Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz, x64 Family 6 Model 15 Stepping 2
Processor Count: 2
RAM: 3047 Mb
Graphics Card: Intel(R) Q965/Q963 Express Chipset Family, 384 Mb
Hard Drives: C: Total - 76316 MB, Free - 27570 MB;
Motherboard: Hewlett-Packard, 0A54h
Antivirus: Microsoft Security Essentials, Updated and Enabled

sysinfo is current for my wife's computer.



Wes This is a problem that's been around the Internet a while. I've tried 7 or 8 so called fixes and none of them work.


“Intel Graphics Accelerator Drivers for Windows Vista stopped responding and has successfully recovered.” Don't understand the 'Vista” reference.


It's my wife's computer... HP Compaq dc7700 Small Form Factor. 2 gig of RAM, running Win 7 Home Premium.


There may be a virus involved...I don't know. There are a couple of files that refuse to allow themselves to be deleted.


The closest I've come to fixing this thing came from Intel. Their website has a driver finder utility. It scanned and found the Intel Q965/Q963 Express Chipset family. The utility downloaded itself and started to install an upgrade file. It got all the way thru to the end, then failed.


Trying the fix by updating the file thru Device Manager results in a message that the latest driver is already installed. I was able to download the driver from HP. It's a large file (6.4 mb) with many folders and files. Couldn't find a Setup file. Windows refuses to look at the file.




Does anybody know how to fix this problem? Appreciate your help.

It has been two days or more since my last post. Do you still need help or more time?:)



Regards,

Richard:D

original post is
http://forums.techguy.org/networking...onnection.html

First step
Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

Hello I need a lot of help. I am not good with computers so I don't have a good idea of what I am doing. I have a lenovo G50-70 it's windows 8 and since the 19th of jan 2015 my avast anti virus has detected viruses and they are stored in the virus chest, as I don't know what to do with them. There are 16 files/viruses in the chest and every so often more pop up. I would like to remove them out of the chest as they make me very anxious! Also my lenovo solution centre has 2 alerts one is to backup and the other days virus protection when I click on them it says something about adobe air, I don't want to install it as I have had trouble with previous laptops and fake adobe installations and getting viruses. If you could please instruct me on what to do I would be very grateful.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, 32 bit
Processor: AMD Athlon(tm) 7750 Dual-Core Processor, x64 Family 16 Model 2 Stepping 3
Processor Count: 2
RAM: 2813 Mb
Graphics Card: ATI Radeon HD 3300 Graphics (Microsoft Corporation WDDM 1.1), 640 Mb
Hard Drives: C: Total - 121997 MB, Free - 34677 MB; D: Total - 120000 MB, Free - 79962 MB; E: Total - 118472 MB, Free - 118379 MB;
Motherboard: Gigabyte Technology Co., Ltd., GA-MA790GP-UD4H
Antivirus: None

Hello, my computer is infected with the cryptowall virus and probably a few others. I understand that these "encrypted" files may not be restored and I'm not concerned with that. Most of them are unimportant anyways. I will download and post any files necessary for someone to help me. Thank you

Hello quenosabe. Are you ready to go? Please make sure to read and follow all the steps in order and as directed. If you have ANY questions along the way or get stuck, please STOP and post back here to let me know. ;)

Let's get started:

First
Please go to your Control Panel > Uninstall a program or Control Panel > Programs and Features and uninstall the following programs:

1. AVG Security Toolbar
2. Driver Booster 2.1
3. Java 7 Update 76
4. key-find uninstall

Optionally, I recommend that you uninstall Spybot - Search & Destroy in that list as well.

Reboot if your are prompted to.

Second
Run a FRST Fix

Download the attached fixlist.txt file and save it to the DESKTOP.

(NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.)

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST/FRST64 from your Desktop and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop named Fixlog.txt. Please post the contents of that log file into your next reply.

Third
Run Junkware Removal Tool:

Please download Junkware Removal Tool to your DESKTOP.

• Shut down your protection software now to avoid potential conflicts. See here for more information.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Finally
Please make sure to copy/paste the contents of the following logs in your next reply:

1. FRST fixlog.txt
2. JRT log

And tell me how your computer is doing.

Attached Files

fixlist.txt (12.1 KB)

Bump please

Hi,

Please can you help me get rid of istartsurf, when I click on my mozilla firefox it comes up instead of google. Also, when I try to open a new tab it doesnt show the previous websites ive been on like it used to, now its just saying file not found.

Any help will be much appreciated, thanks

Dawud

Hi and welcome. :)

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

Hi and welcome. :)

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8, 64 bit
Processor: AMD A10-5750M APU with Radeon(tm) HD Graphics, AMD64 Family 21 Model 19 Stepping 1
Processor Count: 4
RAM: 7366 Mb
Graphics Card: Microsoft Basic Render Driver, 17 Mb
Hard Drives: C: Total - 688531 MB, Free - 595558 MB; D: Total - 26082 MB, Free - 2673 MB;
Motherboard: Hewlett-Packard, 1984
Antivirus: Windows Defender, Disabled

Hello TechnoGuy,

This computer's owner failed to install any type of internet security software on this computer and he did not allow it to install updates as needed. I have installed Norton Internet Security and Super Anti Spyware as well as CCleaner to help clean it up. It had many many virus issues. There were several programs that I uninstalled, a couple of which still show up. Now I am trying to get it to install it's updates and it keeps failing and then reverting changes. I am pretty sure there are probably still viruses and I would love some help getting this computer to fully update itself so that it can run effificiently.
Thank you for your help!

I've seem a lot of these posts and tried to solve myself, but each fix seems pretty bespoke, so hopefully someone here can help...

I've been suffering the same software restriction policy error message when trying to open AVG (event viewer properties say this:

Access to C:\Program Files\AVG\AVG2015\avgui.exe has been restricted by your Administrator by location with policy rule {e9088572-00e3-454d-bf06-a294e88a94c8} placed on path C:\Program Files\AVG

FRST seems to be the first suggestion, so the logs are below:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-03-2015
Ran by Tim Maw (administrator) on TIM on 07-03-2015 19:20:51
Running from C:\Documents and Settings\Tim Maw\Local Settings\Temporary Internet Files\Content.IE5\VSUTIMZE
Loaded Profiles: Tim Maw & Administrator (Available profiles: Tim Maw & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(Motorola Inc.) C:\WINDOWS\sm56hlpr.exe
(S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe
(S3 Graphics Co., Ltd.) C:\WINDOWS\system32\VTTrayp.exe
(Labtec Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
(Labtec Inc.) C:\Program Files\Logitech\Video\LogiTray.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Iomega Corporation) C:\Program Files\Iomega\Home Storage Manager\Iomega Discovery.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Labtec Inc.) C:\Program Files\Logitech\Video\FxSvr2.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
() C:\Documents and Settings\Tim Maw\Application Data\Spotify\Data\SpotifyWebHelper.exe
() C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
(EMC Corporation) C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe
() C:\Program Files\Labtec NumPad\Magickey.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Documents and Settings\Tim Maw\Local Settings\Temporary Internet Files\Content.IE5\VSUTIMZE\FRST[1].exe

==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SMSERIAL] => C:\WINDOWS\sm56hlpr.exe [544768 2004-12-29] (Motorola Inc.)
HKLM\...\Run: [VTTimer] => C:\WINDOWS\system32\VTTimer.exe [53248 2005-03-08] (S3 Graphics, Inc.)
HKLM\...\Run: [VTTrayp] => C:\WINDOWS\system32\VTtrayp.exe [163840 2005-11-01] (S3 Graphics Co., Ltd.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [LVCOMSX] => C:\WINDOWS\system32\LVCOMSX.EXE [221184 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [LogitechVideoRepair] => C:\Program Files\Logitech\Video\ISStart.exe [458752 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [LogitechVideoTray] => C:\Program Files\Logitech\Video\LogiTray.exe [217088 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-06-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Iomega Home Storage Manager] => C:\Program Files\Iomega\Home Storage Manager\Iomega Discovery.exe [147456 2009-05-18] (Iomega Corporation)
HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [IMEKRMIG6.1] => C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [44032 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2004-08-04] ()
HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2503704 2015-03-06] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3710416 2015-02-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG\ <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG\AVG2012 <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [90112 2006-03-21] (Nero AG)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [401491 2004-02-03] (Microsoft Corporation)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [kdx] => C:\Program Files\Kontiki\KHost.exe [1032640 2007-04-23] (Kontiki Inc.)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [Google Update] => C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [Spotify Web Helper] => C:\Documents and Settings\Tim Maw\Application Data\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-09-06] ()
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Run: [Amazon Cloud Player] => C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {6496434a-f9c8-11db-a76e-0011675c4aa8} - E:\LaunchU3.exe
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {8739fd90-df95-11df-b361-0011675c4aa8} - E:\AUTORUN.EXE
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {a1d9e440-8c87-11e0-b446-0011675c4aa8} - E:\AUTORUN.EXE
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {b05f216e-102e-11df-b267-0011675c4aa8} - E:\AUTORUN.EXE
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {b05f2176-102e-11df-b267-0011675c4aa8} - E:\AUTORUN.EXE
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\MountPoints2: {d07e44fe-dfbb-11df-b362-0011675c4aa8} - E:\AUTORUN.EXE
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [90112 2006-03-21] (Nero AG)
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\...\RunOnce: [spchecker] => "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe"
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\fsc-scr.scr [656896 2005-04-12] (Neoaspire.com)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Enable Labtec NumPad.lnk
ShortcutTarget: Enable Labtec NumPad.lnk -> C:\Program Files\Labtec NumPad\Magickey.exe ()
BootExecute: autocheck autochk * sdnclean.exeC:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={sear...e=utf8&oe=utf8
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> DefaultScope {C99B2EF8-4676-4119-99F3-73F54EE01931} URL = http://www.google.co.uk/search?hl=en...&meta=&aq=f&oq=
SearchScopes: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid=...r&d=2014-09-06 10:45:09&v=18.1.9.786&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> {C99B2EF8-4676-4119-99F3-73F54EE01931} URL = http://www.google.co.uk/search?hl=en...&meta=&aq=f&oq=
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-20] (Oracle Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-06] (AVG Secure Search)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-20] (Oracle Corporation)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-06] (AVG Secure Search)
Toolbar: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Toolbar: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/downlo...OGAControl.cab
DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} http://download.microsoft.com/downlo...ualEarth3D.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll
DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.microsoft.com/downlo...ualEarth3D.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w2/pr02...s/MSNPUpld.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://192.168.0.86/codebase/DVM_IPCam2.ocx
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/acti..._v1-0-27-0.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeup...tent/opuc4.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/W...ex/ieatgpc.cab
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://remote.avis-europe.com/dana-...niperSetup.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.com/files/driveragent.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://access.avis-europe.com/dana-...etupClient.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File []
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll [2004-02-03] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-03-06] (AVG Secure Search)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1DC6E6C1-F545-4593-AE52-CFD5AF2ED7BE}: [NameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Tim Maw\Application Data\Mozilla\Firefox\Profiles\ezjfo85b.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://mysearch.avg.com?cid={6C444A...r&d=2014-09-06 10:45:09&v=18.1.9.786&pid=safeguard&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-06-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-06-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=2.5 -> C:\Program Files\Virtual Earth 3D\ [2014-05-13] ()
FF Plugin: @microsoft.com/VirtualEarth3D,version=3.0 -> C:\Program Files\Virtual Earth 3D\ [2014-05-13] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginB...ersion=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll [2006-11-03] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-4203001677-3451174959-1684937818-1006: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-4203001677-3451174959-1684937818-1006: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-01-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-01-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-01-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-01-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-01-31] (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\Tim Maw\Application Data\Mozilla\Firefox\Profiles\ezjfo85b.default\searchplugins\avg-secure-search.xml [2014-09-06]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml [2015-03-06]
FF Extension: AVG SafeGuard toolbar - C:\Documents and Settings\Tim Maw\Application Data\Mozilla\Firefox\Profiles\ezjfo85b.default\Extensions\avg@toolbar [2014-09-06]
FF Extension: Property Bee - C:\Documents and Settings\Tim Maw\Application Data\Mozilla\Firefox\Profiles\ezjfo85b.default\Extensions\{da8bd68d-8e90-41cd-8345-a71b294e72e6}.xpi [2011-05-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-17]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-12]
Chrome:
=======
CHR HomePage: Default -> hxxp://uk.search.yahoo.com?type=714647&fr=spigot-yhp-ch
CHR StartupUrls: Default -> "hxxp://uk.search.yahoo.com?type=714647&fr=spigot-yhp-ch", "about:blank", "https://mysearch.avg.com?cid={6C444A...r&d=2014-09-06 10:45:09&v=18.1.9.786&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> google.co.uk_
CHR DefaultSearchURL: Default -> http://www.google.co.uk/search?hl=en...&meta=&aq=f&oq=
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\Application\40.0.2214.115\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plug ins/avgnpss.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-04]
CHR Extension: (Google Play Music) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-05-10]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
StartMenuInternet: Google Chrome - C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3411408 2015-02-19] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [308720 2015-02-19] (AVG Technologies CZ, s.r.o.)
R2 BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [110592 2005-04-06] () [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182184 2013-06-20] (Oracle Corporation)
S2 KService; C:\Program Files\Kontiki\KService.exe [3068352 2007-04-23] (Kontiki Inc.)
S2 RetroExp Helper; C:\Program Files\Retrospect\Retrospect Express HD 2.5\rthlpsvc.exe [128280 2008-07-16] (EMC Corporation)
R2 RetroExpLauncher; C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe [107800 2008-07-16] (EMC Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TestHandler; C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\HaDTMan.exe [384792 2010-09-24] (Fujitsu Technology Solutions)
R2 vToolbarUpdater18.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1802776 2015-03-06] (AVG Secure Search)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [3972672 2006-06-27] (Realtek Semiconductor Corp.)
S3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [543712 2007-03-27] (Atheros Communications, Inc.)
R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1333152 2008-04-03] (Atheros Communications, Inc.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [202208 2015-02-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [107488 2015-01-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [210400 2015-01-16] (AVG Technologies CZ, s.r.o.)
R3 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [20480 2005-08-31] (IVT Corporation) [File not signed]
R3 BlueletSCOAudio; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [20480 2005-08-31] (IVT Corporation) [File not signed]
R3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [10804 2005-04-30] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [23000 2005-07-29] (IVT Corporation) [File not signed]
R3 BTHidEnum; C:\WINDOWS\System32\DRIVERS\vbtenum.sys [11988 2005-07-29] () [File not signed]
R0 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 EKBfltr; C:\WINDOWS\System32\DRIVERS\EKBfltr.sys [5504 2005-01-14] (EnE Technology Inc.)
R3 FETND5BV; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [42496 2005-03-18] (VIA Technologies, Inc. )
S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [22016 2005-04-01] (Labtec Inc.)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [120024 2015-03-07] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 nvatabus; C:\WINDOWS\System32\drivers\nvatabus.sys [93568 2005-08-18] (NVIDIA Corporation)
S3 pepifilter; C:\WINDOWS\System32\DRIVERS\lv302af.sys [7072 2005-04-01] (Labtec Inc.)
S3 PID_08A0; C:\WINDOWS\System32\DRIVERS\LV302AV.SYS [913280 2005-04-01] (Labtec Inc.)
S3 PortlUSB; C:\WINDOWS\System32\DRIVERS\MTC.sys [7552 2004-06-24] (PortalPlayer, Inc.)
R1 sdcplh; C:\WINDOWS\System32\drivers\sdcplh.sys [55168 2005-11-23] (Macrovision Europe Ltd) [File not signed]
S3 TVICHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2007-08-11] (EnTech Taiwan) [File not signed]
R1 UsbFltr; C:\WINDOWS\system32\Drivers\UsbFltr.sys [8960 2005-02-21] (Waytech Development, Inc.) [File not signed]
S3 USBNumPad; C:\WINDOWS\System32\Drivers\USBNumPad.sys [9600 2007-03-19] (Waytech Development, Inc.) [File not signed]
R3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [61312 2004-10-19] (IVT Corporation) [File not signed]
R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [82148 2005-03-25] (IVT Corporation) [File not signed]
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.)
R3 viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [248704 2006-02-09] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
R0 viamraid; C:\WINDOWS\System32\drivers\viamraid.sys [92672 2005-11-23] (VIA Technologies inc,.ltd)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [104064 2003-12-22] (Microsoft Corporation)
S3 9ce299a6-6842-4cf7-9b39-f5d20f9bafc4; \??\D:\Player\cds300.dll [X]
S4 IntelIde; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 rootrepeal; \??\C:\WINDOWS\system32\drivers\rootrepeal.sys [X]
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 19:20 - 2015-03-07 19:21 - 00000000 ___DC () C:\FRST
2015-03-07 18:39 - 2015-03-07 19:16 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2015-03-07 18:38 - 2015-03-07 19:16 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Desktop\mbar
2015-02-25 20:41 - 2015-02-25 20:41 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Avg_Update_0215tb
2015-02-24 22:52 - 2015-02-24 22:52 - 00000000 ___DC () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2015-02-24 22:51 - 2015-02-24 22:51 - 00000000 ___DC () C:\Program Files\iPod
2015-02-24 22:50 - 2015-02-24 22:52 - 00000000 ___DC () C:\Program Files\iTunes
2015-02-24 22:50 - 2015-02-24 22:52 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-02-07 13:11 - 2015-02-07 13:11 - 01436055 ____C () C:\Documents and Settings\Tim Maw\My Documents\app-ipw.zip
2015-02-07 12:19 - 2015-02-07 12:19 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Application Data\app-ipw
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 19:22 - 2006-09-13 17:14 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Local Settings\Temp
2015-03-07 19:21 - 2012-07-14 14:08 - 00000830 ____C () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-07 19:17 - 2006-07-28 10:14 - 01863229 ____C () C:\WINDOWS\WindowsUpdate.log
2015-03-07 18:39 - 2014-06-14 10:24 - 00119512 ____C (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-07 18:38 - 2014-06-14 10:23 - 00120024 ____C (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-07 18:34 - 2010-08-12 18:07 - 00000986 ____C () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4203001677-3451174959-1684937818-1006UA.job
2015-03-07 18:34 - 2010-08-05 20:05 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Application Data\uTorrent
2015-03-07 18:32 - 2006-09-13 17:14 - 00000000 ___DC () C:\Documents and Settings\Tim Maw
2015-03-07 18:31 - 2010-11-04 19:59 - 00000688 ____C () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-03-07 18:31 - 2006-09-13 23:53 - 00000000 ___DC () C:\Program Files\CCleaner
2015-03-07 18:11 - 2013-05-04 21:13 - 00000159 ____C () C:\WINDOWS\wiadebug.log
2015-03-07 18:11 - 2013-05-04 21:13 - 00000050 ____C () C:\WINDOWS\wiaservc.log
2015-03-07 18:11 - 2006-07-28 11:08 - 00001158 ____C () C:\WINDOWS\system32\wpa.dbl
2015-03-07 18:10 - 2014-08-15 12:29 - 00000644 ____C () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-03-07 18:09 - 2014-03-23 09:46 - 00000226 ____C () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-03-07 18:09 - 2014-01-03 18:50 - 00000550 ____C () C:\WINDOWS\Tasks\Amazon Music Helper.job
2015-03-07 18:09 - 2006-07-28 10:19 - 00000006 ___HC () C:\WINDOWS\Tasks\SA.DAT
2015-03-07 15:01 - 2009-01-24 17:46 - 00032612 ____N () C:\WINDOWS\SchedLgU.Txt
2015-03-07 15:00 - 2006-09-13 17:14 - 00000278 __SHC () C:\Documents and Settings\Tim Maw\ntuser.ini
2015-03-07 14:02 - 2010-10-17 21:36 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\MFAData
2015-03-07 00:40 - 2015-01-02 21:12 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Desktop\Tor Browser
2015-03-06 23:17 - 2014-09-06 09:44 - 00000000 ___DC () C:\Program Files\Common Files\AVG Secure Search
2015-03-06 23:17 - 2014-09-06 09:44 - 00000000 ___DC () C:\Program Files\AVG SafeGuard toolbar
2015-03-06 22:34 - 2010-08-12 18:07 - 00000934 ____C () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4203001677-3451174959-1684937818-1006Core.job
2015-03-06 21:26 - 2009-02-06 19:46 - 00000486 ____C () C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2015-03-06 19:28 - 2015-01-29 22:59 - 00000708 ____C () C:\Documents and Settings\All Users\Desktop\AVG 2015.lnk
2015-03-06 19:28 - 2015-01-29 22:59 - 00000000 ___DC () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2015-03-04 21:58 - 2012-02-21 23:19 - 00000000 __RDC () C:\Documents and Settings\Tim Maw\My Documents\Dropbox
2015-03-04 21:56 - 2012-02-21 23:16 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Application Data\Dropbox
2015-03-04 21:04 - 2011-05-18 21:20 - 00000000 ___DC () C:\Program Files\Mozilla Firefox
2015-02-25 22:16 - 2009-10-15 22:16 - 00040960 ____C () C:\Documents and Settings\Tim Maw\My Documents\Car costs.xls
2015-02-24 23:29 - 2011-01-12 21:22 - 00015872 ____C () C:\Documents and Settings\Tim Maw\My Documents\SoA.xls
2015-02-24 22:50 - 2007-12-31 18:40 - 00000000 ___DC () C:\Program Files\Common Files\Apple
2015-02-19 21:27 - 2014-12-08 21:25 - 00202208 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
2015-02-18 16:00 - 2006-09-21 20:00 - 00000388 ___HC () C:\WINDOWS\Tasks\{B0047368-E51B-4388-ABA2-24003E0628F9}_TIM_Tim Maw.job
2015-02-18 09:00 - 2006-09-21 20:00 - 00000388 ___HC () C:\WINDOWS\Tasks\{F31D6F31-334A-4A16-A767-AEA85B7A5B0D}_TIM_Tim Maw.job
2015-02-18 06:18 - 2014-08-15 12:29 - 00000616 ____C () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-02-18 06:18 - 2012-05-26 10:01 - 00000000 ___DC () C:\Documents and Settings\Tim Maw\Local Settings\Application Data\CRE
2015-02-17 22:53 - 2006-07-28 12:06 - 00000000 ___DC () C:\Program Files\Common Files\Microsoft Shared
2015-02-17 22:53 - 2006-07-28 10:12 - 00000000 ___DC () C:\Program Files\Messenger
2015-02-13 21:45 - 2013-07-17 20:35 - 00000000 ___DC () C:\WINDOWS\system32\MRT
2015-02-13 21:17 - 2006-09-16 09:00 - 113756392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-07 12:21 - 2006-07-28 12:00 - 00000000 ___DC () C:\WINDOWS\Help
2015-02-05 18:21 - 2012-03-31 15:20 - 00701616 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 18:21 - 2011-05-19 18:31 - 00071344 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-05 17:09 - 2008-02-06 23:23 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Kontiki
==================== Files in the root of some directories =======
2015-01-02 19:57 - 2015-01-03 14:20 - 0000664 ____C () C:\Documents and Settings\Tim Maw\Local Settings\Application Data\d3d9caps.dat
2006-11-08 21:38 - 2014-03-01 17:42 - 0180224 ____C () C:\Documents and Settings\Tim Maw\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-25 20:12 - 2013-01-25 20:12 - 0026900 ____C () C:\Documents and Settings\Tim Maw\Local Settings\Application Data\dt.dat
Files to move or delete:
====================
C:\Documents and Settings\Tim Maw\settings.dat

==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================

And the additional file:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-03-2015
Ran by Tim Maw at 2015-03-07 19:23:21
Running from C:\Documents and Settings\Tim Maw\Local Settings\Temporary Internet Files\Content.IE5\VSUTIMZE
Boot Mode: Normal
==========================================================

==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5751 - AVG Technologies)
AVG 2015 (Version: 15.0.4299 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5751 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM\...\AVG SafeGuard toolbar) (Version: 18.3.0.885 - AVG Technologies)
BBC iPlayer Desktop (HKLM\...\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1) (Version: 3.2.15 - British Broadcasting Corp.)
BBC iPlayer Desktop (Version: 3.2.15 - British Broadcasting Corp.) Hidden
BlueSoleil (HKLM\...\{63D1A44F-E1FD-4460-BE0A-8745012F67EF}) (Version: 1.6.4.0 Release 050920 - IVT Corporation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-2447-0000-800000000003}) (Version: 8.0.0 - Adobe Systems)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
Dropbox (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Google Chrome (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.802 - InterVideo Inc.)
Iomega Home Storage Manager (HKLM\...\{C08E4323-261D-4B2F-8F24-CDB26E2AA081}) (Version: 2.0.0.3 - Iomega Corporation an EMC Company)
Iomega Product Registration (HKLM\...\{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}) (Version: 7.24.0000 - Iomega Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Japanese Fonts Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5760-0000-800000000003}) (Version: 8.0 - Adobe Systems)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Juniper_Setup_Client) (Version: 7.1.5.14305 - Juniper Networks, Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Labtec USB NumPad for Notebook (HKLM\...\Wireless Keyboard) (Version: - )
Labtec WebCam Software (HKLM\...\{BF45F502-D3F2-4E7C-91D8-9AA5A8141D08}) (Version: 8.43.0000 - Labtec, Inc.)
Labtec® Camera Driver (HKLM\...\QcDrv) (Version: - )
Macromedia Flash Player 8 (HKLM\...\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}) (Version: 8.0.24.0 - Macromedia)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ActiveSync 3.7 (HKLM\...\Windows CE Services) (Version: - )
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Office 2000 SR-1 Small Business (HKLM\...\{00030409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.9327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Word Supplemental Templates and Wizards (HKLM\...\{E59219D4-23B8-11D3-A179-00C04F6C9FA4}) (Version: 1.0.0.0 - Microsoft Corp.)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: - )
Mozilla Firefox 9.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 9.0.1 (x86 en-GB)) (Version: 9.0.1 - Mozilla)
MSN (HKLM\...\MSNINST) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{DD090DED-AC90-4B12-915E-72511B7B1033}) (Version: 7.01.3771 - Nero AG)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.24 - Realtek Semiconductor Corp.)
Retrospect Express HD 2.5 (HKLM\...\{BCC57687-98A2-4C4C-B0F8-BC6B6F52D4E3}) (Version: 2.5.113 - EMC)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Skype Toolbars (HKLM\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4137 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Socket Low Power SDIO WLAN Driver for Windows Mobile 2003 (HKLM\...\{C7E70510-FC49-4096-827B-352EBA2931EB}) (Version: 1.0 - Socket Communications, Inc.)
Socket SDIO WLAN for Pocket PC 2002 (HKLM\...\{58D7ABED-CC06-4895-9A52-CB79E648040B}) (Version: - )
Software Update for Web Folders (Version: 9.60.6715.0 - Microsoft Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Spotify (HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\...\Spotify) (Version: 0.8.4.124.ga3559d86 - Spotify AB)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SystemDiagnostics (HKLM\...\{80B0B731-5FAE-475D-8844-20F46373780D}) (Version: 3.02.0010 - Fujitsu Technology Solutions)
TomTom HOME (HKLM\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VIA Rhine-Family Fast Ethernet Adapter (HKLM\...\VN_VUIns_Rhine_VIA) (Version: - )
VIA/S3G Display Driver (HKLM\...\VIA/S3G Display Driver) (Version: - )
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - WayTech (USBNumPad) HIDClass (02/01/2007 1.0) (HKLM\...\06F05CAF38E51FC65408601E057C686C6B5DEDEB) (Version: 02/01/2007 1.0 - WayTech)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0017.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Messenger 5.1 MUI Pack (HKLM\...\{F3CBA4E6-436E-4B51-9651-93830EE38616}) (Version: 5.1.0701 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XCSoar (HKLM\...\XCSoar) (Version: - )
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Chrome\Application\40.0.2214.115\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.25.11\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4203001677-3451174959-1684937818-1006_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Tim Maw\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
29-01-2015 21:35:27 System Checkpoint
29-01-2015 22:52:05 Installed AVG 2015
29-01-2015 22:52:49 Removed AVG 2012
29-01-2015 22:55:10 Installed AVG 2015
29-01-2015 23:04:20 Removed AVG 2012
29-01-2015 23:06:59 Removed AVG 2012
29-01-2015 23:10:13 Removed AVG 2012
05-02-2015 18:38:36 System Checkpoint
06-02-2015 19:52:55 System Checkpoint
13-02-2015 21:17:05 Software Distribution Service 3.0
17-02-2015 21:22:09 System Checkpoint
17-02-2015 22:53:11 Removed Windows Messenger 5.1
20-02-2015 20:32:12 System Checkpoint
25-02-2015 20:57:07 System Checkpoint
05-03-2015 06:48:09 System Checkpoint
06-03-2015 20:57:29 System Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-07-28 11:07 - 2014-03-23 14:24 - 00450622 ___RC C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Amazon Music Helper.job => C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4203001677-3451174959-1684937818-1006Core.job => C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4203001677-3451174959-1684937818-1006UA.job => C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\WINDOWS\Tasks\{AF928080-395A-4A8C-A920-B860A2CD2C68}_TIM_Tim Maw.job => C:\WINDOWS\system32\mobsync.exe
Task: C:\WINDOWS\Tasks\{B0047368-E51B-4388-ABA2-24003E0628F9}_TIM_Tim Maw.job => C:\WINDOWS\system32\mobsync.exe
Task: C:\WINDOWS\Tasks\{F31D6F31-334A-4A16-A767-AEA85B7A5B0D}_TIM_Tim Maw.job => C:\WINDOWS\system32\mobsync.exe
==================== Loaded Modules (whitelisted) ==============
2012-02-21 23:23 - 2011-02-28 22:37 - 00180624 ____C () C:\WINDOWS\system32\Primomonnt.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2006-07-28 11:10 - 2004-11-10 11:42 - 00065536 _____ () C:\WINDOWS\sm56eng.dll
2006-07-28 11:10 - 2004-11-02 09:12 - 00065536 _____ () C:\WINDOWS\sm56fra.dll
2006-07-28 11:10 - 2004-11-02 09:12 - 00065536 _____ () C:\WINDOWS\sm56brz.dll
2006-07-28 11:10 - 2004-11-11 08:16 - 00045056 _____ () C:\WINDOWS\sm56chs.dll
2006-07-28 11:10 - 2004-11-10 11:42 - 00045056 _____ () C:\WINDOWS\sm56cht.dll
2006-07-28 11:10 - 2004-11-02 09:12 - 00065536 _____ () C:\WINDOWS\sm56ger.dll
2006-07-28 11:10 - 2004-11-02 09:12 - 00065536 _____ () C:\WINDOWS\sm56itl.dll
2006-07-28 11:10 - 2004-11-10 11:42 - 00049152 _____ () C:\WINDOWS\sm56jpn.dll
2006-07-28 11:10 - 2004-11-02 09:12 - 00065536 _____ () C:\WINDOWS\sm56spn.dll
2005-04-06 16:03 - 2005-04-06 16:03 - 00110592 _____ () C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
2014-08-15 12:28 - 2014-05-13 11:04 - 00109400 ____C () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-15 12:28 - 2014-05-13 11:04 - 00416600 ____C () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-15 12:28 - 2014-05-13 11:04 - 00167768 ____C () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-06 09:44 - 2015-03-06 23:17 - 02503704 ____C () C:\Program Files\AVG SafeGuard toolbar\vprot.exe
2015-03-06 23:17 - 2015-03-06 23:17 - 00519704 ____C () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\log4cplusU.dll
2012-09-06 21:37 - 2012-09-06 21:37 - 01193176 ____C () C:\Documents and Settings\Tim Maw\Application Data\Spotify\Data\SpotifyWebHelper.exe
2014-01-03 18:50 - 2014-05-08 17:26 - 03145536 ____C () C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
2014-01-11 18:03 - 2005-03-14 13:55 - 00110592 ____C () C:\Program Files\Labtec NumPad\Magickey.exe
2014-01-11 18:03 - 2005-01-31 10:52 - 00040960 ____C () C:\Program Files\Labtec NumPad\WDAccess.dll
2014-08-15 12:28 - 2012-08-23 09:38 - 00574840 ____C () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-15 12:28 - 2012-04-03 16:06 - 00565640 ____C () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-03-06 23:17 - 2015-03-06 23:17 - 00159768 ____C () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AVG Anti-Spyware Driver => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AVG Anti-Spyware Guard => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4203001677-3451174959-1684937818-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\fsc_wallpaper_connect.bmp
HKU\S-1-5-21-4203001677-3451174959-1684937818-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\fsc_wallpaper_bridge.bmp
DNS Servers: 192.168.0.1 - 192.168.1.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Tim Maw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: RetroExpress => C:\PROGRA~1\RETROS~1\RETROS~1.5\RetroExpress.exe /h
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-4203001677-3451174959-1684937818-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-4203001677-3451174959-1684937818-1008 - Limited - Enabled)
Guest (S-1-5-21-4203001677-3451174959-1684937818-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-4203001677-3451174959-1684937818-1005 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-4203001677-3451174959-1684937818-1002 - Limited - Disabled)
Tim Maw (S-1-5-21-4203001677-3451174959-1684937818-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Tim Maw
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (03/07/2015 00:42:26 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\PROFILE.DEFAULT\PREFS-1.JS> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (02/25/2015 08:26:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\TIM MAW\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES LIBRARY GENIUS.ITDB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (02/22/2015 04:56:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application KService.exe, version 5.11.704.230, faulting module KService.exe, version 5.11.704.230, fault address 0x00209e6d.
Processing media-specific event for [KService.exe!ws!]
Error: (02/14/2015 00:43:34 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\PROFILE.DEFAULT\PREFS-1.JS> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (02/13/2015 10:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\CACHES\FIREFOX\ACTIVE-UPDATE-1.XML> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (01/31/2015 01:36:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\TIM MAW\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES LIBRARY GENIUS.ITDB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (01/31/2015 00:18:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second

System errors:
=============
Error: (03/07/2015 06:13:03 PM) (Source: DCOM) (EventID: 10010) (User: TIM)
Description: The server {83D70C88-12F2-4B69-B4E7-D2AF6DA1079B} did not register with DCOM within the required timeout.
Error: (03/07/2015 06:12:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The KService service terminated with the following error:
%%2147500037
Error: (03/07/2015 06:12:08 PM) (Source: DCOM) (EventID: 10010) (User: TIM)
Description: The server {8C9813D0-9FEA-4F37-AAF0-89D9C805B89F} did not register with DCOM within the required timeout.
Error: (03/07/2015 06:12:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The KService service terminated with the following error:
%%2147500037
Error: (03/07/2015 06:11:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd
SBRE
Error: (03/07/2015 06:11:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053
Error: (03/07/2015 06:11:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.
Error: (03/07/2015 06:11:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The KService service terminated with the following error:
%%2147500037
Error: (03/07/2015 01:59:52 PM) (Source: DCOM) (EventID: 10010) (User: TIM)
Description: The server {83D70C88-12F2-4B69-B4E7-D2AF6DA1079B} did not register with DCOM within the required timeout.
Error: (03/07/2015 01:59:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The KService service terminated with the following error:
%%2147500037

Microsoft Office Sessions:
=========================
Error: (03/07/2015 00:42:26 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\PROFILE.DEFAULT\PREFS-1.JS
Error: (02/25/2015 08:26:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\TIM MAW\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES LIBRARY GENIUS.ITDB-JOURNAL
Error: (02/22/2015 04:56:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: KService.exe5.11.704.230KService.exe5.11.704.23000209e6d
Error: (02/14/2015 00:43:34 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\PROFILE.DEFAULT\PREFS-1.JS
Error: (02/13/2015 10:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\TIM MAW\DESKTOP\TOR BROWSER\BROWSER\TORBROWSER\DATA\BROWSER\CACHES\FIREFOX\ACTIVE-UPDATE-1.XML
Error: (01/31/2015 01:36:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\TIM MAW\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES LIBRARY GENIUS.ITDB-JOURNAL
Error: (01/31/2015 00:18:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second
Error: (01/31/2015 00:18:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second

==================== Memory info ===========================
Processor: Intel(R) Celeron(R) M processor 1.70GHz
Percentage of memory in use: 61%
Total physical RAM: 1470.23 MB
Available physical RAM: 563.18 MB
Total Pagefile: 1994.54 MB
Available Pagefile: 1201 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.03 MB
==================== Drives ================================
Drive c: (412010) (Fixed) (Total:55.88 GB) (Free:5.41 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive u: () (Network) (Total:927.44 GB) (Free:674.05 GB)
Drive v: () (Network) (Total:927.44 GB) (Free:674.05 GB)
Drive w: () (Network) (Total:927.44 GB) (Free:674.05 GB)
Drive x: () (Network) (Total:927.44 GB) (Free:674.05 GB)
Drive y: () (Network) (Total:927.44 GB) (Free:674.05 GB)
Drive z: () (Network) (Total:927.44 GB) (Free:674.05 GB)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 55.9 GB) (Disk ID: 8AC5B2C0)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================

Many thanks!


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel(R) Celeron(R) M processor 1.70GHz, x86 Family 6 Model 13 Stepping 8
Processor Count: 1
RAM: 1470 Mb
Graphics Card: VIA/S3G UniChrome Pro IGP, 64 Mb
Hard Drives: C: Total - 57223 MB, Free - 5551 MB;
Motherboard: FUJITSU SIEMENS, AMILO L7320
Antivirus: AVG AntiVirus Free Edition 2015, Updated: Yes, On-Demand Scanner: Enabled

I have this-
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: AMD FX(tm)-8320 Eight-Core Processor, AMD64 Family 21 Model 2 Stepping 0
Processor Count: 8
RAM: 8191 Mb
Graphics Card: NVIDIA GeForce GTX 650, 1024 Mb
Hard Drives: C: Total - 953516 MB, Free - 675300 MB;
Motherboard: MSI, 760GMA-P34(FX) (MS-7641)
Antivirus: Windows Defender, Disabled. I checked to see and defender is enabled.

All of a sudden I am getting redirected when I try to go to a new page at what ever site I am at. Ads keep coming up in new windows and some block the view of the one I am in. I get this message a lot:

Warning ! Your pc may not be protected. If you see this message more than once, you need to call windos support @ 1-888-641-5093 immediatly. During this call you will receive assistance on how to remove malicious malware from your pc. Iread n another post to use malware bytes from a usb stick I'll try that in the mean time.

System Info:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz, Intel64 Family 6 Model 69 Stepping 1
Processor Count: 4
RAM: 8072 Mb
Graphics Card: Intel(R) HD Graphics Family, -1984 Mb
Hard Drives: C: Total - 944833 MB, Free - 379025 MB;
Motherboard: Dell Inc., 0XFXDP
Antivirus: BullGuard Antivirus, Updated and Enabled

First off, I have had great success in the past with removal of junk from my computer, and I wanted to say thanks for that and any future assistance I may receive.

Now, this is my main computer. I travel with it, it has all my important documents and whatnot. So I'm sure you understand how much this annoys me. This first came up a few weeks ago and I had multiple programs and extensions I didn't want. I have manually uninstalled all suspicious programs through the Control Panel and deleted the folders from the Program Files and (x86) folders. I also ran full scans with my anti-virus. The only piece remaining is the UNIDeaLse extension. The only way I can make it go away is to disable the Chrome extension, but obviously it's still there. Looking for some info for removing this.

Hello, I think my computer has been infected with a virus or Trojan or something. I have run antivirus (AVG) and it comes up clear. However, I keep getting this message: The module C:\Users\user|AppData\Local\Ushk...\iTunesHelper.dll failed to load.
Make sure the binary is stored at the specified path or debug it to check for problems with the binary or dependent .DLL files.
The specified module could not be found


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 4039 Mb
Graphics Card: Intel(R) HD Graphics, 1795 Mb
Hard Drives: C: Total - 476837 MB, Free - 436892 MB;
Motherboard: Acer, Aspire X3990
Antivirus: Windows Defender, Disabled

I think it started with a popout on 8th march 00:41 IST saying my location has been accessed(i have attached the screen shot).After few hours later when i boot up my laptop & few moments later my wallpaper changes automatically(theme),background colour then accent colour of my start screen.After watching few articles i have checked my Task Manager where 5-6 chrome(32-bit) are running with one tab active. As of now i have taken preliminary step of taking full scanning with my antiviruses : panda free antivirus,spyhunter premium,malwarebytes & found nothing. Now i m felling still unsafe because i can't take backup of HDD. What should i do now pls. suggest me. its first time being here. thnx. in advance..:up:

Attached Images

location access.png (97.7 KB)

Hi, I was hoping someone could hep me. For a while now I have had this reoccurring problem. I've been getting audio ads playing on my computer despite the fact that my browser is closed and that no video is playing at all. I have tried everything I can think of but I can't manage to get rid of it. I have used Kaspersky Internet Security, Malwarebytes Anti-Malware and SUPERAntiSpyware but none of them have been able to detect what is wrong. I have used Hijackthis to create this log and I as wondering if someone could take a look at it to help me identify any problems. Any assistance would be greatly appreciated.
Thank you!




Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 09:39:16, on 09/03/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)

Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
C:\ProgramData\FLEXnet\Connect\11\agent.exe
C:\Users\Invate\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\WINDOWS\syswow64\wwahost.exe
C:\Users\Invate\AppData\Local\Microsoft\Windows\INetCache\IE\UX087Y4R\Hijac kThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type...JXTXX938EW0JXT
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BookExpress_B6FU] "C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe"
O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - Startup: Dropbox.lnk = Invate\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab...l_4.5.15.0.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service 15.0.0 (AVP15.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Olympus DVR Service - OLYMPUS IMAGING CORP. - C:\Program Files (x86)\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: sopcastp2p - Unknown owner - C:\Program Files (x86)\SopCast\srvany.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9455 bytes

I keep getting warnings today from Avast. I thought at first that it was because I had downloaded several installation files for my laptop to Dropbox, but when I moved all those files to a thumb drive and deleted them from Dropbox, I'm still getting the warnings. I have no idea what to do about it.



Would appreciate any advice.
PegM

I have a Compaq Laptop running 32 bit Windows Vista Home Premium

It had a number of viruses and malware...

I have cleaned up about 99% of the junk and the computer is running fine except I cannot access any antivirus or malware removal sites..

I am connected to the internet and can get to Google, AOL, Yahoo.... ETC, but I can't update malwarebytes..

I can get to www.AVG.com, but not free,avg.com for example.. it does update through the AVG program

It appears something is blocking access to any site that would be used for removal of viruses..

When I try accessing one of these sites I get an error that "Internet explorer cannot display the web page"..

Tried using Google Chrome and get the error "This Webpage is not available:

I have run AVG and it is clean.. Ran Norton power eraser and it fixed one item.

Ran Combofix, malwarebytes and a few other cleaning tools, but nothing works..

I would hate to have to reformat just to be able to access a few sites


Any help would be greatly appreciated

Thank you for the quick reply. Will try your instruction tomorrow when I get back in town.
Thx
Joe