[zigzag215]

Hi,

Thanks for your help in advance. Currently the computer is quite slow, there is a black screen that comes up sometimes and the computer mouse is being moved on it's own. This is happening with three laptops. I will post logs from the other two aswell. I'm not sure what it is that's wrong with the computer but the anti virus programmes don't seem to be picking anything up.

Attached is the OTL log for the first computer.

Thanks!  OTL.Txt   81.61KB   90 downloads

OTL logfile created on: 21/04/2012 08:54:08 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Raneem\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

1013.00 Mb Total Physical Memory | 144.43 Mb Available Physical Memory | 14.26% Memory free
2.19 Gb Paging File | 1.01 Gb Available in Paging File | 46.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225.77 Gb Total Space | 188.03 Gb Free Space | 83.28% Space Free | Partition Type: NTFS

Computer Name: RANEEM-VAIO | User Name: Raneem | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/21 08:40:49 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Raneem\Downloads\OTL.exe
PRC - [2012/03/05 17:40:34 | 000,918,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012/03/05 17:40:17 | 000,982,880 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/01/31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012/01/17 21:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/09/08 21:19:40 | 000,038,408 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2011/09/08 21:19:40 | 000,034,320 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2011/08/18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/08/06 13:44:17 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/05/23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:06 | 001,088,864 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgscanx.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 13:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
PRC - [2010/11/20 13:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2010/09/02 15:23:28 | 001,638,400 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2010/03/08 11:04:04 | 001,865,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
PRC - [2010/03/08 11:04:04 | 000,696,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/30 19:19:58 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/11/30 19:19:58 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/10/30 09:50:30 | 001,312,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- c:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/10/24 03:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009/10/21 04:49:54 | 000,029,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
PRC - [2009/10/02 23:34:42 | 000,015,216 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
PRC - [2009/09/14 19:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/09/14 18:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009/09/04 12:43:40 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/09/04 12:43:38 | 002,360,608 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2009/09/04 12:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/08/26 19:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/12 03:46:57 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c2c7f68605a42caef1b7a19c51de58b4\System.ServiceProcess.ni.dll
MOD - [2012/04/12 03:42:29 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll
MOD - [2012/04/12 03:41:57 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll
MOD - [2012/03/05 17:40:17 | 000,982,880 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/02/25 05:12:17 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/25 05:11:56 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/25 05:11:50 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011/10/14 03:43:33 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
MOD - [2009/02/27 13:56:34 | 000,016,768 | ---- | M] () -- c:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2009/02/27 13:52:56 | 000,258,048 | ---- | M] () -- c:\Program Files\Adobe\Reader 9.0\Reader\sqlite.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/03/05 17:40:34 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012/02/15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/11/10 14:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/08 21:19:40 | 000,034,320 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/08 11:04:04 | 000,696,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/16 19:11:44 | 000,513,392 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2009/11/30 19:19:58 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/10/30 09:50:32 | 000,669,040 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/10/15 16:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/10/15 16:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/10/15 16:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/10/15 16:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/10/15 16:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/09/16 23:28:42 | 000,122,880 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector) Intel®
SRV - [2009/09/16 13:27:12 | 000,480,624 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009/09/14 19:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/09/14 19:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/09/14 18:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/09/08 18:09:14 | 000,083,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009/09/04 12:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/09/01 21:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/10/01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011/05/27 19:05:32 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/02/19 21:28:10 | 000,130,672 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009/12/28 06:55:35 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2009/12/17 04:13:01 | 000,092,272 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME)
DRV - [2009/12/01 21:16:52 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15430
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2011-12-12 16:36:58&v=9.0.0.18&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{971235EF-1497-4E02-A472-904CA1135762}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\..\SearchScopes\{B4CF6E8A-FDCD-4A9A-9275-4911157FAF9F}: "URL" = http://uk.shopping.c...nkin_id=8056359
IE - HKCU\..\SearchScopes\{C7F41841-8DB5-4BD3-90BD-15079193F9F8}: "URL" = http://www.zinio.com...f=sonyie8search
IE - HKCU\..\SearchScopes\{EEC8ED78-84A6-4648-AC87-7AA35C1D22CC}: "URL" = http://websearch.ask...BA-9F639C6E6DB9
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Stardoll Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ie/"
FF - prefs.js..keyword.URL: "http://www.google.co...-8&oe=UTF-8&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Raneem\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Raneem\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Raneem\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Raneem\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Raneem\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/02/22 20:21:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin [2011/09/08 21:19:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012/03/05 17:41:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/01 13:41:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/06 14:23:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Raneem\AppData\Roaming\mozilla\Extensions
[2012/04/17 20:51:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Raneem\AppData\Roaming\mozilla\Firefox\Profiles\ihelvj7u.default\extensions
[2012/04/17 20:51:48 | 000,000,000 | ---D | M] (Stardoll Community Toolbar) -- C:\Users\Raneem\AppData\Roaming\mozilla\Firefox\Profiles\ihelvj7u.default\extensions\{192a6019-26d2-4611-aead-07cd7733b146}
[2011/08/25 00:21:34 | 000,002,395 | ---- | M] () -- C:\Users\Raneem\AppData\Roaming\Mozilla\Firefox\Profiles\ihelvj7u.default\searchplugins\askcom.xml
[2011/07/24 15:36:10 | 000,000,919 | ---- | M] () -- C:\Users\Raneem\AppData\Roaming\Mozilla\Firefox\Profiles\ihelvj7u.default\searchplugins\conduit.xml
[2012/02/25 02:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/25 02:05:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/02/22 20:21:43 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/10/01 13:41:00 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/03/05 17:40:15 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Raneem\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Raneem\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Raneem\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U16 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Raneem\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Raneem\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Raneem\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Raneem\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: Mr. Bounce = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajfdmocmkakkkbgcoifcenchgkokpecl\1.0.52_0\
CHR - Extension: Angry Birds = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Word Search = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\
CHR - Extension: Word Search = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\~
CHR - Extension: Rebecca Taylor = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahpkkfpjpdcfdkbpeoibdhfadicnhdj\3_0\
CHR - Extension: Domino = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpaokkldflapbciabjoennikoikkblih\4.0_0\
CHR - Extension: AVG Safe Search = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: Tiny Balls = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaiflebloonfmcndeohafmphnandedlf\1.51_0\
CHR - Extension: Green Farm = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbgdenhobifcbckaiohandoodkepleif\2.1.7.8_0\
CHR - Extension: Sketchpad = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp\1.0.0.1_0\
CHR - Extension: Picasa = C:\Users\Raneem\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\Raneem\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil11g_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A320548F-FCC8-457B-B981-CD3911954F4F}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/08 11:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/04/08 11:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012/04/08 11:44:57 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2012/03/23 22:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/21 08:41:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2472926003-435214464-2033112704-1000UA.job
[2012/04/21 08:36:10 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2472926003-435214464-2033112704-1000UA.job
[2012/04/21 08:35:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/21 00:12:35 | 726,200,320 | ---- | M] () -- C:\Users\Raneem\Desktop\We Bought A Zoo [2011][PART 2].avi
[2012/04/21 00:12:21 | 728,014,848 | ---- | M] () -- C:\Users\Raneem\Desktop\We Bought A Zoo [2011][PART 1].avi
[2012/04/20 17:01:43 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2472926003-435214464-2033112704-1000Core.job
[2012/04/20 16:56:02 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2472926003-435214464-2033112704-1000Core.job
[2012/04/20 09:48:05 | 095,695,681 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/04/17 18:31:27 | 000,353,660 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/04/16 20:19:46 | 000,628,904 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/16 20:19:46 | 000,110,798 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/04/16 18:25:34 | 000,009,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/16 18:25:34 | 000,009,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/16 18:17:09 | 796,655,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/15 21:47:30 | 000,002,364 | ---- | M] () -- C:\Users\Raneem\Desktop\Google Chrome.lnk
[2012/04/09 15:58:38 | 000,332,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/03/24 09:15:20 | 000,551,655 | ---- | M] () -- C:\Users\Raneem\Documents\IMAG_0011.jpg
[2012/03/23 22:07:21 | 000,001,810 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012/03/23 22:07:18 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/20 23:39:46 | 726,200,320 | ---- | C] () -- C:\Users\Raneem\Desktop\We Bought A Zoo [2011][PART 2].avi
[2012/04/20 23:39:19 | 728,014,848 | ---- | C] () -- C:\Users\Raneem\Desktop\We Bought A Zoo [2011][PART 1].avi
[2012/03/24 09:23:26 | 000,551,655 | ---- | C] () -- C:\Users\Raneem\Documents\IMAG_0011.jpg
[2012/03/24 09:23:26 | 000,375,752 | ---- | C] () -- C:\Users\Raneem\Documents\IMAG_0022.jpg
[2011/08/06 13:42:26 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2011/08/06 13:28:19 | 000,002,119 | ---- | C] () -- C:\Windows\System32\McOEMAppRules.dat
[2010/06/29 07:22:58 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat

========== LOP Check ==========

[2012/02/22 21:06:55 | 000,000,000 | ---D | M] -- C:\Users\Raneem\AppData\Roaming\Auslogics
[2011/08/06 14:41:37 | 000,000,000 | ---D | M] -- C:\Users\Raneem\AppData\Roaming\AVG10
[2012/03/21 01:18:04 | 000,000,000 | ---D | M] -- C:\Users\Raneem\AppData\Roaming\SoftGrid Client
[2011/09/11 22:17:06 | 000,000,000 | ---D | M] -- C:\Users\Raneem\AppData\Roaming\TP
[2011/08/25 01:20:39 | 000,000,000 | ---D | M] -- C:\Users\Raneem\AppData\Roaming\WCMShare
[2011/08/25 00:14:51 | 000,000,000 | ---D | M] -- C:\Users\Raneem\AppData\Roaming\WebcamMax
[2012/04/20 16:56:02 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472926003-435214464-2033112704-1000Core.job
[2012/04/21 08:36:10 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472926003-435214464-2033112704-1000UA.job
[2009/07/14 05:53:46 | 000,029,392 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:4673E9EA

< End of report >

[Advertisements]

Hi zigzag215, welcome to Geeks to Go. My name is blmadara and I will be helping you with your problems. Please be patient with me as I am still in training and my responses will have to be reviewed by an expert before I can post them.

I'd like to go over some things that will help both of us.

• Read each of my posts entirely before performing my instructions. It would be helpful if you printed my instructions so you can read and check the steps as you perform them.
• Follow the steps exactly in the order posted.
• Please don't be afraid to ask questions. If you don't understand something, let me know before continuing.
• If you can't perform a certain step, or you're unsure about what to do, please stop and let me know.
• It is very important that you stay with me until the end so we make sure that we have removed all the bad stuff.
• Please don't attach any logs to your posts unless I request it. It is easier for me if you copy and paste the logs into your reply.
• Finally, never fix anything using other programs on your own. This can hinder my ability to see what is wrong with your computer and make it harder to clean your computer.

We'll work on this computer first and then tackle the other 2 when this one is clean.

Step One: Run OTL Custom Scan

Since it's been a few days since your scan, we'll need to get a new one.

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  consrv.dll
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  C:\Windows\assembly\tmp\U\*.* /s
  %Temp%\smtmp\1\*.*
  %Temp%\smtmp\2\*.*
  %Temp%\smtmp\3\*.*
  %Temp%\smtmp\4\*.*
  >C:\commands.txt echo list vol /raw /hide /c
  /wait
  >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
  /wait
  type c:\diskreport.txt /c
  /wait
  erase c:\commands.txt /hide /c
  /wait
  erase c:\diskreport.txt /hide /c
  CREATERESTOREPOINT
  

• Please select the Scan All Users checkbox.
• Change the File Age dropdown list from 30 days to 60 days.
• Under Extra Registry heading, select Use Safelist.
• Select LOP Check and Purity Check.
• Then click the Run Scan button at the top
• Let the program run unhindered, until it is done
• Post the log it produces in your next reply.

Step Two: Run aswMBR

Download aswMBR.exe to your desktop.

• Double click aswMBR.exe to run it.
• When asked if you want to download Avast's virus definitions please select, No.
• Click Scan to start the scan.
  
  
• When the scan ends click Save Log and save it to your desktop.
  
  
• Post the log in your next reply.

What I need in your next post:
1. The reports from the OTL scan, OTL.txt and Extras.txt.
2. The log produced by aswMBR.exe.

[blmadara]

Hi zigzag215, welcome to Geeks to Go. My name is blmadara and I will be helping you with your problems. Please be patient with me as I am still in training and my responses will have to be reviewed by an expert before I can post them.

I'd like to go over some things that will help both of us.

• Read each of my posts entirely before performing my instructions. It would be helpful if you printed my instructions so you can read and check the steps as you perform them.
• Follow the steps exactly in the order posted.
• Please don't be afraid to ask questions. If you don't understand something, let me know before continuing.
• If you can't perform a certain step, or you're unsure about what to do, please stop and let me know.
• It is very important that you stay with me until the end so we make sure that we have removed all the bad stuff.
• Please don't attach any logs to your posts unless I request it. It is easier for me if you copy and paste the logs into your reply.
• Finally, never fix anything using other programs on your own. This can hinder my ability to see what is wrong with your computer and make it harder to clean your computer.

We'll work on this computer first and then tackle the other 2 when this one is clean.

Step One: Run OTL Custom Scan

Since it's been a few days since your scan, we'll need to get a new one.

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  consrv.dll
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  C:\Windows\assembly\tmp\U\*.* /s
  %Temp%\smtmp\1\*.*
  %Temp%\smtmp\2\*.*
  %Temp%\smtmp\3\*.*
  %Temp%\smtmp\4\*.*
  >C:\commands.txt echo list vol /raw /hide /c
  /wait
  >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
  /wait
  type c:\diskreport.txt /c
  /wait
  erase c:\commands.txt /hide /c
  /wait
  erase c:\diskreport.txt /hide /c
  CREATERESTOREPOINT
  

• Please select the Scan All Users checkbox.
• Change the File Age dropdown list from 30 days to 60 days.
• Under Extra Registry heading, select Use Safelist.
• Select LOP Check and Purity Check.
• Then click the Run Scan button at the top
• Let the program run unhindered, until it is done
• Post the log it produces in your next reply.

Step Two: Run aswMBR

Download aswMBR.exe to your desktop.

• Double click aswMBR.exe to run it.
• When asked if you want to download Avast's virus definitions please select, No.
• Click Scan to start the scan.
  
  
• When the scan ends click Save Log and save it to your desktop.
  
  
• Post the log in your next reply.

What I need in your next post:
1. The reports from the OTL scan, OTL.txt and Extras.txt.
2. The log produced by aswMBR.exe.

[Essexboy]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.