Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Police Ransom Virus
Message
<blockquote data-quote="edward1" data-source="post: 93315" data-attributes="member: 4314"><p>OK.Here goes..............</p><p>OTL Extras logfile created on: 02/01/2013 14:39:02 - Run 1</p><p>OTL by OldTimer - Version 3.2.69.0 Folder = D:\</p><p>Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation</p><p>Internet Explorer (Version = 8.0.6001.18702)</p><p>Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy</p><p> </p><p>1023.29 Mb Total Physical Memory | 673.79 Mb Available Physical Memory | 65.85% Memory free</p><p>2.41 Gb Paging File | 2.11 Gb Available in Paging File | 87.72% Paging File free</p><p>Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]</p><p> </p><p>%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files</p><p>Drive C: | 232.88 Gb Total Space | 158.20 Gb Free Space | 67.93% Space Free | Partition Type: NTFS</p><p>Drive D: | 7.20 Gb Total Space | 7.11 Gb Free Space | 98.78% Space Free | Partition Type: FAT32</p><p> </p><p>Computer Name: PETERCOMPUTERNO | User Name: Jane | Logged in as Administrator.</p><p>Boot Mode: Normal | Scan Mode: All users</p><p>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days</p><p> </p><p><span style="color: #E56717">========== Extra Registry (SafeList) ==========</span></p><p> </p><p> </p><p><span style="color: #E56717">========== File Associations ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]</p><p>.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*</p><p>.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)</p><p> </p><p>[HKEY_USERS\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Classes\<extension>]</p><p>.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)</p><p> </p><p><span style="color: #E56717">========== Shell Spawning ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]</p><p>batfile [open] -- "%1" %*</p><p>cmdfile [open] -- "%1" %*</p><p>comfile [open] -- "%1" %*</p><p>cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*</p><p>exefile [open] -- "%1" %*</p><p>http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)</p><p>https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)</p><p>piffile [open] -- "%1" %*</p><p>regfile [merge] -- Reg Error: Key error.</p><p>scrfile [config] -- "%1"</p><p>scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l</p><p>scrfile [open] -- "%1" /S</p><p>txtfile [edit] -- Reg Error: Key error.</p><p>Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1</p><p>Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)</p><p>Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)</p><p>Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)</p><p>Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)</p><p>Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)</p><p>Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)</p><p> </p><p><span style="color: #E56717">========== Security Center Settings ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]</p><p>"FirstRunDisabled" = 1</p><p>"AntiVirusDisableNotify" = 0</p><p>"FirewallDisableNotify" = 0</p><p>"UpdatesDisableNotify" = 0</p><p>"AntiVirusOverride" = 0</p><p>"FirewallOverride" = 0</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]</p><p> </p><p><span style="color: #E56717">========== System Restore Settings ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]</p><p>"DisableSR" = 0</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]</p><p>"Start" = 0</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]</p><p>"Start" = 2</p><p> </p><p><span style="color: #E56717">========== Firewall Settings ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]</p><p> </p><p><span style="color: #E56717">========== Authorized Applications List ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]</p><p>"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite112" alt=":mad:" title="Mad :mad:" loading="lazy" data-shortname=":mad:" />xpsp2res.dll,-22019 -- (Microsoft Corporation)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe</p><p>"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe</p><p>"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)</p><p>"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite112" alt=":mad:" title="Mad :mad:" loading="lazy" data-shortname=":mad:" />xpsp3res.dll,-20000 -- (Microsoft Corporation)</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]</p><p>"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite112" alt=":mad:" title="Mad :mad:" loading="lazy" data-shortname=":mad:" />xpsp2res.dll,-22019 -- (Microsoft Corporation)</p><p>"C:\Program Files\TalkTalk\agent\bin\bcont.exe" = C:\Program Files\TalkTalk\agent\bin\bcont.exe:*:Enabled:bcont.exe -- (SupportSoft, Inc.)</p><p>"C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe" = C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe:*:Enabled:tgsrvc.exe -- (SupportSoft, Inc.)</p><p>"C:\Program Files\TalkTalk\agent\bin\bcont_nm.exe" = C:\Program Files\TalkTalk\agent\bin\bcont_nm.exe:*:Enabled:bcont_nm.exe -- (SupportSoft, Inc.)</p><p>"C:\Program Files\TalkTalk\bin\sprtcmd.exe" = C:\Program Files\TalkTalk\bin\sprtcmd.exe:*:Enabled:sprtcmd.exe -- (SupportSoft, Inc.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe</p><p>"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe</p><p>"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)</p><p>"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite112" alt=":mad:" title="Mad :mad:" loading="lazy" data-shortname=":mad:" />xpsp3res.dll,-20000 -- (Microsoft Corporation)</p><p>"C:\Program Files\Deluge\deluge.exe" = C:\Program Files\Deluge\deluge.exe:*<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin :D" loading="lazy" data-shortname=":D" />isabled:deluge -- ()</p><p>"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- (VideoLAN)</p><p>"C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin :D" loading="lazy" data-shortname=":D" />TX broker</p><p>"C:\Documents and Settings\Jane\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Jane\Application Data\Spotify\spotify.exe:*:Enabled:Spotify</p><p>"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin :D" loading="lazy" data-shortname=":D" />aemonu.exe -- (NVIDIA Corporation)</p><p>"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)</p><p>"C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe" = C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe:*:Enabled:Search-Results Toolbar DTX Broker -- (APN LLC)</p><p> </p><p> </p><p><span style="color: #E56717">========== HKEY_LOCAL_MACHINE Uninstall List ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]</p><p>"{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1</p><p>"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460" = Canon MP460</p><p>"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148</p><p>"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9</p><p>"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1</p><p>"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth</p><p>"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP</p><p>"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater</p><p>"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver</p><p>"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly</p><p>"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2</p><p>"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0</p><p>"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime</p><p>"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update</p><p>"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar</p><p>"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01</p><p>"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules</p><p>"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system</p><p>"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003</p><p>"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite</p><p>"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc</p><p>"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution</p><p>"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2</p><p>"{A88E1685-1986-4A86-8E88-5FE1E727D026}" = RealDownloader</p><p>"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper</p><p>"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime</p><p>"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)</p><p>"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime</p><p>"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 310.70</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 310.70</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components</p><p>"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader</p><p>"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware</p><p>"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2</p><p>"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery</p><p>"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1</p><p>"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1</p><p>"{D084B1A9-153B-409D-AEBF-C40FCEF925EA}" = TalkTalk Assist & Go</p><p>"{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software</p><p>"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86</p><p>"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219</p><p>"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support</p><p>"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)</p><p>"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX</p><p>"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin</p><p>"alotAppbar" = ALOT Appbar</p><p>"ArcSoft Camera Suite" = ArcSoft Camera Suite</p><p>"avast" = avast! Free Antivirus</p><p>"CanonMyPrinter" = Canon My Printer</p><p>"CCleaner" = CCleaner</p><p>"Easy-WebPrint EX" = Canon Easy-WebPrint EX</p><p>"GBox" = GBox Updater</p><p>"Google Chrome" = Google Chrome</p><p>"GridinSoft Trojan Killer" = Trojan Killer</p><p>"HitmanPro37" = HitmanPro 3.7</p><p>"HPOCR" = OCR Software by I.R.I.S. 13.0</p><p>"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs</p><p>"ie8" = Windows Internet Explorer 8</p><p>"ilividtoolbarguid" = Search-Results Toolbar</p><p>"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1</p><p>"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1</p><p>"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)</p><p>"MozillaMaintenanceService" = Mozilla Maintenance Service</p><p>"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP</p><p>"NeroMultiInstaller!UninstallKey" = Nero Suite</p><p>"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs</p><p>"Nokia Suite" = Nokia Suite</p><p>"PriceGong" = PriceGong 2.5.0</p><p>"RealPlayer 16.0" = RealPlayer</p><p>"Recuva" = Recuva</p><p>"SProtector" = SProtector 1.55</p><p>"TomTom HOME" = TomTom HOME 2.8.3.2499</p><p>"Unlocker" = Unlocker 1.9.1</p><p>"VLC media player" = VLC media player 2.0.4</p><p>"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9</p><p>"Windows Media Format Runtime" = Windows Media Format 11 runtime</p><p>"Windows Media Player" = Windows Media Player 11</p><p>"Windows XP Service Pack" = Windows XP Service Pack 3</p><p>"WinRAR archiver" = WinRAR 4.00 (32-bit)</p><p>"WinX DVD Author_is1" = WinX DVD Author 6.0</p><p>"WMFDist11" = Windows Media Format 11 runtime</p><p>"wmp11" = Windows Media Player 11</p><p>"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9</p><p> </p><p><span style="color: #E56717">========== HKEY_USERS Uninstall List ==========</span></p><p> </p><p>[HKEY_USERS\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]</p><p> </p><p><span style="color: #E56717">========== Last 20 Event Log Errors ==========</span></p><p> </p><p>[ Application Events ]</p><p>Error - 31/12/2012 06:32:44 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This network connection does not exist. </p><p> </p><p>Error - 31/12/2012 06:33:24 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This network connection does not exist. </p><p> </p><p>Error - 31/12/2012 06:33:27 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This network connection does not exist. </p><p> </p><p>Error - 31/12/2012 06:33:28 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This network connection does not exist. </p><p> </p><p>Error - 31/12/2012 06:33:33 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This network connection does not exist. </p><p> </p><p>Error - 31/12/2012 06:35:58 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000</p><p>Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module</p><p> oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e.</p><p> </p><p>Error - 31/12/2012 06:37:44 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000</p><p>Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module</p><p> oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e.</p><p> </p><p>Error - 31/12/2012 08:00:44 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000</p><p>Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module</p><p> oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e.</p><p> </p><p>Error - 31/12/2012 13:59:54 | Computer Name = PETERCOMPUTERNO | Source = Application Hang | ID = 1002</p><p>Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module</p><p> hungapp, version 0.0.0.0, hang address 0x00000000.</p><p> </p><p>Error - 31/12/2012 14:00:33 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This operation returned because the timeout period expired. </p><p> </p><p>[ System Events ]</p><p>Error - 02/01/2013 10:40:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:41:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:41:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:42:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:42:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:43:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:43:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:44:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:44:19 | Computer Name = PETERCOMPUTERNO | Source = Windows Update Agent | ID = 16</p><p>Description = Unable to Connect: Windows is unable to connect to the automatic updates</p><p> service and therefore cannot download and install updates according to the set </p><p>schedule. Windows will continue to try to establish a connection.</p><p> </p><p>Error - 02/01/2013 10:44:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p> </p><p>< End of report ></p><p></p><p>OTL Extras logfile created on: 02/01/2013 14:39:02 - Run 1</p><p>OTL by OldTimer - Version 3.2.69.0 Folder = D:\</p><p>Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation</p><p>Internet Explorer (Version = 8.0.6001.18702)</p><p>Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy</p><p> </p><p>1023.29 Mb Total Physical Memory | 673.79 Mb Available Physical Memory | 65.85% Memory free</p><p>2.41 Gb Paging File | 2.11 Gb Available in Paging File | 87.72% Paging File free</p><p>Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]</p><p> </p><p>%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files</p><p>Drive C: | 232.88 Gb Total Space | 158.20 Gb Free Space | 67.93% Space Free | Partition Type: NTFS</p><p>Drive D: | 7.20 Gb Total Space | 7.11 Gb Free Space | 98.78% Space Free | Partition Type: FAT32</p><p> </p><p>Computer Name: PETERCOMPUTERNO | User Name: Jane | Logged in as Administrator.</p><p>Boot Mode: Normal | Scan Mode: All users</p><p>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days</p><p> </p><p><span style="color: #E56717">========== Extra Registry (SafeList) ==========</span></p><p> </p><p> </p><p><span style="color: #E56717">========== File Associations ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]</p><p>.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*</p><p>.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)</p><p> </p><p>[HKEY_USERS\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Classes\<extension>]</p><p>.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)</p><p> </p><p><span style="color: #E56717">========== Shell Spawning ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]</p><p>batfile [open] -- "%1" %*</p><p>cmdfile [open] -- "%1" %*</p><p>comfile [open] -- "%1" %*</p><p>cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*</p><p>exefile [open] -- "%1" %*</p><p>http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)</p><p>https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)</p><p>piffile [open] -- "%1" %*</p><p>regfile [merge] -- Reg Error: Key error.</p><p>scrfile [config] -- "%1"</p><p>scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l</p><p>scrfile [open] -- "%1" /S</p><p>txtfile [edit] -- Reg Error: Key error.</p><p>Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1</p><p>Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)</p><p>Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)</p><p>Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)</p><p>Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)</p><p>Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)</p><p>Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)</p><p> </p><p><span style="color: #E56717">========== Security Center Settings ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]</p><p>"FirstRunDisabled" = 1</p><p>"AntiVirusDisableNotify" = 0</p><p>"FirewallDisableNotify" = 0</p><p>"UpdatesDisableNotify" = 0</p><p>"AntiVirusOverride" = 0</p><p>"FirewallOverride" = 0</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]</p><p> </p><p><span style="color: #E56717">========== System Restore Settings ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]</p><p>"DisableSR" = 0</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]</p><p>"Start" = 0</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]</p><p>"Start" = 2</p><p> </p><p><span style="color: #E56717">========== Firewall Settings ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]</p><p> </p><p><span style="color: #E56717">========== Authorized Applications List ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]</p><p>"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite112" alt=":mad:" title="Mad :mad:" loading="lazy" data-shortname=":mad:" />xpsp2res.dll,-22019 -- (Microsoft Corporation)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe</p><p>"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe</p><p>"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)</p><p>"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite112" alt=":mad:" title="Mad :mad:" loading="lazy" data-shortname=":mad:" />xpsp3res.dll,-20000 -- (Microsoft Corporation)</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]</p><p>"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite112" alt=":mad:" title="Mad :mad:" loading="lazy" data-shortname=":mad:" />xpsp2res.dll,-22019 -- (Microsoft Corporation)</p><p>"C:\Program Files\TalkTalk\agent\bin\bcont.exe" = C:\Program Files\TalkTalk\agent\bin\bcont.exe:*:Enabled:bcont.exe -- (SupportSoft, Inc.)</p><p>"C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe" = C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe:*:Enabled:tgsrvc.exe -- (SupportSoft, Inc.)</p><p>"C:\Program Files\TalkTalk\agent\bin\bcont_nm.exe" = C:\Program Files\TalkTalk\agent\bin\bcont_nm.exe:*:Enabled:bcont_nm.exe -- (SupportSoft, Inc.)</p><p>"C:\Program Files\TalkTalk\bin\sprtcmd.exe" = C:\Program Files\TalkTalk\bin\sprtcmd.exe:*:Enabled:sprtcmd.exe -- (SupportSoft, Inc.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe</p><p>"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)</p><p>"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe</p><p>"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)</p><p>"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite112" alt=":mad:" title="Mad :mad:" loading="lazy" data-shortname=":mad:" />xpsp3res.dll,-20000 -- (Microsoft Corporation)</p><p>"C:\Program Files\Deluge\deluge.exe" = C:\Program Files\Deluge\deluge.exe:*<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin :D" loading="lazy" data-shortname=":D" />isabled:deluge -- ()</p><p>"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- (VideoLAN)</p><p>"C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin :D" loading="lazy" data-shortname=":D" />TX broker</p><p>"C:\Documents and Settings\Jane\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Jane\Application Data\Spotify\spotify.exe:*:Enabled:Spotify</p><p>"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin :D" loading="lazy" data-shortname=":D" />aemonu.exe -- (NVIDIA Corporation)</p><p>"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)</p><p>"C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe" = C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe:*:Enabled:Search-Results Toolbar DTX Broker -- (APN LLC)</p><p> </p><p> </p><p><span style="color: #E56717">========== HKEY_LOCAL_MACHINE Uninstall List ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]</p><p>"{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1</p><p>"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460" = Canon MP460</p><p>"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148</p><p>"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9</p><p>"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1</p><p>"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth</p><p>"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP</p><p>"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater</p><p>"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver</p><p>"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly</p><p>"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2</p><p>"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0</p><p>"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime</p><p>"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update</p><p>"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar</p><p>"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01</p><p>"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules</p><p>"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system</p><p>"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003</p><p>"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite</p><p>"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc</p><p>"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution</p><p>"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2</p><p>"{A88E1685-1986-4A86-8E88-5FE1E727D026}" = RealDownloader</p><p>"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper</p><p>"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime</p><p>"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)</p><p>"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime</p><p>"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 310.70</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 310.70</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application</p><p>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components</p><p>"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader</p><p>"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware</p><p>"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2</p><p>"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery</p><p>"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1</p><p>"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1</p><p>"{D084B1A9-153B-409D-AEBF-C40FCEF925EA}" = TalkTalk Assist & Go</p><p>"{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software</p><p>"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86</p><p>"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219</p><p>"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support</p><p>"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)</p><p>"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX</p><p>"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin</p><p>"alotAppbar" = ALOT Appbar</p><p>"ArcSoft Camera Suite" = ArcSoft Camera Suite</p><p>"avast" = avast! Free Antivirus</p><p>"CanonMyPrinter" = Canon My Printer</p><p>"CCleaner" = CCleaner</p><p>"Easy-WebPrint EX" = Canon Easy-WebPrint EX</p><p>"GBox" = GBox Updater</p><p>"Google Chrome" = Google Chrome</p><p>"GridinSoft Trojan Killer" = Trojan Killer</p><p>"HitmanPro37" = HitmanPro 3.7</p><p>"HPOCR" = OCR Software by I.R.I.S. 13.0</p><p>"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs</p><p>"ie8" = Windows Internet Explorer 8</p><p>"ilividtoolbarguid" = Search-Results Toolbar</p><p>"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1</p><p>"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1</p><p>"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)</p><p>"MozillaMaintenanceService" = Mozilla Maintenance Service</p><p>"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP</p><p>"NeroMultiInstaller!UninstallKey" = Nero Suite</p><p>"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs</p><p>"Nokia Suite" = Nokia Suite</p><p>"PriceGong" = PriceGong 2.5.0</p><p>"RealPlayer 16.0" = RealPlayer</p><p>"Recuva" = Recuva</p><p>"SProtector" = SProtector 1.55</p><p>"TomTom HOME" = TomTom HOME 2.8.3.2499</p><p>"Unlocker" = Unlocker 1.9.1</p><p>"VLC media player" = VLC media player 2.0.4</p><p>"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9</p><p>"Windows Media Format Runtime" = Windows Media Format 11 runtime</p><p>"Windows Media Player" = Windows Media Player 11</p><p>"Windows XP Service Pack" = Windows XP Service Pack 3</p><p>"WinRAR archiver" = WinRAR 4.00 (32-bit)</p><p>"WinX DVD Author_is1" = WinX DVD Author 6.0</p><p>"WMFDist11" = Windows Media Format 11 runtime</p><p>"wmp11" = Windows Media Player 11</p><p>"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9</p><p> </p><p><span style="color: #E56717">========== HKEY_USERS Uninstall List ==========</span></p><p> </p><p>[HKEY_USERS\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]</p><p> </p><p><span style="color: #E56717">========== Last 20 Event Log Errors ==========</span></p><p> </p><p>[ Application Events ]</p><p>Error - 31/12/2012 06:32:44 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This network connection does not exist. </p><p> </p><p>Error - 31/12/2012 06:33:24 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This network connection does not exist. </p><p> </p><p>Error - 31/12/2012 06:33:27 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This network connection does not exist. </p><p> </p><p>Error - 31/12/2012 06:33:28 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This network connection does not exist. </p><p> </p><p>Error - 31/12/2012 06:33:33 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This network connection does not exist. </p><p> </p><p>Error - 31/12/2012 06:35:58 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000</p><p>Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module</p><p> oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e.</p><p> </p><p>Error - 31/12/2012 06:37:44 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000</p><p>Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module</p><p> oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e.</p><p> </p><p>Error - 31/12/2012 08:00:44 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000</p><p>Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module</p><p> oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e.</p><p> </p><p>Error - 31/12/2012 13:59:54 | Computer Name = PETERCOMPUTERNO | Source = Application Hang | ID = 1002</p><p>Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module</p><p> hungapp, version 0.0.0.0, hang address 0x00000000.</p><p> </p><p>Error - 31/12/2012 14:00:33 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080</p><p>Description = Failed auto update retrieval of third-party root list sequence number</p><p> from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt></p><p> with error: This operation returned because the timeout period expired. </p><p> </p><p>[ System Events ]</p><p>Error - 02/01/2013 10:40:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:41:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:41:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:42:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:42:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:43:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:43:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:44:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010</p><p>Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register</p><p> with DCOM within the required timeout.</p><p> </p><p>Error - 02/01/2013 10:44:19 | Computer Name = PETERCOMPUTERNO | Source = Windows Update Agent | ID = 16</p><p>Description = Unable to Connect: Windows is unable to connect to the automatic updates</p><p> service and therefore cannot download and install updates according to the set </p><p>schedule. Windows will continue to try to establish a connection.</p><p> </p><p>OTL logfile created on: 02/01/2013 14:39:02 - Run 1</p><p>OTL by OldTimer - Version 3.2.69.0 Folder = D:\</p><p>Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation</p><p>Internet Explorer (Version = 8.0.6001.18702)</p><p>Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy</p><p> </p><p>1023.29 Mb Total Physical Memory | 673.79 Mb Available Physical Memory | 65.85% Memory free</p><p>2.41 Gb Paging File | 2.11 Gb Available in Paging File | 87.72% Paging File free</p><p>Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]</p><p> </p><p>%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files</p><p>Drive C: | 232.88 Gb Total Space | 158.20 Gb Free Space | 67.93% Space Free | Partition Type: NTFS</p><p>Drive D: | 7.20 Gb Total Space | 7.11 Gb Free Space | 98.78% Space Free | Partition Type: FAT32</p><p> </p><p>Computer Name: PETERCOMPUTERNO | User Name: Jane | Logged in as Administrator.</p><p>Boot Mode: Normal | Scan Mode: All users</p><p>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days</p><p> </p><p><span style="color: #E56717">========== Processes (SafeList) ==========</span></p><p> </p><p>PRC - [2013/01/02 14:26:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe</p><p>PRC - [2012/12/31 08:52:51 | 000,105,832 | ---- | M] (SurfRight B.V.) -- C:\Program Files\HitmanPro\hmpsched.exe</p><p>PRC - [2012/12/28 20:12:06 | 008,939,896 | ---- | M] (SurfRight B.V.) -- C:\Program Files\HitmanPro\HitmanPro.exe</p><p>PRC - [2012/12/18 11:43:47 | 000,500,888 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\Real\RealPlayer\realplay.exe</p><p>PRC - [2012/12/18 11:43:43 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe</p><p>PRC - [2012/12/03 15:40:50 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe</p><p>PRC - [2012/12/03 15:40:50 | 001,031,528 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe</p><p>PRC - [2012/11/22 13:53:01 | 001,681,472 | ---- | M] (Bandoo Media Inc) -- C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe</p><p>PRC - [2012/10/30 22:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe</p><p>PRC - [2012/10/30 22:50:59 | 000,247,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe</p><p>PRC - [2012/10/30 22:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe</p><p>PRC - [2012/09/24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe</p><p>PRC - [2012/08/09 12:02:26 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe</p><p>PRC - [2012/06/17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe</p><p>PRC - [2012/01/23 04:43:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe</p><p>PRC - [2012/01/23 04:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe</p><p>PRC - [2011/08/23 20:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe</p><p>PRC - [2010/07/26 01:08:00 | 002,569,616 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE</p><p>PRC - [2010/07/04 19:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe</p><p>PRC - [2009/05/05 15:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet\Connect\11\ISUSPM.exe</p><p>PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe</p><p>PRC - [2007/10/12 08:33:38 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\TalkTalk\bin\sprtsvc.exe</p><p>PRC - [2007/08/02 13:42:14 | 000,148,768 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe</p><p>PRC - [2004/01/26 10:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe</p><p> </p><p> </p><p><span style="color: #E56717">========== Modules (No Company Name) ==========</span></p><p> </p><p>MOD - [2012/12/29 08:34:23 | 002,041,856 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12122900\algo.dll</p><p>MOD - [2012/08/09 12:02:26 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe</p><p>MOD - [2010/07/04 21:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll</p><p>MOD - [2010/07/04 19:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe</p><p> </p><p> </p><p><span style="color: #E56717">========== Services (SafeList) ==========</span></p><p> </p><p>SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\Jane\wgsdgsdgdsgsd.dll -- (winmgmt)</p><p>SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)</p><p>SRV - [2012/12/31 08:52:51 | 000,105,832 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)</p><p>SRV - [2012/12/14 10:09:38 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)</p><p>SRV - [2012/12/03 15:40:50 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)</p><p>SRV - [2012/12/01 19:56:57 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)</p><p>SRV - [2012/10/30 22:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)</p><p>SRV - [2012/09/24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)</p><p>SRV - [2012/08/09 12:02:26 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)</p><p>SRV - [2012/06/17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)</p><p>SRV - [2012/01/23 04:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)</p><p>SRV - [2012/01/04 12:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)</p><p>SRV - [2007/10/12 08:33:38 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\TalkTalk\bin\sprtsvc.exe -- (sprtsvc_TalkTalk)</p><p>SRV - [2007/08/02 13:42:16 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)</p><p>SRV - [2007/08/02 13:42:14 | 000,148,768 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe -- (tgsrvc_TalkTalk)</p><p> </p><p> </p><p><span style="color: #E56717">========== Driver Services (SafeList) ==========</span></p><p> </p><p>DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)</p><p>DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)</p><p>DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)</p><p>DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)</p><p>DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)</p><p>DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)</p><p>DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)</p><p>DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)</p><p>DRV - File not found [Kernel | System | Stopped] -- -- (Changer)</p><p>DRV - [2013/01/02 14:35:09 | 000,030,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hitmanpro37.sys -- (hitmanpro37)</p><p>DRV - [2012/12/31 12:00:40 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)</p><p>DRV - [2012/10/30 22:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)</p><p>DRV - [2012/10/30 22:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)</p><p>DRV - [2012/10/30 22:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)</p><p>DRV - [2012/10/30 22:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)</p><p>DRV - [2012/10/30 22:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)</p><p>DRV - [2012/10/30 22:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)</p><p>DRV - [2012/10/30 22:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)</p><p>DRV - [2012/04/30 18:45:28 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)</p><p>DRV - [2012/01/04 14:28:36 | 000,016,128 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtkdrv.sys -- (TrojanKillerDriver)</p><p>DRV - [2011/11/01 09:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)</p><p>DRV - [2011/11/01 09:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)</p><p>DRV - [2011/11/01 09:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)</p><p>DRV - [2011/11/01 09:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)</p><p>DRV - [2011/11/01 09:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)</p><p>DRV - [2011/11/01 09:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)</p><p>DRV - [2011/05/19 14:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)</p><p>DRV - [2010/07/04 19:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)</p><p>DRV - [2008/08/26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)</p><p>DRV - [2004/10/27 14:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)</p><p>DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)</p><p>DRV - [2003/12/08 10:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn)</p><p>DRV - [2003/12/08 10:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)</p><p> </p><p> </p><p><span style="color: #E56717">========== Standard Registry (All) ==========</span></p><p> </p><p> </p><p><span style="color: #E56717">========== Internet Explorer ==========</span></p><p> </p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157</p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896</p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]</p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons</p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm</p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896</p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk</p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/</p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm</p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/web?src=ieb&appid=179&systemid=406&sr=0&q={searchTerms}</p><p>IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}</p><p>IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}</p><p>IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=400&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0754154125834112&q={searchTerms}</p><p>IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}</p><p> </p><p> </p><p>IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0</p><p> </p><p>IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0</p><p> </p><p> </p><p> </p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=UP62</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE8HP&PC=UP62</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/web?src=ieb&appid=179&systemid=406&sr=0&q={searchTerms}</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=UP62DF&PC=UP62&q={searchTerms}&src=IE-SearchBox</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=400&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0754154125834112&q={searchTerms}</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.com/web?q={searchTerms}</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}</p><p>IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0</p><p> </p><p> </p><p><span style="color: #E56717">========== FireFox ==========</span></p><p> </p><p>FF - prefs.js..browser.search.defaultengine: "Ask.com"</p><p>FF - prefs.js..browser.search.defaultenginename: "Search Results"</p><p>FF - prefs.js..browser.search.defaultenginename,S: S", "GadgetBox"</p><p>FF - prefs.js..browser.search.defaultthis.engineName: ""</p><p>FF - prefs.js..browser.search.defaulturl: "http://search.gboxapp.com/?q="</p><p>FF - prefs.js..browser.search.order.1: "Search Results"</p><p>FF - prefs.js..browser.search.order.1,S: S", "GadgetBox"</p><p>FF - prefs.js..browser.search.selectedEngine: "Search Results"</p><p>FF - prefs.js..browser.search.selectedEngine,S: S", "GadgetBox"</p><p>FF - prefs.js..browser.search.useDBForOrder: true</p><p>FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"</p><p>FF - prefs.js..extensions.enabledAddons: ffxtlbr%40funmoods.com:1.5.1</p><p>FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:1.0</p><p>FF - prefs.js..extensions.enabledAddons: %7B33e0daa6-3af3-d8b5-6752-10e949c61516%7D:1.1</p><p>FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474</p><p>FF - prefs.js..extensions.enabledAddons: %7BB1FC07E1-E05B-4567-8891-E63FBE545BA8%7D:1.2.0</p><p>FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1</p><p>FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=400&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=0754154125834112&o=APN10645&q="</p><p>FF - prefs.js..network.proxy.type: 0</p><p>FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""</p><p>FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""</p><p>FF - prefs.js..browser.startup.homepage: ""</p><p>FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""</p><p> </p><p> </p><p>FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()</p><p>FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)</p><p>FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)</p><p>FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)</p><p>FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)</p><p>FF - HKLM\Software\MozillaPlug</p></blockquote><p></p>
[QUOTE="edward1, post: 93315, member: 4314"] OK.Here goes.............. OTL Extras logfile created on: 02/01/2013 14:39:02 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\ Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1023.29 Mb Total Physical Memory | 673.79 Mb Available Physical Memory | 65.85% Memory free 2.41 Gb Paging File | 2.11 Gb Available in Paging File | 87.72% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 232.88 Gb Total Space | 158.20 Gb Free Space | 67.93% Space Free | Partition Type: NTFS Drive D: | 7.20 Gb Total Space | 7.11 Gb Free Space | 98.78% Space Free | Partition Type: FAT32 Computer Name: PETERCOMPUTERNO | User Name: Jane | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\TalkTalk\agent\bin\bcont.exe" = C:\Program Files\TalkTalk\agent\bin\bcont.exe:*:Enabled:bcont.exe -- (SupportSoft, Inc.) "C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe" = C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe:*:Enabled:tgsrvc.exe -- (SupportSoft, Inc.) "C:\Program Files\TalkTalk\agent\bin\bcont_nm.exe" = C:\Program Files\TalkTalk\agent\bin\bcont_nm.exe:*:Enabled:bcont_nm.exe -- (SupportSoft, Inc.) "C:\Program Files\TalkTalk\bin\sprtcmd.exe" = C:\Program Files\TalkTalk\bin\sprtcmd.exe:*:Enabled:sprtcmd.exe -- (SupportSoft, Inc.) "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\Deluge\deluge.exe" = C:\Program Files\Deluge\deluge.exe:*:Disabled:deluge -- () "C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- (VideoLAN) "C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker "C:\Documents and Settings\Jane\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Jane\Application Data\Spotify\spotify.exe:*:Enabled:Spotify "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe" = C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe:*:Enabled:Search-Results Toolbar DTX Broker -- (APN LLC) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1 "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460" = Canon MP460 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01 "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A88E1685-1986-4A86-8E88-5FE1E727D026}" = RealDownloader "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 310.70 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 310.70 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader "{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D084B1A9-153B-409D-AEBF-C40FCEF925EA}" = TalkTalk Assist & Go "{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support "504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "alotAppbar" = ALOT Appbar "ArcSoft Camera Suite" = ArcSoft Camera Suite "avast" = avast! Free Antivirus "CanonMyPrinter" = Canon My Printer "CCleaner" = CCleaner "Easy-WebPrint EX" = Canon Easy-WebPrint EX "GBox" = GBox Updater "Google Chrome" = Google Chrome "GridinSoft Trojan Killer" = Trojan Killer "HitmanPro37" = HitmanPro 3.7 "HPOCR" = OCR Software by I.R.I.S. 13.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "ilividtoolbarguid" = Search-Results Toolbar "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NeroMultiInstaller!UninstallKey" = Nero Suite "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Nokia Suite" = Nokia Suite "PriceGong" = PriceGong 2.5.0 "RealPlayer 16.0" = RealPlayer "Recuva" = Recuva "SProtector" = SProtector 1.55 "TomTom HOME" = TomTom HOME 2.8.3.2499 "Unlocker" = Unlocker 1.9.1 "VLC media player" = VLC media player 2.0.4 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR 4.00 (32-bit) "WinX DVD Author_is1" = WinX DVD Author 6.0 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 31/12/2012 06:32:44 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 31/12/2012 06:33:24 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 31/12/2012 06:33:27 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 31/12/2012 06:33:28 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 31/12/2012 06:33:33 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 31/12/2012 06:35:58 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000 Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e. Error - 31/12/2012 06:37:44 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000 Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e. Error - 31/12/2012 08:00:44 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000 Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e. Error - 31/12/2012 13:59:54 | Computer Name = PETERCOMPUTERNO | Source = Application Hang | ID = 1002 Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 31/12/2012 14:00:33 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired. [ System Events ] Error - 02/01/2013 10:40:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:41:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:41:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:42:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:42:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:43:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:43:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:44:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:44:19 | Computer Name = PETERCOMPUTERNO | Source = Windows Update Agent | ID = 16 Description = Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection. Error - 02/01/2013 10:44:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. < End of report > OTL Extras logfile created on: 02/01/2013 14:39:02 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\ Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1023.29 Mb Total Physical Memory | 673.79 Mb Available Physical Memory | 65.85% Memory free 2.41 Gb Paging File | 2.11 Gb Available in Paging File | 87.72% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 232.88 Gb Total Space | 158.20 Gb Free Space | 67.93% Space Free | Partition Type: NTFS Drive D: | 7.20 Gb Total Space | 7.11 Gb Free Space | 98.78% Space Free | Partition Type: FAT32 Computer Name: PETERCOMPUTERNO | User Name: Jane | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\TalkTalk\agent\bin\bcont.exe" = C:\Program Files\TalkTalk\agent\bin\bcont.exe:*:Enabled:bcont.exe -- (SupportSoft, Inc.) "C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe" = C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe:*:Enabled:tgsrvc.exe -- (SupportSoft, Inc.) "C:\Program Files\TalkTalk\agent\bin\bcont_nm.exe" = C:\Program Files\TalkTalk\agent\bin\bcont_nm.exe:*:Enabled:bcont_nm.exe -- (SupportSoft, Inc.) "C:\Program Files\TalkTalk\bin\sprtcmd.exe" = C:\Program Files\TalkTalk\bin\sprtcmd.exe:*:Enabled:sprtcmd.exe -- (SupportSoft, Inc.) "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\Deluge\deluge.exe" = C:\Program Files\Deluge\deluge.exe:*:Disabled:deluge -- () "C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- (VideoLAN) "C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker "C:\Documents and Settings\Jane\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Jane\Application Data\Spotify\spotify.exe:*:Enabled:Spotify "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe" = C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe:*:Enabled:Search-Results Toolbar DTX Broker -- (APN LLC) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1 "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460" = Canon MP460 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01 "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A88E1685-1986-4A86-8E88-5FE1E727D026}" = RealDownloader "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 310.70 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 310.70 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader "{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D084B1A9-153B-409D-AEBF-C40FCEF925EA}" = TalkTalk Assist & Go "{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support "504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "alotAppbar" = ALOT Appbar "ArcSoft Camera Suite" = ArcSoft Camera Suite "avast" = avast! Free Antivirus "CanonMyPrinter" = Canon My Printer "CCleaner" = CCleaner "Easy-WebPrint EX" = Canon Easy-WebPrint EX "GBox" = GBox Updater "Google Chrome" = Google Chrome "GridinSoft Trojan Killer" = Trojan Killer "HitmanPro37" = HitmanPro 3.7 "HPOCR" = OCR Software by I.R.I.S. 13.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "ilividtoolbarguid" = Search-Results Toolbar "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NeroMultiInstaller!UninstallKey" = Nero Suite "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Nokia Suite" = Nokia Suite "PriceGong" = PriceGong 2.5.0 "RealPlayer 16.0" = RealPlayer "Recuva" = Recuva "SProtector" = SProtector 1.55 "TomTom HOME" = TomTom HOME 2.8.3.2499 "Unlocker" = Unlocker 1.9.1 "VLC media player" = VLC media player 2.0.4 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR 4.00 (32-bit) "WinX DVD Author_is1" = WinX DVD Author 6.0 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 31/12/2012 06:32:44 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 31/12/2012 06:33:24 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 31/12/2012 06:33:27 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 31/12/2012 06:33:28 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 31/12/2012 06:33:33 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 31/12/2012 06:35:58 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000 Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e. Error - 31/12/2012 06:37:44 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000 Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e. Error - 31/12/2012 08:00:44 | Computer Name = PETERCOMPUTERNO | Source = Application Error | ID = 1000 Description = Faulting application arthur rd.exe, version 1.70.0.9, faulting module oleaut32.dll, version 5.1.2600.6058, fault address 0x0001c22e. Error - 31/12/2012 13:59:54 | Computer Name = PETERCOMPUTERNO | Source = Application Hang | ID = 1002 Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 31/12/2012 14:00:33 | Computer Name = PETERCOMPUTERNO | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired. [ System Events ] Error - 02/01/2013 10:40:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:41:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:41:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:42:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:42:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:43:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:43:44 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:44:14 | Computer Name = PETERCOMPUTERNO | Source = DCOM | ID = 10010 Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout. Error - 02/01/2013 10:44:19 | Computer Name = PETERCOMPUTERNO | Source = Windows Update Agent | ID = 16 Description = Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection. OTL logfile created on: 02/01/2013 14:39:02 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\ Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1023.29 Mb Total Physical Memory | 673.79 Mb Available Physical Memory | 65.85% Memory free 2.41 Gb Paging File | 2.11 Gb Available in Paging File | 87.72% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 232.88 Gb Total Space | 158.20 Gb Free Space | 67.93% Space Free | Partition Type: NTFS Drive D: | 7.20 Gb Total Space | 7.11 Gb Free Space | 98.78% Space Free | Partition Type: FAT32 Computer Name: PETERCOMPUTERNO | User Name: Jane | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/01/02 14:26:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe PRC - [2012/12/31 08:52:51 | 000,105,832 | ---- | M] (SurfRight B.V.) -- C:\Program Files\HitmanPro\hmpsched.exe PRC - [2012/12/28 20:12:06 | 008,939,896 | ---- | M] (SurfRight B.V.) -- C:\Program Files\HitmanPro\HitmanPro.exe PRC - [2012/12/18 11:43:47 | 000,500,888 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\Real\RealPlayer\realplay.exe PRC - [2012/12/18 11:43:43 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012/12/03 15:40:50 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012/12/03 15:40:50 | 001,031,528 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe PRC - [2012/11/22 13:53:01 | 001,681,472 | ---- | M] (Bandoo Media Inc) -- C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe PRC - [2012/10/30 22:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/10/30 22:50:59 | 000,247,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe PRC - [2012/10/30 22:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012/09/24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012/08/09 12:02:26 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2012/06/17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe PRC - [2012/01/23 04:43:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2012/01/23 04:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2011/08/23 20:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe PRC - [2010/07/26 01:08:00 | 002,569,616 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE PRC - [2010/07/04 19:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe PRC - [2009/05/05 15:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet\Connect\11\ISUSPM.exe PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/10/12 08:33:38 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\TalkTalk\bin\sprtsvc.exe PRC - [2007/08/02 13:42:14 | 000,148,768 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe PRC - [2004/01/26 10:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/12/29 08:34:23 | 002,041,856 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12122900\algo.dll MOD - [2012/08/09 12:02:26 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe MOD - [2010/07/04 21:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll MOD - [2010/07/04 19:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\Jane\wgsdgsdgdsgsd.dll -- (winmgmt) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012/12/31 08:52:51 | 000,105,832 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler) SRV - [2012/12/14 10:09:38 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/12/03 15:40:50 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012/12/01 19:56:57 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/10/30 22:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012/09/24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012/08/09 12:02:26 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2012/06/17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2012/01/23 04:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2012/01/04 12:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2007/10/12 08:33:38 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\TalkTalk\bin\sprtsvc.exe -- (sprtsvc_TalkTalk) SRV - [2007/08/02 13:42:16 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist) SRV - [2007/08/02 13:42:14 | 000,148,768 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe -- (tgsrvc_TalkTalk) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013/01/02 14:35:09 | 000,030,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hitmanpro37.sys -- (hitmanpro37) DRV - [2012/12/31 12:00:40 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2012/10/30 22:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012/10/30 22:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012/10/30 22:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012/10/30 22:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012/10/30 22:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012/10/30 22:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2012/10/30 22:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012/04/30 18:45:28 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2012/01/04 14:28:36 | 000,016,128 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtkdrv.sys -- (TrojanKillerDriver) DRV - [2011/11/01 09:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2011/11/01 09:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011/11/01 09:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011/11/01 09:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2011/11/01 09:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011/11/01 09:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2011/05/19 14:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA) DRV - [2010/07/04 19:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2008/08/26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2004/10/27 14:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2003/12/08 10:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) DRV - [2003/12/08 10:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/web?src=ieb&appid=179&systemid=406&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=400&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0754154125834112&q={searchTerms} IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=UP62 IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE8HP&PC=UP62 IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/web?src=ieb&appid=179&systemid=406&sr=0&q={searchTerms} IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=UP62DF&PC=UP62&q={searchTerms}&src=IE-SearchBox IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=400&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0754154125834112&q={searchTerms} IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.com/web?q={searchTerms} IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms} IE - HKU\S-1-5-21-1060284298-1202660629-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.defaultenginename,S: S", "GadgetBox" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "http://search.gboxapp.com/?q=" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.order.1,S: S", "GadgetBox" FF - prefs.js..browser.search.selectedEngine: "Search Results" FF - prefs.js..browser.search.selectedEngine,S: S", "GadgetBox" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/" FF - prefs.js..extensions.enabledAddons: ffxtlbr%40funmoods.com:1.5.1 FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:1.0 FF - prefs.js..extensions.enabledAddons: %7B33e0daa6-3af3-d8b5-6752-10e949c61516%7D:1.1 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474 FF - prefs.js..extensions.enabledAddons: %7BB1FC07E1-E05B-4567-8891-E63FBE545BA8%7D:1.2.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=400&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=0754154125834112&o=APN10645&q=" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlug [/QUOTE]
Insert quotes…
Verification
Post reply
Top