n.jpg
[2011/07/20 20:46:36 | 000,038,709 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\226565_1742625041565_1116870019_31467196_5150905_n.jpg
[2011/07/20 17:41:54 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Meagan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/19 19:32:09 | 000,067,562 | ---- | M] () -- C:\Documents and Settings\Meagan\My Documents\285119_206173412763445_100001123636060_565013_29608_n.jpg
[2011/07/14 20:46:04 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\Meagan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/10 19:47:57 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/08/10 19:47:54 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/08/10 19:34:10 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/08/10 19:34:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/08/10 19:34:10 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/08/10 19:34:10 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/08/10 19:34:10 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/08/09 23:01:45 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/08/07 23:37:34 | 000,048,588 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\223641_10150288441984265_509789264_7453008_3986667_n.jpg
[2011/08/07 23:36:56 | 000,042,601 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\281897_10150288447024265_509789264_7453020_1816217_n.jpg
[2011/08/07 23:36:52 | 000,045,829 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\215136_10150288446649265_509789264_7453019_3856416_n.jpg
[2011/08/07 23:36:49 | 000,106,198 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\267382_10150288446069265_509789264_7453017_5790860_n.jpg
[2011/08/07 20:41:45 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/08/07 20:38:04 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/08/07 20:36:13 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/08/03 21:52:44 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\Meagan\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/08/03 21:52:44 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/07/27 21:43:12 | 000,057,270 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\250020_2277478137640_1269342014_2737789_8130019_n.jpg
[2011/07/27 21:42:32 | 000,061,809 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\262445_2277467857383_1269342014_2737767_5880458_n.jpg
[2011/07/27 21:41:44 | 000,085,469 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\250225_2277465177316_1269342014_2737759_7255675_n.jpg
[2011/07/27 21:02:17 | 000,749,603 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\272017_10150278315005747_578380746_7708130_833920_o.jpg
[2011/07/27 21:02:12 | 000,750,666 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\280039_10150278315250747_578380746_7708131_555676_o.jpg
[2011/07/27 21:02:04 | 000,702,355 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\279859_10150278315555747_578380746_7708132_2183681_o.jpg
[2011/07/27 17:08:25 | 000,063,321 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397479892_1379474034_1466930_4337858_n.jpg
[2011/07/27 17:08:17 | 000,061,903 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397439891_1379474034_1466929_228972_n.jpg
[2011/07/27 17:07:56 | 000,062,373 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\20165_1321397519893_1379474034_1466931_7585644_n.jpg
[2011/07/25 16:34:43 | 000,001,863 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk
[2011/07/24 22:13:42 | 000,000,629 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/07/24 22:03:10 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/07/24 21:08:54 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2011/07/24 11:55:10 | 000,024,221 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\58630_158445954167027_100000048713446_476485_3464465_n.jpg
[2011/07/22 16:19:52 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/20 21:52:46 | 000,059,527 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\chessecake stuffed strawberries.JPG
[2011/07/20 20:47:46 | 000,046,696 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\285379_1904206721006_1116870019_31624494_6247933_n.jpg
[2011/07/20 20:47:42 | 000,051,117 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\282073_1904206521001_1116870019_31624493_5544336_n.jpg
[2011/07/20 20:46:35 | 000,038,709 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\226565_1742625041565_1116870019_31467196_5150905_n.jpg
[2011/07/19 19:32:07 | 000,067,562 | ---- | C] () -- C:\Documents and Settings\Meagan\My Documents\285119_206173412763445_100001123636060_565013_29608_n.jpg
[2011/06/19 11:43:44 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Meagan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/18 01:26:26 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/06/16 16:05:43 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/06/16 16:05:43 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/06/13 16:40:48 | 000,012,736 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/06/12 18:29:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/06/12 17:03:24 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2011/06/12 17:03:24 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2011/06/12 17:03:03 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Meagan\Local Settings\Application Data\fusioncache.dat
[2011/06/12 14:20:13 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/06/12 14:18:28 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2011/06/12 14:18:26 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2011/06/12 14:18:26 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2011/06/12 12:58:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/06/12 12:50:25 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/06/12 07:42:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/06/12 07:41:27 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/09/12 12:07:36 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2006/09/12 12:01:48 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2006/09/12 12:01:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2006/09/12 12:01:34 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2006/09/12 12:01:28 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2006/09/12 12:01:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2006/09/12 12:01:12 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2006/09/12 12:01:06 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2006/09/12 12:00:58 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2006/09/12 12:00:52 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2006/09/12 12:00:44 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2006/09/08 08:32:02 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2006/09/08 08:30:44 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\detoured.dll
[2006/09/05 10:05:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_en.dll
[2006/09/05 09:26:06 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2006/09/05 09:25:54 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2006/09/05 09:25:42 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2006/09/05 09:25:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2006/09/05 09:25:20 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2006/09/05 09:25:10 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2006/09/05 09:24:58 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2006/09/05 09:24:48 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2006/09/05 09:24:36 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2006/09/05 09:24:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_RUS.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ITA.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_FRA.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ESN.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ENU.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_DEU.dll
[2006/06/12 10:01:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_CHS.dll
[2006/06/12 10:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\Tsp.dll
[2005/12/01 14:41:20 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2005/09/20 13:36:06 | 000,798,720 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2005/09/01 21:44:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2005/03/21 18:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 18:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/01/21 12:02:28 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2004/08/04 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 05:00:00 | 000,441,924 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 05:00:00 | 000,071,694 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/21 15:03:14 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/07/20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/07/20 14:27:52 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/03/18 18:01:20 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2004/01/15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll

========== LOP Check ==========

[2011/06/13 16:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/06/18 01:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/06/12 18:41:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/06/12 21:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/06/12 13:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Novatel Wireless
[2011/07/25 16:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/06/12 17:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2011/06/12 17:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2011/06/12 21:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/06/12 21:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meagan\Application Data\AVG10
[2011/08/13 12:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meagan\Application Data\BitTorrent
[2011/07/24 21:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meagan\Application Data\DDMSettings
[2011/07/11 16:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meagan\Application Data\SoMud
[2011/08/13 12:32:57 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/08/13 12:37:19 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2011/08/08 08:23:43 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2011/08/08 08:23:43 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< End of report >

and here is the aswMBR log also

aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-13 12:52:34
-----------------------------
12:52:34.718 OS Version: Windows 5.1.2600 Service Pack 3
12:52:34.718 Number of processors: 2 586 0xF02
12:52:34.718 ComputerName: MEAGAN-DELL UserName: Meagan
12:52:36.078 Initialize success
12:53:12.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
12:53:12.343 Disk 0 Vendor: WDC_WD5000BPKT-00PK4T0 01.01A01 Size: 476940MB BusType: 3
12:53:14.359 Disk 0 MBR read successfully
12:53:14.359 Disk 0 MBR scan
12:53:14.359 Disk 0 Windows XP default MBR code
12:53:14.359 Disk 0 scanning sectors +976768065
12:53:14.453 Disk 0 scanning C:\WINDOWS\system32\drivers
12:53:22.015 Service scanning
12:53:22.421 Service MpKsl6431a6dd c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{49FDE5F9-F3F0-44FA-BB66-8B67787A72D6}\MpKsl6431a6dd.sys **LOCKED** 32
12:53:23.015 Modules scanning
12:53:26.953 Disk 0 trace - called modules:
12:53:26.953 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
12:53:26.953 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a64b030]
12:53:26.968 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000082[0x8a6f80c0]
12:53:27.312 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a6f4d98]
12:53:27.312 Scan finished successfully
12:54:38.703 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Meagan\My Documents\MBR.dat"
12:54:38.703 The log file has been saved successfully to "C:\Documents and Settings\Meagan\My Documents\aswMBR.txt"
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmmm intriguing, no apparent sign of malware

Could you go to this page and run chkdsk as described there
  • 0

#5
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Thanks, That worked. Looks lke the popup is gone.
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :yes:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :)

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself. We will now confirm that your hidden files are set to that, as some of the tools I use will change that

  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

SPRING CLEAN

Download and run Puran Disc Defragmenter
For the first run I would recommend a boot defrag and disk check
Posted Image

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :unsure:
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP