I really am at a loss with this one. My wife has taken to bringing machines home from work for me to look at. I'm currently fiddling with the Personnel Manager's machine, so I'd rather not [bleep] it up, hence posting on here. The original symptoms were that the C drive was full (it's an Acer Machine, got their stoopid partition thing on C) and that it was running very very slow. I've managed to cure the C drive issue, using G-Parted, (fantastic tool, that) so Windows is now trying to install updates and the like, now that it has the room. I've managed to install AVG too, (swear by it, don't try to convert me) and went to run it in Safe Mode, but it started a full scan, then hung out of it. It showed a screen when it hung, but it goes by so fast that I don't see it!!
Internet Explorer refuses to do very much in Safe Mode, and even less in Normal Mode. It appears to be re-directing, but never actually goes to a website. This is being posted on my own machine, with the OTL log moved between the machines on my dongle, as the laptop is unworkably slow. When I installed AVG, it tried to update itself, then hung two thirds of the way through. As I see it, there must be some kind of virus on there, but AVG refused to run all the way through. It doesn't appear that there has ever been any decent AV software on there (do Acer supply their machines with AV, I dunno......) so the machine must be absolutely crawling with nasties. I've not been supplied the Vista disc, so I can't really do a rebuild. Anyways, here's the OTL log, anyone got any ideas, as I'm stumped........
OTL logfile created on: 27/07/2012 17:00:13 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = F:\
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
765.45 Mb Total Physical Memory | 94.93 Mb Available Physical Memory | 12.40% Memory free
1.76 Gb Paging File | 0.79 Gb Available in Paging File | 44.70% Paging File free
Paging file location(s): d:\pagefile.sys 2000 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.08 Gb Total Space | 21.38 Gb Free Space | 44.47% Space Free | Partition Type: NTFS
Drive F: | 247.72 Mb Total Space | 247.15 Mb Free Space | 99.77% Space Free | Partition Type: FAT
Computer Name: PEGGYS-PC | User Name: Slatter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/27 15:17:16 | 000,597,504 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2012/07/27 14:19:04 | 000,830,048 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe
PRC - [2012/07/27 14:19:01 | 001,147,488 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/29 20:01:03 | 000,397,848 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2012/02/13 21:19:20 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.EXE
PRC - [2011/12/06 11:17:56 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/05/17 13:29:46 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/07/16 17:54:10 | 000,025,264 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
PRC - [2007/07/16 17:54:07 | 000,434,864 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
PRC - [2007/06/11 15:14:51 | 000,517,040 | ---- | M] ( ) -- C:\Windows\System32\lxdicoms.exe
========== Modules (No Company Name) ==========
MOD - [2012/07/27 14:19:05 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.5\SiteSafety.dll
MOD - [2012/07/27 14:19:01 | 001,147,488 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/04/23 12:01:12 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/03/22 12:02:38 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/02/18 08:48:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll
MOD - [2012/02/18 08:48:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll
MOD - [2012/02/18 08:40:53 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
MOD - [2012/02/18 08:39:01 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011/10/14 08:21:33 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2011/10/14 08:17:39 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2008/06/03 03:35:18 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007/07/16 17:54:10 | 000,025,264 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
MOD - [2007/07/16 17:54:07 | 000,434,864 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
MOD - [2007/05/02 10:11:55 | 000,040,960 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.Monitor.Core.dll
MOD - [2007/05/02 10:11:55 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.Monitor.Common.dll
MOD - [2007/05/02 10:10:58 | 000,057,344 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.MCMDevMon.dll
MOD - [2007/04/30 13:20:25 | 000,011,776 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll
MOD - [2007/04/30 13:19:51 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.ScanDevMon.dll
MOD - [2007/04/30 13:19:48 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.NetworkCardDevMon.dll
MOD - [2007/03/23 20:41:43 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiscw.dll
MOD - [2007/03/05 15:45:25 | 000,589,824 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxdidatr.dll
MOD - [2006/12/28 16:47:42 | 000,073,728 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxdicats.dll
MOD - [2001/04/16 17:39:02 | 000,037,808 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
========== Win32 Services (SafeList) ==========
SRV - [2012/07/27 14:19:04 | 000,830,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe -- (vToolbarUpdater12.1.5)
SRV - [2012/07/12 09:39:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/04/29 20:01:03 | 000,397,848 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/02/13 21:19:20 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/13 21:19:20 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.EXE -- (BBSvc)
SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/11 15:14:51 | 000,517,040 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/06/11 15:14:42 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
SRV - [2007/01/09 11:34:38 | 000,024,576 | ---- | M] (Acer Inc.) [Disabled | Stopped] -- C:\Acer\Empowering Technology\eLock\service\eLockServ.exe -- (eLockService)
SRV - [2007/01/02 09:33:24 | 000,135,168 | ---- | M] (acer) [Disabled | Stopped] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2006/12/28 20:07:22 | 000,126,976 | ---- | M] (Acer Inc.) [Disabled | Stopped] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/07/27 14:19:06 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2009/09/05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/06/03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/06/03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/04/04 02:03:01 | 000,076,928 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2007/04/04 02:03:01 | 000,062,208 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2007/04/04 02:03:01 | 000,042,240 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006/11/27 10:36:08 | 000,085,800 | ---- | M] (Acer, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eLock2FSCTLDriver.sys -- (eLock2FSCTLDriver)
DRV - [2006/11/27 10:36:02 | 000,024,360 | ---- | M] (Acer, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\eLock2burnerlockdriver.sys -- (eLock2BurnerLockDriver)
DRV - [2006/08/04 03:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2000/03/29 17:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MASPINT.SYS -- (MASPINT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80506
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...id=80506&lng=en
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 33 6A 00 F9 6B CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....fr&d=2012-07-27 14:19:08&v=12.1.0.21&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.5\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Broadband\advisor\nprpspa.dll (Radialpoint Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/21 18:52:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/27 14:16:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.1.0.21\ [2012/07/27 14:19:16 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files\PricePeep\pricepeep.dll (PricePeep)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [lxdiamon] C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe ()
O4 - HKLM..\Run: [lxdimon.exe] C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe ()
O4 - HKLM..\Run: [RegWork] C:\Program Files\RegWork\RegWork.exe (Honlyn (Macao Commercial Offshore) Limited)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6903F874-BC61-48ED-B439-3C092CC2911F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF1084F6-3144-460B-8FBE-0809306B354A}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) - C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) - C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/27 14:20:18 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Roaming\AVG2012
[2012/07/27 14:19:34 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Local\AVG Secure Search
[2012/07/27 14:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/07/27 14:19:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/07/27 14:19:06 | 000,027,496 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012/07/27 14:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/07/27 14:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/07/27 14:15:53 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/07/27 14:15:53 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/07/27 14:15:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2012/07/27 14:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/07/27 14:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/07/27 14:10:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/07/27 14:05:47 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Roaming\Adobe
[2012/07/27 14:01:27 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Roaming\Google
[2012/07/27 14:00:16 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Roaming\Yahoo!
[2012/07/27 13:59:44 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Local\Google
[2012/07/27 13:50:34 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Roaming\Real
[2012/07/27 13:50:18 | 000,000,000 | R--D | C] -- C:\Users\Slatter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/07/27 13:50:18 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Searches
[2012/07/27 13:50:18 | 000,000,000 | R--D | C] -- C:\Users\Slatter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/07/27 13:50:08 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Roaming\Identities
[2012/07/27 13:50:06 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Contacts
[2012/07/27 13:50:04 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Local\VirtualStore
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\AppData\Local\Temporary Internet Files
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\Templates
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\Start Menu
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\SendTo
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\Recent
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\PrintHood
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\NetHood
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\Documents\My Videos
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\Documents\My Pictures
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\Documents\My Music
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\My Documents
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\Local Settings
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\AppData\Local\History
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\Cookies
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\Application Data
[2012/07/27 13:49:52 | 000,000,000 | -HSD | C] -- C:\Users\Slatter\AppData\Local\Application Data
[2012/07/27 13:49:51 | 000,000,000 | --SD | C] -- C:\Users\Slatter\AppData\Roaming\Microsoft
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Videos
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Saved Games
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Pictures
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Music
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Links
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Favorites
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Downloads
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Documents
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\Desktop
[2012/07/27 13:49:51 | 000,000,000 | R--D | C] -- C:\Users\Slatter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/07/27 13:49:51 | 000,000,000 | -H-D | C] -- C:\Users\Slatter\AppData
[2012/07/27 13:49:51 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Local\Temp
[2012/07/27 13:49:51 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Local\Microsoft
[2012/07/27 13:49:51 | 000,000,000 | ---D | C] -- C:\Users\Slatter\AppData\Roaming\Macromedia
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/27 17:11:47 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/27 16:51:22 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/27 16:50:07 | 000,004,336 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/27 16:50:06 | 000,004,336 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/27 16:49:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/27 16:49:37 | 000,228,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/27 16:39:27 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/27 15:22:49 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/27 15:22:49 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/27 14:30:31 | 064,482,175 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/07/27 14:19:22 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/07/27 14:19:06 | 000,027,496 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012/07/27 14:13:27 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/27 13:58:48 | 000,000,943 | ---- | M] () -- C:\Users\Slatter\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/27 14:30:31 | 064,482,175 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/07/27 14:19:22 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/07/27 14:13:27 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/27 13:58:48 | 000,000,943 | ---- | C] () -- C:\Users\Slatter\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/07/27 13:50:19 | 000,000,949 | ---- | C] () -- C:\Users\Slatter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/07/27 13:50:17 | 000,000,944 | ---- | C] () -- C:\Users\Slatter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/07/27 13:50:06 | 000,000,915 | ---- | C] () -- C:\Users\Slatter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/07/27 13:49:52 | 000,000,258 | ---- | C] () -- C:\Users\Slatter\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/07/27 13:49:52 | 000,000,240 | ---- | C] () -- C:\Users\Slatter\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/12/18 10:26:22 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/06/06 10:16:21 | 000,000,315 | ---- | C] () -- C:\ProgramData\lxdi
========== LOP Check ==========
[2012/07/27 14:20:18 | 000,000,000 | ---D | M] -- C:\Users\Slatter\AppData\Roaming\AVG2012
[2012/05/18 01:36:55 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\Regwork.job
[2012/07/27 16:41:06 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
And here are the results from the Extras.txt
OTL Extras logfile created on: 27/07/2012 17:00:13 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = F:\
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
765.45 Mb Total Physical Memory | 94.93 Mb Available Physical Memory | 12.40% Memory free
1.76 Gb Paging File | 0.79 Gb Available in Paging File | 44.70% Paging File free
Paging file location(s): d:\pagefile.sys 2000 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.08 Gb Total Space | 21.38 Gb Free Space | 44.47% Space Free | Partition Type: NTFS
Drive F: | 247.72 Mb Total Space | 247.15 Mb Free Space | 99.77% Space Free | Partition Type: FAT
Computer Name: PEGGYS-PC | User Name: Slatter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0059456D-61F0-44F5-BDE6-3BCB5198DB8D}" = protocol=17 | dir=in | app=c:\program files\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{0F549EC6-160C-424B-9AA6-22E4BA418342}" = protocol=17 | dir=in | app=c:\windows\system32\lxdicoms.exe |
"{11753F1A-4616-48E2-90C4-BBCE8C03BED3}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe |
"{11A58EEF-CE8A-413E-A67D-81516CB2620C}" = protocol=17 | dir=in | app=e:\libneap.dll |
"{11ECB058-B143-473E-A824-5CA4C1AE94A9}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{1948CDDF-58B7-4FE5-9CA8-0C986380DDFA}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{2DDA5583-C6FC-45C9-BF7E-0B8DD197A7DE}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe |
"{39C5EC7B-57E4-48EB-A7F1-EE28B60DCA9A}" = protocol=6 | dir=in | app=e:\dwizard615.exe |
"{3A6F9791-94A7-4AEA-8D09-28FEB720214F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{3D7F6395-1169-40AD-A59B-1C15C473C202}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{521AF48F-EA19-4BAE-B6D2-1B24CC8F30C3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{5D92DE86-31DE-41DA-92BE-36D8695BF68F}" = protocol=6 | dir=in | app=c:\program files\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{6F70A7E2-0AC0-445C-81A3-748FFABC6ED7}" = protocol=17 | dir=in | app=e:\dwizard615.exe |
"{9220E386-1547-4EB4-A994-659EB022F5C2}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe |
"{9F22AC8F-753A-4471-A9D6-111A5D5C2FD2}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe |
"{A06E4480-D8FF-47C0-B2E9-430E21CC0B4C}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe |
"{B9E54787-2063-4378-A39E-E409185BC3B7}" = protocol=6 | dir=in | app=c:\windows\system32\lxdicoms.exe |
"{C6A26C8A-993B-4272-B739-EF762C47A9FE}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{CBCA9CBA-B373-4129-A591-D2053ECC90B9}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{D7AD3B15-D38B-472A-8457-62B0C50DD4BC}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{D9DD61E0-440F-4135-842A-1219A7D0D42F}" = protocol=6 | dir=in | app=e:\libneap.dll |
"{DC985FD1-710B-44E5-8B58-58E1C68E2AC8}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe |
"TCP Query User{16F4F4EF-AB7C-467F-8A6A-5C2BD2CB1133}C:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe |
"TCP Query User{1F5BAAF9-795A-40AB-9CC8-7F915D9ACDEA}C:\program files\lexmark 3500-4500 series\app4r.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe |
"TCP Query User{21789A9E-52C8-4EB0-81A9-6559C0A6B709}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe |
"TCP Query User{5877E22F-C2EC-457E-BBA0-ED9D628A6C55}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{7C84BFF9-0698-4891-8364-56561622C1E5}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{BB5C0417-5C51-4B16-9E6D-7E253A2C04B8}C:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe |
"TCP Query User{CA8AFB43-E8F8-4F6D-ADFC-C15540769AA0}C:\program files\lexmark 3500-4500 series\lxdimon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe |
"TCP Query User{D931A536-D834-47DF-A94C-6D8C1FCEC753}C:\program files\lexmark 3500-4500 series\lxdiamon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe |
"TCP Query User{F43E8437-DDA3-48B6-8D8E-C1CEE1955EDE}C:\program files\nero\nero 7\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero home\nerohome.exe |
"UDP Query User{0E04E796-42D4-4A22-9B4B-A755F81AA102}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe |
"UDP Query User{173793EC-6B75-4E22-9166-3D87BD65AE66}C:\program files\lexmark 3500-4500 series\lxdiamon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe |
"UDP Query User{33D82380-323F-41E8-9898-CEC929253C38}C:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe |
"UDP Query User{3A3953F0-80AA-4399-BC63-A9DD0F4954E1}C:\program files\lexmark 3500-4500 series\lxdimon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe |
"UDP Query User{3BD26C3A-F22E-4618-AB38-83CC28B61FE4}C:\program files\nero\nero 7\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero home\nerohome.exe |
"UDP Query User{5327BAD5-F4C1-4F7E-9F88-4EC6BF19A35C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{55A6A1DA-9A03-4B43-9B93-AB60A249B2AE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{B52F4DA8-023E-4E54-B5E0-3B6C397F7A00}C:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe |
"UDP Query User{F816BE12-9239-4AA7-A8C4-7DCD22ADE2FF}C:\program files\lexmark 3500-4500 series\app4r.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01B6480D-3937-4E82-AB2C-8E4C591BEFE5}" = Broadband Help
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{16793295-2366-40F7-A045-A3E42A81365E}" = Bing Bar
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B4AA674-F5CA-4BB5-831A-CD37B4021959}" = ImageMixer for Sony
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43FFE159-3199-4188-A1CD-629166AD1033}" = Nero 7 Premium
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{A7F42FF0-05F0-47E7-9758-D68C37EDE7EF}" = Tesco PhotoRestyle
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{F55A5517-4AD4-4F5D-9290-2862E623C12B}" = Tesco Complete Office
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced Registry Optimizer_is1" = Advanced Registry Optimizer
"AVG" = AVG 2012
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Google Updater" = Google Updater
"iLivid" = iLivid
"Lexmark 3500-4500 Series" = Lexmark 3500-4500 Series
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MWASPI" = MicroStaff WINASPI
"MyTomTom" = MyTomTom 3.1.0.530
"PricePeep" = PricePeep for Internet Explorer
"RadialpointClientGateway_is1" = Virgin Broadband advisor 1.5.24
"RealPlayer 15.0" = RealPlayer
"RegWork" = RegWork
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tesco Personal Finance 1.0" = Tesco Personal Finance 1.0
"Updater Service" = Updater Service
"VooMuuSA" = VooMuu
"Windows Searchqu Toolbar" = Windows iLivid Toolbar
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16/10/2011 02:05:08 | Computer Name = Peggys-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16/10/2011 02:05:08 | Computer Name = Peggys-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16/10/2011 02:05:10 | Computer Name = Peggys-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16/10/2011 02:05:10 | Computer Name = Peggys-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16/10/2011 02:05:12 | Computer Name = Peggys-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16/10/2011 02:05:12 | Computer Name = Peggys-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16/10/2011 02:06:47 | Computer Name = Peggys-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16/10/2011 02:06:47 | Computer Name = Peggys-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 28/10/2011 03:18:42 | Computer Name = Peggys-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 28/10/2011 03:33:41 | Computer Name = Peggys-PC | Source = EventSystem | ID = 4621
Description =
[ System Events ]
Error - 27/07/2012 09:26:40 | Computer Name = Peggys-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 27/07/2012 09:26:40 | Computer Name = Peggys-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27/07/2012 09:28:00 | Computer Name = Peggys-PC | Source = DCOM | ID = 10005
Description =
Error - 27/07/2012 09:28:12 | Computer Name = Peggys-PC | Source = Service Control Manager | ID = 7024
Description =
Error - 27/07/2012 09:28:12 | Computer Name = Peggys-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 27/07/2012 09:28:12 | Computer Name = Peggys-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 27/07/2012 09:28:12 | Computer Name = Peggys-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27/07/2012 11:50:51 | Computer Name = Peggys-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 27/07/2012 11:50:51 | Computer Name = Peggys-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27/07/2012 11:58:46 | Computer Name = Peggys-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >