I've seem a lot of these posts and tried to solve myself, but each fix seems pretty bespoke, so hopefully someone here can help...
I've been suffering the same software restriction policy error message when trying to open AVG (event viewer properties say this:
Access to C:\Program Files\AVG\AVG2015\avgui.exe has been restricted by your Administrator by location with policy rule {e9088572-00e3-454d-bf06-a294e88a94c8} placed on path C:\Program Files\AVG
FRST seems to be the first suggestion, so the logs are below:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-03-2015
Ran by Tim Maw (administrator) on TIM on 07-03-2015 19:20:51
Running from C:\Documents and Settings\Tim Maw\Local Settings\Temporary Internet Files\Content.IE5\VSUTIMZE
Loaded Profiles: Tim Maw & Administrator (Available profiles: Tim Maw & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(Motorola Inc.) C:\WINDOWS\sm56hlpr.exe
(S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe
(S3 Graphics Co., Ltd.) C:\WINDOWS\system32\VTTrayp.exe
(Labtec Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
(Labtec Inc.) C:\Program Files\Logitech\Video\LogiTray.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Iomega Corporation) C:\Program Files\Iomega\Home Storage Manager\Iomega Discovery.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Labtec Inc.) C:\Program Files\Logitech\Video\FxSvr2.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
() C:\Documents and Settings\Tim Maw\Application Data\Spotify\Data\SpotifyWebHelper.exe
() C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
(EMC Corporation) C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe
() C:\Program Files\Labtec NumPad\Magickey.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Documents and Settings\Tim Maw\Local Settings\Temporary Internet Files\Content.IE5\VSUTIMZE\FRST[1].exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SMSERIAL] => C:\WINDOWS\sm56hlpr.exe [544768 2004-12-29] (Motorola Inc.)
HKLM\...\Run: [VTTimer] => C:\WINDOWS\system32\VTTimer.exe [53248 2005-03-08] (S3 Graphics, Inc.)
HKLM\...\Run: [VTTrayp] => C:\WINDOWS\system32\VTtrayp.exe [163840 2005-11-01] (S3 Graphics Co., Ltd.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [LVCOMSX] => C:\WINDOWS\system32\LVCOMSX.EXE [221184 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [LogitechVideoRepair] => C:\Program Files\Logitech\Video\ISStart.exe [458752 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [LogitechVideoTray] => C:\Program Files\Logitech\Video\LogiTray.exe [217088 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-06-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Iomega Home Storage Manager] => C:\Program Files\Iomega\Home Storage Manager\Iomega Discovery.exe [147456 2009-05-18] (Iomega Corporation)
HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [IMEKRMIG6.1] => C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [44032 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2004-08-04] ()
HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2503704 2015-03-06] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3710416 2015-02-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG\ <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG\AVG2012 <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [90112 2006-03-21] (Nero AG)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [401491 2004-02-03] (Microsoft Corporation)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [kdx] => C:\Program Files\Kontiki\KHost.exe [1032640 2007-04-23] (Kontiki Inc.)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [Google Update] => C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [Spotify Web Helper] => C:\Documents and Settings\Tim Maw\Application Data\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-09-06] ()
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [Amazon Cloud Player] => C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {6496434a-f9c8-11db-a76e-0011675c4aa8} - E:\LaunchU3.exe
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {8739fd90-df95-11df-b361-0011675c4aa8} - E:\AUTORUN.EXE
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {a1d9e440-8c87-11e0-b446-0011675c4aa8} - E:\AUTORUN.EXE
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {b05f216e-102e-11df-b267-0011675c4aa8} - E:\AUTORUN.EXE
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {b05f2176-102e-11df-b267-0011675c4aa8} - E:\AUTORUN.EXE
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {d07e44fe-dfbb-11df-b362-0011675c4aa8} - E:\AUTORUN.EXE
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [90112 2006-03-21] (Nero AG)
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\...\RunOnce: [spchecker] => "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe"
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\fsc-scr.scr [656896 2005-04-12] (Neoaspire.com)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Enable Labtec NumPad.lnk
ShortcutTarget: Enable Labtec NumPad.lnk -> C:\Program Files\Labtec NumPad\Magickey.exe ()
BootExecute: autocheck autochk * sdnclean.exeC:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\Software\Microsoft\Internet Explorer\Main,Start Page = about
:blank
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ie
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={sear...e=utf8&oe=utf8
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir...ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> DefaultScope {C99B2EF8-4676-4119-99F3-73F54EE01931} URL =
http://www.google.co.uk/search?hl=en...&meta=&aq=f&oq=
SearchScopes: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
https://mysearch.avg.com/search?cid=...r&d=2014-09-06 10:45:09&v=18.1.9.786&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> {C99B2EF8-4676-4119-99F3-73F54EE01931} URL =
http://www.google.co.uk/search?hl=en...&meta=&aq=f&oq=
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-20] (Oracle Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-06] (AVG Secure Search)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-20] (Oracle Corporation)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-06] (AVG Secure Search)
Toolbar: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Toolbar: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.microsoft.com/downlo...OGAControl.cab
DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4}
http://download.microsoft.com/downlo...ualEarth3D.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/downlo...eckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll
DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135}
http://download.microsoft.com/downlo...ualEarth3D.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
http://gfx2.hotmail.com/mail/w2/pr02...s/MSNPUpld.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73}
https://www.icloud.com/system/iCloud.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get.../ultrashim.cab
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16}
http://192.168.0.86/codebase/DVM_IPCam2.ocx
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09}
https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB}
http://tools.ebayimg.com/eps/wl/acti..._v1-0-27-0.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
http://office.microsoft.com/officeup...tent/opuc4.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}
http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/ge...sh/swflash.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679}
http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
https://akamaicdn.webex.com/client/W...ex/ieatgpc.cab
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B}
https://remote.avis-europe.com/dana-...niperSetup.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147}
http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941}
http://driveragent.com/files/driveragent.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
https://access.avis-europe.com/dana-...etupClient.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File []
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll [2004-02-03] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-03-06] (AVG Secure Search)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1DC6E6C1-F545-4593-AE52-CFD5AF2ED7BE}: [NameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Tim Maw\Application Data\Mozilla\Firefox\Profiles\ezjfo85b.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage:
https://mysearch.avg.com?cid={6C444A...r&d=2014-09-06 10:45:09&v=18.1.9.786&pid=safeguard&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-06-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-06-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=2.5 -> C:\Program Files\Virtual Earth 3D\ [2014-05-13] ()
FF Plugin: @microsoft.com/VirtualEarth3D,version=3.0 -> C:\Program Files\Virtual Earth 3D\ [2014-05-13] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginB...ersion=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll [2006-11-03] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-4203001677-3451174959-1684937818-1006: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-4203001677-3451174959-1684937818-1006: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-01-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-01-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-01-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-01-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-01-31] (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\Tim Maw\Application Data\Mozilla\Firefox\Profiles\ezjfo85b.default\searchplugins\avg-secure-search.xml [2014-09-06]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml [2015-03-06]
FF Extension: AVG SafeGuard toolbar - C:\Documents and Settings\Tim Maw\Application Data\Mozilla\Firefox\Profiles\ezjfo85b.default\Extensions\avg@toolbar [2014-09-06]
FF Extension: Property Bee - C:\Documents and Settings\Tim Maw\Application Data\Mozilla\Firefox\Profiles\ezjfo85b.default\Extensions\{da8bd68d-8e90-41cd-8345-a71b294e72e6}.xpi [2011-05-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-17]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-12]
Chrome:
=======
CHR HomePage: Default -> hxxp://uk.search.yahoo.com?type=714647&fr=spigot-yhp-ch
CHR StartupUrls: Default -> "hxxp://uk.search.yahoo.com?type=714647&fr=spigot-yhp-ch", "about
:blank", "
https://mysearch.avg.com?cid={6C444A...r&d=2014-09-06 10:45:09&v=18.1.9.786&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> google.co.uk_
CHR DefaultSearchURL: Default ->
http://www.google.co.uk/search?hl=en...&meta=&aq=f&oq=
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\Application\40.0.2214.115\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plug ins/avgnpss.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-04]
CHR Extension: (Google Play Music) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-05-10]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
StartMenuInternet: Google Chrome - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3411408 2015-02-19] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [308720 2015-02-19] (AVG Technologies CZ, s.r.o.)
R2 BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [110592 2005-04-06] () [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182184 2013-06-20] (Oracle Corporation)
S2 KService; C:\Program Files\Kontiki\KService.exe [3068352 2007-04-23] (Kontiki Inc.)
S2 RetroExp Helper; C:\Program Files\Retrospect\Retrospect Express HD 2.5\rthlpsvc.exe [128280 2008-07-16] (EMC Corporation)
R2 RetroExpLauncher; C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe [107800 2008-07-16] (EMC Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TestHandler; C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\HaDTMan.exe [384792 2010-09-24] (Fujitsu Technology Solutions)
R2 vToolbarUpdater18.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1802776 2015-03-06] (AVG Secure Search)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [3972672 2006-06-27] (Realtek Semiconductor Corp.)
S3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [543712 2007-03-27] (Atheros Communications, Inc.)
R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1333152 2008-04-03] (Atheros Communications, Inc.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [202208 2015-02-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [107488 2015-01-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [210400 2015-01-16] (AVG Technologies CZ, s.r.o.)
R3 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [20480 2005-08-31] (IVT Corporation) [File not signed]
R3 BlueletSCOAudio; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [20480 2005-08-31] (IVT Corporation) [File not signed]
R3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [10804 2005-04-30] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [23000 2005-07-29] (IVT Corporation) [File not signed]
R3 BTHidEnum; C:\WINDOWS\System32\DRIVERS\vbtenum.sys [11988 2005-07-29] () [File not signed]
R0 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 EKBfltr; C:\WINDOWS\System32\DRIVERS\EKBfltr.sys [5504 2005-01-14] (EnE Technology Inc.)
R3 FETND5BV; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [42496 2005-03-18] (VIA Technologies, Inc. )
S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [22016 2005-04-01] (Labtec Inc.)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [120024 2015-03-07] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 nvatabus; C:\WINDOWS\System32\drivers\nvatabus.sys [93568 2005-08-18] (NVIDIA Corporation)
S3 pepifilter; C:\WINDOWS\System32\DRIVERS\lv302af.sys [7072 2005-04-01] (Labtec Inc.)
S3 PID_08A0; C:\WINDOWS\System32\DRIVERS\LV302AV.SYS [913280 2005-04-01] (Labtec Inc.)
S3 PortlUSB; C:\WINDOWS\System32\DRIVERS\MTC.sys [7552 2004-06-24] (PortalPlayer, Inc.)
R1 sdcplh; C:\WINDOWS\System32\drivers\sdcplh.sys [55168 2005-11-23] (Macrovision Europe Ltd) [File not signed]
S3 TVICHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2007-08-11] (EnTech Taiwan) [File not signed]
R1 UsbFltr; C:\WINDOWS\system32\Drivers\UsbFltr.sys [8960 2005-02-21] (Waytech Development, Inc.) [File not signed]
S3 USBNumPad; C:\WINDOWS\System32\Drivers\USBNumPad.sys [9600 2007-03-19] (Waytech Development, Inc.) [File not signed]
R3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [61312 2004-10-19] (IVT Corporation) [File not signed]
R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [82148 2005-03-25] (IVT Corporation) [File not signed]
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.)
R3 viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [248704 2006-02-09] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
R0 viamraid; C:\WINDOWS\System32\drivers\viamraid.sys [92672 2005-11-23] (VIA Technologies inc,.ltd)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [104064 2003-12-22] (Microsoft Corporation)
S3 9ce299a6-6842-4cf7-9b39-f5d20f9bafc4; \??\D:\Player\cds300.dll [X]
S4 IntelIde; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 rootrepeal; \??\C:\WINDOWS\system32\drivers\rootrepeal.sys [X]
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 19:20 - 2015-03-07 19:21 - 00000000 ___DC () C:\FRST
2015-03-07 18:39 - 2015-03-07 19:16 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2015-03-07 18:38 - 2015-03-07 19:16 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Desktop\mbar
2015-02-25 20:41 - 2015-02-25 20:41 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Avg_Update_0215tb
2015-02-24 22:52 - 2015-02-24 22:52 - 00000000 ___DC () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2015-02-24 22:51 - 2015-02-24 22:51 - 00000000 ___DC () C:\Program Files\iPod
2015-02-24 22:50 - 2015-02-24 22:52 - 00000000 ___DC () C:\Program Files\iTunes
2015-02-24 22:50 - 2015-02-24 22:52 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-02-07 13:11 - 2015-02-07 13:11 - 01436055 ____C () C:\Documents and Settings\Tim Maw\My Documents\app-ipw.zip
2015-02-07 12:19 - 2015-02-07 12:19 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Application Data\app-ipw
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 19:22 - 2006-09-13 17:14 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Local Settings\Temp
2015-03-07 19:21 - 2012-07-14 14:08 - 00000830 ____C () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-07 19:17 - 2006-07-28 10:14 - 01863229 ____C () C:\WINDOWS\WindowsUpdate.log
2015-03-07 18:39 - 2014-06-14 10:24 - 00119512 ____C (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-07 18:38 - 2014-06-14 10:23 - 00120024 ____C (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-07 18:34 - 2010-08-12 18:07 - 00000986 ____C () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4203001677-3451174959-1684937818-1006UA.job
2015-03-07 18:34 - 2010-08-05 20:05 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Application Data\uTorrent
2015-03-07 18:32 - 2006-09-13 17:14 - 00000000 ___DC () C:\Documents and Settings\Tim Maw
2015-03-07 18:31 - 2010-11-04 19:59 - 00000688 ____C () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-03-07 18:31 - 2006-09-13 23:53 - 00000000 ___DC () C:\Program Files\CCleaner
2015-03-07 18:11 - 2013-05-04 21:13 - 00000159 ____C () C:\WINDOWS\wiadebug.log
2015-03-07 18:11 - 2013-05-04 21:13 - 00000050 ____C () C:\WINDOWS\wiaservc.log
2015-03-07 18:11 - 2006-07-28 11:08 - 00001158 ____C () C:\WINDOWS\system32\wpa.dbl
2015-03-07 18:10 - 2014-08-15 12:29 - 00000644 ____C () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-03-07 18:09 - 2014-03-23 09:46 - 00000226 ____C () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-03-07 18:09 - 2014-01-03 18:50 - 00000550 ____C () C:\WINDOWS\Tasks\Amazon Music Helper.job
2015-03-07 18:09 - 2006-07-28 10:19 - 00000006 ___HC () C:\WINDOWS\Tasks\SA.DAT
2015-03-07 15:01 - 2009-01-24 17:46 - 00032612 ____N () C:\WINDOWS\SchedLgU.Txt
2015-03-07 15:00 - 2006-09-13 17:14 - 00000278 __SHC () C:\Documents and Settings\Tim Maw\ntuser.ini
2015-03-07 14:02 - 2010-10-17 21:36 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\MFAData
2015-03-07 00:40 - 2015-01-02 21:12 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Desktop\Tor Browser
2015-03-06 23:17 - 2014-09-06 09:44 - 00000000 ___DC () C:\Program Files\Common Files\AVG Secure Search
2015-03-06 23:17 - 2014-09-06 09:44 - 00000000 ___DC () C:\Program Files\AVG SafeGuard toolbar
2015-03-06 22:34 - 2010-08-12 18:07 - 00000934 ____C () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4203001677-3451174959-1684937818-1006Core.job
2015-03-06 21:26 - 2009-02-06 19:46 - 00000486 ____C () C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2015-03-06 19:28 - 2015-01-29 22:59 - 00000708 ____C () C:\Documents and Settings\All Users\Desktop\AVG 2015.lnk
2015-03-06 19:28 - 2015-01-29 22:59 - 00000000 ___DC () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2015-03-04 21:58 - 2012-02-21 23:19 - 00000000 __RDC () C:\Documents and Settings\Tim Maw\My Documents\Dropbox
2015-03-04 21:56 - 2012-02-21 23:16 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Application Data\Dropbox
2015-03-04 21:04 - 2011-05-18 21:20 - 00000000 ___DC () C:\Program Files\Mozilla Firefox
2015-02-25 22:16 - 2009-10-15 22:16 - 00040960 ____C () C:\Documents and Settings\Tim Maw\My Documents\Car costs.xls
2015-02-24 23:29 - 2011-01-12 21:22 - 00015872 ____C () C:\Documents and Settings\Tim Maw\My Documents\SoA.xls
2015-02-24 22:50 - 2007-12-31 18:40 - 00000000 ___DC () C:\Program Files\Common Files\Apple
2015-02-19 21:27 - 2014-12-08 21:25 - 00202208 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
2015-02-18 16:00 - 2006-09-21 20:00 - 00000388 ___HC () C:\WINDOWS\Tasks\{B0047368-E51B-4388-ABA2-24003E0628F9}_TIM_Tim Maw.job
2015-02-18 09:00 - 2006-09-21 20:00 - 00000388 ___HC () C:\WINDOWS\Tasks\{F31D6F31-334A-4A16-A767-AEA85B7A5B0D}_TIM_Tim Maw.job
2015-02-18 06:18 - 2014-08-15 12:29 - 00000616 ____C () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-02-18 06:18 - 2012-05-26 10:01 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Local Settings\Application Data\CRE
2015-02-17 22:53 - 2006-07-28 12:06 - 00000000 ___DC () C:\Program Files\Common Files\Microsoft Shared
2015-02-17 22:53 - 2006-07-28 10:12 - 00000000 ___DC () C:\Program Files\Messenger
2015-02-13 21:45 - 2013-07-17 20:35 - 00000000 ___DC () C:\WINDOWS\system32\MRT
2015-02-13 21:17 - 2006-09-16 09:00 - 113756392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-07 12:21 - 2006-07-28 12:00 - 00000000 ___DC () C:\WINDOWS\Help
2015-02-05 18:21 - 2012-03-31 15:20 - 00701616 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 18:21 - 2011-05-19 18:31 - 00071344 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-05 17:09 - 2008-02-06 23:23 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Kontiki
==================== Files in the root of some directories =======
2015-01-02 19:57 - 2015-01-03 14:20 - 0000664 ____C () C:\Documents and Settings\Tim Maw\Local Settings\Application Data\d3d9caps.dat
2006-11-08 21:38 - 2014-03-01 17:42 - 0180224 ____C () C:\Documents and Settings\Tim Maw\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-25 20:12 - 2013-01-25 20:12 - 0026900 ____C () C:\Documents and Settings\Tim Maw\Local Settings\Application Data\dt.dat
Files to move or delete:
====================
C:\Documents and Settings\Tim Maw\settings.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
And the additional file:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-03-2015
Ran by Tim Maw at 2015-03-07 19:23:21
Running from C:\Documents and Settings\Tim Maw\Local Settings\Temporary Internet Files\Content.IE5\VSUTIMZE
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5751 - AVG Technologies)
AVG 2015 (Version: 15.0.4299 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5751 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM\...\AVG SafeGuard toolbar) (Version: 18.3.0.885 - AVG Technologies)
BBC iPlayer Desktop (HKLM\...\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1) (Version: 3.2.15 - British Broadcasting Corp.)
BBC iPlayer Desktop (Version: 3.2.15 - British Broadcasting Corp.) Hidden
BlueSoleil (HKLM\...\{63D1A44F-E1FD-4460-BE0A-8745012F67EF}) (Version: 1.6.4.0 Release 050920 - IVT Corporation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-2447-0000-800000000003}) (Version: 8.0.0 - Adobe Systems)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
Dropbox (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Google Chrome (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.802 - InterVideo Inc.)
Iomega Home Storage Manager (HKLM\...\{C08E4323-261D-4B2F-8F24-CDB26E2AA081}) (Version: 2.0.0.3 - Iomega Corporation an EMC Company)
Iomega Product Registration (HKLM\...\{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}) (Version: 7.24.0000 - Iomega Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Japanese Fonts Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5760-0000-800000000003}) (Version: 8.0 - Adobe Systems)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Juniper_Setup_Client) (Version: 7.1.5.14305 - Juniper Networks, Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Labtec USB NumPad for Notebook (HKLM\...\Wireless Keyboard) (Version: - )
Labtec WebCam Software (HKLM\...\{BF45F502-D3F2-4E7C-91D8-9AA5A8141D08}) (Version: 8.43.0000 - Labtec, Inc.)
Labtec® Camera Driver (HKLM\...\QcDrv) (Version: - )
Macromedia Flash Player 8 (HKLM\...\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}) (Version: 8.0.24.0 - Macromedia)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ActiveSync 3.7 (HKLM\...\Windows CE Services) (Version: - )
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Office 2000 SR-1 Small Business (HKLM\...\{00030409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.9327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Word Supplemental Templates and Wizards (HKLM\...\{E59219D4-23B8-11D3-A179-00C04F6C9FA4}) (Version: 1.0.0.0 - Microsoft Corp.)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: - )
Mozilla Firefox 9.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 9.0.1 (x86 en-GB)) (Version: 9.0.1 - Mozilla)
MSN (HKLM\...\MSNINST) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{DD090DED-AC90-4B12-915E-72511B7B1033}) (Version: 7.01.3771 - Nero AG)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.24 - Realtek Semiconductor Corp.)
Retrospect Express HD 2.5 (HKLM\...\{BCC57687-98A2-4C4C-B0F8-BC6B6F52D4E3}) (Version: 2.5.113 - EMC)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Skype Toolbars (HKLM\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4137 - Skype Technologies S.A.)
Skype 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Socket Low Power SDIO WLAN Driver for Windows Mobile 2003 (HKLM\...\{C7E70510-FC49-4096-827B-352EBA2931EB}) (Version: 1.0 - Socket Communications, Inc.)
Socket SDIO WLAN for Pocket PC 2002 (HKLM\...\{58D7ABED-CC06-4895-9A52-CB79E648040B}) (Version: - )
Software Update for Web Folders (Version: 9.60.6715.0 - Microsoft Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Spotify (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Spotify) (Version: 0.8.4.124.ga3559d86 - Spotify AB)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SystemDiagnostics (HKLM\...\{80B0B731-5FAE-475D-8844-20F46373780D}) (Version: 3.02.0010 - Fujitsu Technology Solutions)
TomTom HOME (HKLM\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VIA Rhine-Family Fast Ethernet Adapter (HKLM\...\VN_VUIns_Rhine_VIA) (Version: - )
VIA/S3G Display Driver (HKLM\...\VIA/S3G Display Driver) (Version: - )
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - WayTech (USBNumPad) HIDClass (02/01/2007 1.0) (HKLM\...\06F05CAF38E51FC65408601E057C686C6B5DEDEB) (Version: 02/01/2007 1.0 - WayTech)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0017.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Messenger 5.1 MUI Pack (HKLM\...\{F3CBA4E6-436E-4B51-9651-93830EE38616}) (Version: 5.1.0701 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XCSoar (HKLM\...\XCSoar) (Version: - )
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\Application\40.0.2214.115\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.25.11\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
29-01-2015 21:35:27 System Checkpoint
29-01-2015 22:52:05 Installed AVG 2015
29-01-2015 22:52:49 Removed AVG 2012
29-01-2015 22:55:10 Installed AVG 2015
29-01-2015 23:04:20 Removed AVG 2012
29-01-2015 23:06:59 Removed AVG 2012
29-01-2015 23:10:13 Removed AVG 2012
05-02-2015 18:38:36 System Checkpoint
06-02-2015 19:52:55 System Checkpoint
13-02-2015 21:17:05 Software Distribution Service 3.0
17-02-2015 21:22:09 System Checkpoint
17-02-2015 22:53:11 Removed Windows Messenger 5.1
20-02-2015 20:32:12 System Checkpoint
25-02-2015 20:57:07 System Checkpoint
05-03-2015 06:48:09 System Checkpoint
06-03-2015 20:57:29 System Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-07-28 11:07 - 2014-03-23 14:24 - 00450622 ___RC C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1
www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com
127.0.0.1 008k.com
127.0.0.1
www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com
127.0.0.1 032439.com
127.0.0.1
www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1
www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1
www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1
www.100888290cs.com
127.0.0.1
www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1
www.10sek.com
127.0.0.1
www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1
www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1
www.123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Amazon Music Helper.job => C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4203001677-3451174959-1684937818-1006Core.job => C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4203001677-3451174959-1684937818-1006UA.job => C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\WINDOWS\Tasks\{AF928080-395A-4A8C-A920-B860A2CD2C68}_TIM_Tim Maw.job => C:\WINDOWS\system32\mobsync.exe
Task: C:\WINDOWS\Tasks\{B0047368-E51B-4388-ABA2-24003E0628F9}_TIM_Tim Maw.job => C:\WINDOWS\system32\mobsync.exe
Task: C:\WINDOWS\Tasks\{F31D6F31-334A-4A16-A767-AEA85B7A5B0D}_TIM_Tim Maw.job => C:\WINDOWS\system32\mobsync.exe
==================== Loaded Modules (whitelisted) ==============
2012-02-21 23:23 - 2011-02-28 22:37 - 00180624 ____C () C:\WINDOWS\system32\Primomonnt.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2006-07-28 11:10 - 2004-11-10 11:42 - 00065536 _____ () C:\WINDOWS\sm56eng.dll
2006-07-28 11:10 - 2004-11-02 09:12 - 00065536 _____ () C:\WINDOWS\sm56fra.dll
2006-07-28 11:10 - 2004-11-02 09:12 - 00065536 _____ () C:\WINDOWS\sm56brz.dll
2006-07-28 11:10 - 2004-11-11 08:16 - 00045056 _____ () C:\WINDOWS\sm56chs.dll
2006-07-28 11:10 - 2004-11-10 11:42 - 00045056 _____ () C:\WINDOWS\sm56cht.dll
2006-07-28 11:10 - 2004-11-02 09:12 - 00065536 _____ () C:\WINDOWS\sm56ger.dll
2006-07-28 11:10 - 2004-11-02 09:12 - 00065536 _____ () C:\WINDOWS\sm56itl.dll
2006-07-28 11:10 - 2004-11-10 11:42 - 00049152 _____ () C:\WINDOWS\sm56jpn.dll
2006-07-28 11:10 - 2004-11-02 09:12 - 00065536 _____ () C:\WINDOWS\sm56spn.dll
2005-04-06 16:03 - 2005-04-06 16:03 - 00110592 _____ () C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
2014-08-15 12:28 - 2014-05-13 11:04 - 00109400 ____C () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-15 12:28 - 2014-05-13 11:04 - 00416600 ____C () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-15 12:28 - 2014-05-13 11:04 - 00167768 ____C () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-06 09:44 - 2015-03-06 23:17 - 02503704 ____C () C:\Program Files\AVG SafeGuard toolbar\vprot.exe
2015-03-06 23:17 - 2015-03-06 23:17 - 00519704 ____C () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\log4cplusU.dll
2012-09-06 21:37 - 2012-09-06 21:37 - 01193176 ____C () C:\Documents and Settings\Tim Maw\Application Data\Spotify\Data\SpotifyWebHelper.exe
2014-01-03 18:50 - 2014-05-08 17:26 - 03145536 ____C () C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
2014-01-11 18:03 - 2005-03-14 13:55 - 00110592 ____C () C:\Program Files\Labtec NumPad\Magickey.exe
2014-01-11 18:03 - 2005-01-31 10:52 - 00040960 ____C () C:\Program Files\Labtec NumPad\WDAccess.dll
2014-08-15 12:28 - 2012-08-23 09:38 - 00574840 ____C () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-15 12:28 - 2012-04-03 16:06 - 00565640 ____C () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-03-06 23:17 - 2015-03-06 23:17 - 00159768 ____C () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AVG Anti-Spyware Driver => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AVG Anti-Spyware Guard => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\fsc_wallpaper_connect.bmp
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\fsc_wallpaper_bridge.bmp
DNS Servers: 192.168.0.1 - 192.168.1.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: RetroExpress => C:\PROGRA~1\RETROS~1\RETROS~1.5\RetroExpress.exe /h
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-4203001677-3451174959-1684937818-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-4203001677-3451174959-1684937818-1008 - Limited - Enabled)
Guest (S-1-5-21-4203001677-3451174959-1684937818-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-4203001677-3451174959-1684937818-1005 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-4203001677-3451174959-1684937818-1002 - Limited - Disabled)
Tim Maw (S-1-5-21-4203001677-3451174959-1684937818-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Tim Maw
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/07/2015 00:42:26 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\PROFILE.DEFAULT\PREFS-1.JS> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (02/25/2015 08:26:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\TIM MAW\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES LIBRARY GENIUS.ITDB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (02/22/2015 04:56:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application KService.exe, version 5.11.704.230, faulting module KService.exe, version 5.11.704.230, fault address 0x00209e6d.
Processing media-specific event for [KService.exe!ws!]
Error: (02/14/2015 00:43:34 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\PROFILE.DEFAULT\PREFS-1.JS> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (02/13/2015 10:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\CACHES\FIREFOX\ACTIVE-UPDATE-1.XML> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (01/31/2015 01:36:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\TIM MAW\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES LIBRARY GENIUS.ITDB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (01/31/2015 00:18:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
System errors:
=============
Error: (03/07/2015 06:13:03 PM) (Source: DCOM) (EventID: 10010) (User: TIM)
Description: The server {83D70C88-12F2-4B69-B4E7-D2AF6DA1079B} did not register with DCOM within the required timeout.
Error: (03/07/2015 06:12:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The KService service terminated with the following error:
%%2147500037
Error: (03/07/2015 06:12:08 PM) (Source: DCOM) (EventID: 10010) (User: TIM)
Description: The server {8C9813D0-9FEA-4F37-AAF0-89D9C805B89F} did not register with DCOM within the required timeout.
Error: (03/07/2015 06:12:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The KService service terminated with the following error:
%%2147500037
Error: (03/07/2015 06:11:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd
SBRE
Error: (03/07/2015 06:11:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053
Error: (03/07/2015 06:11:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.
Error: (03/07/2015 06:11:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The KService service terminated with the following error:
%%2147500037
Error: (03/07/2015 01:59:52 PM) (Source: DCOM) (EventID: 10010) (User: TIM)
Description: The server {83D70C88-12F2-4B69-B4E7-D2AF6DA1079B} did not register with DCOM within the required timeout.
Error: (03/07/2015 01:59:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The KService service terminated with the following error:
%%2147500037
Microsoft Office Sessions:
=========================
Error: (03/07/2015 00:42:26 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\PROFILE.DEFAULT\PREFS-1.JS
Error: (02/25/2015 08:26:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\TIM MAW\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES LIBRARY GENIUS.ITDB-JOURNAL
Error: (02/22/2015 04:56:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: KService.exe5.11.704.230KService.exe5.11.704.23000209e6d
Error: (02/14/2015 00:43:34 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\PROFILE.DEFAULT\PREFS-1.JS
Error: (02/13/2015 10:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\CACHES\FIREFOX\ACTIVE-UPDATE-1.XML
Error: (01/31/2015 01:36:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\TIM MAW\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES LIBRARY GENIUS.ITDB-JOURNAL
Error: (01/31/2015 00:18:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) M processor 1.70GHz
Percentage of memory in use: 61%
Total physical RAM: 1470.23 MB
Available physical RAM: 563.18 MB
Total Pagefile: 1994.54 MB
Available Pagefile: 1201 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.03 MB
==================== Drives ================================
Drive c: (412010) (Fixed) (Total:55.88 GB) (Free:5.41 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive u: () (Network) (Total:927.44 GB) (Free:674.05 GB)
Drive v: () (Network) (Total:927.44 GB) (Free:674.05 GB)
Drive w: () (Network) (Total:927.44 GB) (Free:674.05 GB)
Drive x: () (Network) (Total:927.44 GB) (Free:674.05 GB)
Drive y: () (Network) (Total:927.44 GB) (Free:674.05 GB)
Drive z: () (Network) (Total:927.44 GB) (Free:674.05 GB)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 55.9 GB) (Disk ID: 8AC5B2C0)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Many thanks!
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel(R) Celeron(R) M processor 1.70GHz, x86 Family 6 Model 13 Stepping 8
Processor Count: 1
RAM: 1470 Mb
Graphics Card: VIA/S3G UniChrome Pro IGP, 64 Mb
Hard Drives: C: Total - 57223 MB, Free - 5551 MB;
Motherboard: FUJITSU SIEMENS, AMILO L7320
Antivirus: AVG AntiVirus Free Edition 2015, Updated: Yes, On-Demand Scanner: Enabled