Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

No sound control, EXE files going MIA

Started by JediSolo , Aug 18 2012 06:05 AM

  • Please log in to reply

#1
JediSolo
Posted 18 August 2012 - 06:05 AM

JediSolo

    New Member

  • Member
  • Pip
  • 6 posts
I’ve come to you guys in the past and you always seem to be able to bail me out. I could really use some help again.
The first thing I noticed going wrong on my computer was that my sound would stop working on media file/you tube. It would still work though when it came to system warnings and shutting down. If I restart my computer, the sound would be restarted as well. However as soon as it would hibernate the issue would return. The graphics on my computer will also randomly return to a much older looking version of Windows. I have run Malwarebytes, which didn’t come up with anything. I ran SUPERantispyware with out upgrading, it removed many cookies. I downloaded AVG free, replacing an old version of Trend Micro that had long since quit working. It detected a few issues and removed them. A new problem developed. Again it would occur after the computer would hibernate. It wouldn’t allow me to get on the internet. Last night I upgraded SUPERantispyware and ran it. I’m no longer having issues getting on the internet after hibernating, but I am back to not having sound after hibernating. I also do not have control over my sound through quick keys on my keyboard even on the restart. The biggest thing that developed after this scan though was that some of the .EXE files won’t work with out searching for the files the shortcuts belong to. I can fix that with a fix from doug knox, but the issue comes right back on the restart. I’ve tried several times to do a system restore, but that never does anything.

Thanks in advance!


OTL logfile created on: 8/18/2012 7:35:47 AM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\MZ\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.29 Gb Available Physical Memory | 64.92% Memory free
3.33 Gb Paging File | 2.72 Gb Available in Paging File | 81.61% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 79.99 Gb Total Space | 48.09 Gb Free Space | 60.12% Space Free | Partition Type: NTFS
Drive D: | 61.20 Gb Total Space | 60.04 Gb Free Space | 98.11% Space Free | Partition Type: NTFS

Computer Name: MINI-SPIKE | User Name: MZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/18 07:34:53 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MZ\Desktop\OTL.exe
PRC - [2012/08/18 00:12:10 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/08/17 17:50:39 | 000,927,840 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/17 17:50:39 | 000,927,840 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/18 00:12:10 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/08/17 17:50:39 | 000,927,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe -- (vToolbarUpdater12.2.0)
SRV - [2012/07/19 14:13:08 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/17 13:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\MZ\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/08/18 00:12:04 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2012/08/18 00:12:03 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2012/08/17 17:50:42 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2010/05/31 20:32:58 | 000,385,880 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/05/31 20:32:58 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2008/09/24 02:15:00 | 000,038,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008/09/18 20:44:38 | 001,326,528 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/09/18 19:48:58 | 004,816,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/04/14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/08 16:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2008/03/28 20:38:16 | 000,625,024 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2007/05/03 07:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006/09/12 22:21:46 | 000,292,864 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2006/08/22 00:38:46 | 000,007,168 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=23-06-2010
IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{06b741de-b95c-4d31-884d-b865f7e07774}: "URL" = http://slirsredirect...u10aiminstabie7
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=23-06-2010
IE - HKCU\..\SearchScopes\{147C0D11-E950-4AE8-9523-F43460E5406A}: "URL" = http://search.yahoo....f-8&fr=chr-yie8
IE - HKCU\..\SearchScopes\{5EB98DD3-F76E-4AC8-B2A2-ED0CA08120FC}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\..\SearchScopes\{63398B93-4AF3-4D60-A942-89AB64819465}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....fr&d=2012-08-17 17:50:45&v=12.2.0.5&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKCU\..\SearchScopes\{CB962DD8-3088-4E3E-B8A6-16E6BEB1252F}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{E7292B3E-6528-4048-A7B7-9A8889E448D7}: "URL" = http://delicious.com...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.5491
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 50370
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@ksolo.com/AVX: C:\Program Files\kSolo\npAVX.dll (kSolo, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\MZ\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\MZ\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\MZ\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1628FC84-19F5-4756-B471-3B03E3770F2A}: C:\Documents and Settings\MZ\Local Settings\Application Data\{1628FC84-19F5-4756-B471-3B03E3770F2A} [2011/07/22 21:35:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/17 17:48:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\12.2.0.5\ [2012/08/17 17:51:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/06 17:27:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/16 09:45:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\MZ\Application Data\Move Networks [2010/04/14 14:38:40 | 000,000,000 | ---D | M]

[2009/12/08 23:05:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MZ\Application Data\Mozilla\Extensions
[2012/05/14 23:12:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MZ\Application Data\Mozilla\Firefox\Profiles\0ezbu7dw.default\extensions
[2012/05/14 23:12:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MZ\Application Data\Mozilla\Firefox\Profiles\0ezbu7dw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/04 23:35:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\MZ\Application Data\Mozilla\Firefox\Profiles\0ezbu7dw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/06/22 23:06:29 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Documents and Settings\MZ\Application Data\Mozilla\Firefox\Profiles\0ezbu7dw.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2012/04/23 17:43:02 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Documents and Settings\MZ\Application Data\Mozilla\Firefox\Profiles\0ezbu7dw.default\extensions\ChoiceGuard@Microsoft
[2012/05/14 23:12:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MZ\Application Data\Mozilla\Firefox\Profiles\0ezbu7dw.default\extensions\staged-xpis
[2010/06/22 23:05:47 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\MZ\Application Data\Mozilla\Firefox\Profiles\0ezbu7dw.default\searchplugins\AIM Search.xml
[2010/08/07 20:09:54 | 000,002,351 | ---- | M] () -- C:\Documents and Settings\MZ\Application Data\Mozilla\Firefox\Profiles\0ezbu7dw.default\searchplugins\aol-search.xml
[2012/05/14 23:13:12 | 000,001,827 | ---- | M] () -- C:\Documents and Settings\MZ\Application Data\Mozilla\Firefox\Profiles\0ezbu7dw.default\searchplugins\bing.xml
[2012/05/14 23:12:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\MZ\Application Data\Mozilla\Firefox\Profiles\0ezbu7dw.default\searchplugins\yahoo.xml
[2010/02/06 00:01:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/06 01:56:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
[2010/04/14 14:38:40 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\MZ\APPLICATION DATA\MOVE NETWORKS
[2009/06/08 14:58:59 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/08/17 17:50:33 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2010/02/06 00:01:03 | 000,003,803 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MyHeritage.xml

O1 HOSTS File: ([2010/09/01 17:40:15 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCTRL.EXE (ELANTECH Devices Corp.)
O4 - HKLM..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDECT.EXE (ELANTECH Devices Corp.)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [AIM] C:\Program Files\AIM7\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Add to Wish List - {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files\Amazon\Add to Wish List IE Extension\run.htm ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.systemreq...sreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.sy...eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl.sun.co...?BundleId=29223 (Java Plug-in 1.6.0_13)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D49800E4-5B93-4292-B588-FFD3EADF198E}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll ()
O18 - Protocol\Filter\application/xhtml+xml {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\crypt32chain: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\cryptnet: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\cscdll: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\dimsntfy: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\Schedule: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\sclgntfy: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\SensLogn: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\termsrv: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\wlballoon: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\MZ\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\MZ\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/09 10:50:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{31b34961-e36c-11de-b2f0-00224380e558}\Shell - "" = AutoRun
O33 - MountPoints2\{31b34961-e36c-11de-b2f0-00224380e558}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{31b34961-e36c-11de-b2f0-00224380e558}\Shell\AutoRun\command - "" = E:\start.exe
O33 - MountPoints2\{8f4d8db2-e7b4-11e0-b375-00248c880b6c}\Shell - "" = AutoRun
O33 - MountPoints2\{8f4d8db2-e7b4-11e0-b375-00248c880b6c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8f4d8db2-e7b4-11e0-b375-00248c880b6c}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/18 07:35:16 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\MZ\Desktop\OTL.exe
[2012/08/17 17:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MZ\Application Data\AVG2012
[2012/08/17 17:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2012/08/17 17:51:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MZ\Local Settings\Application Data\AVG Secure Search
[2012/08/17 17:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/08/17 17:50:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MZ\Application Data\AVG Secure Search
[2012/08/17 17:50:42 | 000,027,496 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012/08/17 17:50:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/08/17 17:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/08/17 17:48:18 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/08/17 17:48:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/08/17 17:48:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012/08/17 17:47:04 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/08/17 17:33:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MZ\My Documents\32bit
[2012/08/17 15:50:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/07/20 01:13:17 | 000,000,000 | ---D | C] -- C:\e
[2012/07/20 01:13:13 | 000,000,000 | ---D | C] -- C:\Data
[2012/07/19 14:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2008/12/09 17:39:49 | 015,523,560 | ---- | C] (Macrovision Corporation) -- C:\Program Files\U1 Setup.exe
[1 C:\Documents and Settings\MZ\*.tmp files -> C:\Documents and Settings\MZ\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2100/12/31 01:00:00 | 015,800,703 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\CLIP1179.ASF
[2100/12/31 00:00:00 | 006,064,821 | ---- | M] () -- C:\Documents and Settings\MZ\Desktop\CLIP1144.ASF
[2100/12/31 00:00:00 | 002,228,319 | ---- | M] () -- C:\Documents and Settings\MZ\My Documents\CLIP1002.ASF
[2012/08/18 07:56:09 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/08/18 07:53:00 | 000,030,908 | ---- | M] () -- C:\Documents and Settings\MZ\Application Data\wklnhst.dat
[2012/08/18 07:52:59 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\MZ\Desktop\PC troubles.wps
[2012/08/18 07:34:53 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MZ\Desktop\OTL.exe
[2012/08/18 07:33:17 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/18 07:28:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/18 01:26:11 | 000,001,568 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/08/18 01:25:56 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/18 01:25:10 | 000,001,694 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2012/08/18 01:19:16 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\MZ\Desktop\HiJackThis.lnk
[2012/08/17 20:19:52 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\MZ\My Documents\future.wps
[2012/08/17 18:07:35 | 065,592,474 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/08/17 17:58:19 | 000,027,520 | ---- | M] () -- C:\Documents and Settings\MZ\Local Settings\Application Data\dt.dat
[2012/08/17 17:50:42 | 000,027,496 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012/08/16 16:04:07 | 000,819,712 | ---- | M] () -- C:\Documents and Settings\MZ\My Documents\fifth.wps
[2012/08/15 09:47:49 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\MZ\My Documents\Coming Home People.wps
[2012/08/15 09:47:39 | 000,414,720 | ---- | M] () -- C:\Documents and Settings\MZ\My Documents\Coming Home.wps
[2012/08/10 11:13:53 | 000,061,952 | ---- | M] () -- C:\Documents and Settings\MZ\My Documents\Serial Killer.wps
[2012/07/31 07:17:32 | 000,144,717 | ---- | M] () -- C:\Documents and Settings\MZ\My Documents\leaf_cutter_ant.jpg
[2012/07/24 14:23:45 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\MZ\My Documents\Personal Journal.wps
[2012/07/20 01:13:45 | 000,000,277 | ---- | M] () -- C:\mov_1.gif
[2012/07/20 01:13:45 | 000,000,274 | ---- | M] () -- C:\trav_1.gif
[2012/07/20 01:13:45 | 000,000,240 | ---- | M] () -- C:\srch_site_1.gif
[2012/07/20 01:13:44 | 000,000,380 | ---- | M] () -- C:\edu.bmp
[2012/07/20 01:13:44 | 000,000,304 | ---- | M] () -- C:\dir.bmp
[2012/07/20 01:13:44 | 000,000,284 | ---- | M] () -- C:\srch_map_1.gif
[2012/07/20 01:13:44 | 000,000,279 | ---- | M] () -- C:\hj_1.gif
[2012/07/20 01:13:44 | 000,000,273 | ---- | M] () -- C:\srch_stk_1.gif
[2012/07/20 01:13:44 | 000,000,268 | ---- | M] () -- C:\ab_1.gif
[2012/07/20 01:13:44 | 000,000,265 | ---- | M] () -- C:\srch_ans_1.gif
[2012/07/20 01:13:44 | 000,000,138 | ---- | M] () -- C:\flk2.gif
[2012/07/20 01:13:44 | 000,000,121 | ---- | M] () -- C:\srch_nws_1.gif
[2012/07/20 01:13:44 | 000,000,113 | ---- | M] () -- C:\srch_aud_1.gif
[2012/07/20 01:13:44 | 000,000,103 | ---- | M] () -- C:\del_1.gif
[2012/07/20 01:13:43 | 000,000,123 | ---- | M] () -- C:\srch_sh_1.gif
[2012/07/20 01:13:39 | 000,000,131 | ---- | M] () -- C:\srch_loc_1.gif
[2012/07/20 01:13:38 | 000,000,112 | ---- | M] () -- C:\srch_vid_1.gif
[2012/07/20 01:13:38 | 000,000,112 | ---- | M] () -- C:\srch_img_1.gif
[2012/07/20 01:13:37 | 000,000,235 | ---- | M] () -- C:\srch_1.gif
[2012/07/20 01:07:08 | 000,226,304 | ---- | M] () -- C:\Documents and Settings\MZ\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/19 14:11:02 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\MZ\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[1 C:\Documents and Settings\MZ\*.tmp files -> C:\Documents and Settings\MZ\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/17 18:07:35 | 065,592,474 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/08/17 17:58:19 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\MZ\Local Settings\Application Data\dt.dat
[2012/08/17 17:51:17 | 000,001,568 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/08/16 17:31:25 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\MZ\My Documents\future.wps
[2012/08/10 11:13:53 | 000,061,952 | ---- | C] () -- C:\Documents and Settings\MZ\My Documents\Serial Killer.wps
[2012/07/31 07:18:50 | 000,144,717 | ---- | C] () -- C:\Documents and Settings\MZ\My Documents\leaf_cutter_ant.jpg
[2012/07/24 14:23:44 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\MZ\My Documents\Personal Journal.wps
[2012/07/20 01:13:45 | 000,000,277 | ---- | C] () -- C:\mov_1.gif
[2012/07/20 01:13:45 | 000,000,274 | ---- | C] () -- C:\trav_1.gif
[2012/07/20 01:13:45 | 000,000,240 | ---- | C] () -- C:\srch_site_1.gif
[2012/07/20 01:13:44 | 000,000,380 | ---- | C] () -- C:\edu.bmp
[2012/07/20 01:13:44 | 000,000,304 | ---- | C] () -- C:\dir.bmp
[2012/07/20 01:13:44 | 000,000,284 | ---- | C] () -- C:\srch_map_1.gif
[2012/07/20 01:13:44 | 000,000,279 | ---- | C] () -- C:\hj_1.gif
[2012/07/20 01:13:44 | 000,000,273 | ---- | C] () -- C:\srch_stk_1.gif
[2012/07/20 01:13:44 | 000,000,268 | ---- | C] () -- C:\ab_1.gif
[2012/07/20 01:13:44 | 000,000,265 | ---- | C] () -- C:\srch_ans_1.gif
[2012/07/20 01:13:44 | 000,000,138 | ---- | C] () -- C:\flk2.gif
[2012/07/20 01:13:44 | 000,000,121 | ---- | C] () -- C:\srch_nws_1.gif
[2012/07/20 01:13:44 | 000,000,113 | ---- | C] () -- C:\srch_aud_1.gif
[2012/07/20 01:13:44 | 000,000,103 | ---- | C] () -- C:\del_1.gif
[2012/07/20 01:13:43 | 000,000,123 | ---- | C] () -- C:\srch_sh_1.gif
[2012/07/20 01:13:39 | 000,000,131 | ---- | C] () -- C:\srch_loc_1.gif
[2012/07/20 01:13:38 | 000,000,112 | ---- | C] () -- C:\srch_vid_1.gif
[2012/07/20 01:13:38 | 000,000,112 | ---- | C] () -- C:\srch_img_1.gif
[2012/07/20 01:13:37 | 000,000,235 | ---- | C] () -- C:\srch_1.gif
[2012/07/19 14:13:10 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/19 14:11:02 | 000,001,694 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2012/07/19 14:11:02 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\MZ\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/02/15 23:14:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/25 16:42:18 | 000,000,398 | ---- | C] () -- C:\WINDOWS\AudioConverter.INI
[2011/09/25 16:40:25 | 000,000,031 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\aceg.ini
[2011/07/22 17:27:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2010/10/31 23:45:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Cyikah.bin
[2010/10/31 23:45:27 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Mkunuwamoheyev.dat
[2010/09/22 17:59:31 | 000,683,801 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2010/09/22 17:59:31 | 000,001,067 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2010/08/24 14:33:20 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/08/24 14:33:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/08/24 14:33:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/08/24 14:33:20 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/08/24 14:33:20 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/23 19:38:57 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/28 07:30:16 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\MZ\Local Settings\Application Data\housecall.guid.cache
[2010/03/02 00:16:41 | 000,012,350 | -HS- | C] () -- C:\Documents and Settings\MZ\Local Settings\Application Data\RYWytq56AV
[2009/06/05 19:52:09 | 000,226,304 | ---- | C] () -- C:\Documents and Settings\MZ\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/05 05:58:47 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\MZ\Local Settings\Application Data\fusioncache.dat
[2009/06/04 21:13:00 | 000,030,792 | ---- | C] () -- C:\Documents and Settings\MZ\Application Data\wklnhst.dat

========== LOP Check ==========

[2010/06/22 23:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/06/22 23:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2012/08/17 17:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/08/17 20:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/25 16:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\easetech
[2012/08/17 18:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/09/22 18:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\myitlab
[2010/08/22 23:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/06/05 14:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/06/06 17:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/22 23:07:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MZ\Application Data\acccore
[2009/06/05 14:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MZ\Application Data\Aim
[2009/06/21 09:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MZ\Application Data\Amazon
[2012/08/17 17:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MZ\Application Data\AVG Secure Search
[2012/08/17 17:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MZ\Application Data\AVG2012
[2010/04/04 12:20:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MZ\Application Data\Facebook
[2008/09/11 23:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MZ\Application Data\InterVideo
[2009/06/04 21:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MZ\Application Data\Template
[2009/06/05 02:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MZ\Application Data\Windows Live Writer

========== Purity Check ==========



========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$NtUninstallKB3599$] -> -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\WINDOWS\regedit.exe:SummaryInformation

< End of report >
  • 0

Advertisements

#2
Gammo
Posted 21 August 2012 - 04:34 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP