Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows explorer hanging up, files on drive C will not delete etc [Sol

Started by Geekimnot , Mar 07 2014 06:39 AM

  • This topic is locked This topic is locked

#1
Geekimnot
Posted 07 March 2014 - 06:39 AM

Geekimnot

    Member

  • Member
  • PipPipPip
  • 278 posts
Hi,

My computer has started giving problems, first noticed that when files were delete on drive C, they reappeared again after rebooting.

My Windows explorer sometimes freezes, and sometimes reloads.

All of my restore points have disappeared

As requested I have run OTL
Here is the log


OTL logfile created on: 07/03/2014 11:30:05 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hightorque UK\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19499)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.97 Gb Total Physical Memory | 0.95 Gb Available Physical Memory | 32.20% Memory free
6.13 Gb Paging File | 3.25 Gb Available in Paging File | 52.92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.01 Gb Total Space | 98.51 Gb Free Space | 34.20% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 3.45 Gb Free Space | 34.55% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 159.85 Gb Free Space | 53.62% Space Free | Partition Type: NTFS
Drive G: | 111.79 Gb Total Space | 79.39 Gb Free Space | 71.02% Space Free | Partition Type: NTFS
Drive H: | 931.28 Gb Total Space | 832.78 Gb Free Space | 89.42% Space Free | Partition Type: FAT32

Computer Name: HIGHTORQUEUK-PC | User Name: Hightorque UK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/03/07 11:29:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hightorque UK\Downloads\OTL.exe
PRC - [2014/02/05 15:30:14 | 000,475,648 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\GCC\Controller.exe
PRC - [2013/12/18 18:42:34 | 001,513,848 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2013/12/18 18:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/04 02:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Users\Hightorque UK\AppData\Local\GCC\Chrome-bin\chrome.exe
PRC - [2013/11/25 08:14:16 | 001,517,224 | ---- | M] (SPEEDbit) -- C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
PRC - [2013/11/25 08:14:16 | 000,298,152 | ---- | M] (SPEEDbit) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2013/11/02 20:47:12 | 003,001,344 | ---- | M] (1Million Ltd) -- C:\Program Files\TSMV4\TheStakingMachine.exe
PRC - [2013/10/25 02:34:06 | 001,444,120 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/10/18 07:47:14 | 003,795,160 | ---- | M] (Speedbit Ltd.) -- C:\Programs\DAP\DAP.exe
PRC - [2013/09/07 17:20:56 | 000,071,224 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.7c\waol.exe
PRC - [2013/09/07 17:20:48 | 000,045,624 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.7c\shellmon.exe
PRC - [2013/09/07 03:53:15 | 002,368,568 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.7c\AOLBrowser\aolbrowser.exe
PRC - [2013/08/27 15:57:34 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013/08/27 15:57:32 | 000,248,208 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2013/07/13 07:19:54 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xbrmon.exe
PRC - [2013/05/21 04:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/02 11:21:22 | 001,890,744 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2012/08/28 15:53:14 | 000,036,744 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
PRC - [2012/06/12 08:00:22 | 003,157,504 | ---- | M] (Gruss Software Ltd) -- C:\Program Files\Betting Assistant\Betting Assistant.exe
PRC - [2012/01/13 15:22:10 | 001,493,288 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe
PRC - [2011/11/25 15:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2011/11/02 02:00:44 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011/03/16 15:18:28 | 000,152,576 | ---- | M] (CrashPlan) -- C:\Program Files\CrashPlan\CrashPlanService.exe
PRC - [2011/03/16 15:17:57 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Program Files\CrashPlan\CrashPlanTray.exe
PRC - [2010/03/08 07:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1255507870\ee\aolsoftware.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/11 15:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/02/11 15:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/08/19 06:19:40 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/08/19 06:19:38 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2008/08/15 16:53:36 | 000,099,568 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\dldtserv.exe
PRC - [2008/02/25 10:38:12 | 000,595,184 | ---- | M] ( ) -- C:\Windows\System32\dldtcoms.exe
PRC - [2006/10/23 12:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/07/17 16:45:26 | 000,040,960 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE
PRC - [2005/06/02 16:03:08 | 001,957,888 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\Nero BackItUp\NBJ.exe


========== Modules (No Company Name) ==========

MOD - [2014/03/07 11:23:20 | 000,070,144 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\Temp\GC\Profiles\{57F3A5C7-415B-469F-8CBF-0FFE362115C1}\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\mutechrome.dll
MOD - [2014/02/21 15:41:01 | 016,265,096 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_70.dll
MOD - [2014/02/14 07:41:24 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c9044e65851c7afcb53597157c76446f\Microsoft.VisualBasic.ni.dll
MOD - [2014/02/14 07:39:50 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\032ab8e56366d48dc3f04b6eb7bc8c9f\System.Runtime.Serialization.ni.dll
MOD - [2014/02/14 07:39:46 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\a8726347d3e5269f6d4fcb972341898c\SMDiagnostics.ni.dll
MOD - [2014/02/14 07:39:45 | 017,403,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1120b79bc6e03a4c84832103d1f05b67\System.ServiceModel.ni.dll
MOD - [2014/02/14 07:38:44 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\890433199e7e462f76600e3aa64e435e\System.Web.Services.ni.dll
MOD - [2014/02/14 07:38:41 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3ab5ab0fbb86c36425e6902e54a547b\System.Runtime.Remoting.ni.dll
MOD - [2014/02/14 07:38:32 | 011,909,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\2183861863b3c98036f0d75f303d2a65\System.Web.ni.dll
MOD - [2014/02/14 07:37:49 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll
MOD - [2014/02/14 07:37:25 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\02c0c31b20715dbd4f0777bf47b4bf46\Accessibility.ni.dll
MOD - [2014/02/14 06:59:40 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll
MOD - [2014/02/14 06:58:56 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll
MOD - [2014/02/14 06:58:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll
MOD - [2014/02/14 06:58:05 | 006,622,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\2abd059b5e13d704f38c2179c01fff3a\System.Data.ni.dll
MOD - [2014/02/13 22:47:33 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll
MOD - [2014/02/13 22:47:11 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll
MOD - [2014/02/05 15:30:14 | 000,475,648 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\GCC\Controller.exe
MOD - [2014/01/21 12:53:00 | 000,076,800 | ---- | M] () -- C:\Program Files\NCH Software\Meo\meodll.dll
MOD - [2014/01/17 06:56:24 | 000,010,752 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll
MOD - [2014/01/17 06:56:22 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
MOD - [2014/01/17 06:56:15 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
MOD - [2014/01/17 06:56:07 | 000,010,240 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
MOD - [2014/01/17 06:56:03 | 000,011,776 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
MOD - [2013/12/18 18:42:34 | 000,305,520 | ---- | M] () -- C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2013/12/04 02:48:04 | 000,399,312 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\GCC\Chrome-bin\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/04 02:48:03 | 013,586,896 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\GCC\Chrome-bin\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/04 02:48:02 | 004,055,504 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\GCC\Chrome-bin\31.0.1650.63\pdf.dll
MOD - [2013/12/04 02:47:08 | 001,619,408 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\GCC\Chrome-bin\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/10/21 07:44:45 | 000,009,216 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\AddonsCondition.dll
MOD - [2013/09/07 17:20:57 | 000,048,640 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\zlib.dll
MOD - [2013/09/07 17:19:37 | 021,117,440 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\libcef.dll
MOD - [2013/09/07 17:19:35 | 000,648,704 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\libGLESv2.dll
MOD - [2013/09/07 17:19:35 | 000,122,880 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\libEGL.dll
MOD - [2013/09/07 17:19:22 | 000,094,208 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\components\Tier2Svc.dll
MOD - [2013/09/07 17:19:22 | 000,060,928 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\components\DataSvcs.dll
MOD - [2013/08/13 12:15:50 | 000,206,336 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\Temp\GC\Profiles\{57F3A5C7-415B-469F-8CBF-0FFE362115C1}\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\convenience.dll
MOD - [2012/11/09 05:02:18 | 001,752,576 | ---- | M] () -- C:\Program Files\File Shredder\fsshell.dll
MOD - [2012/05/30 14:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
MOD - [2011/11/25 08:15:36 | 000,057,344 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSLOG.DLL
MOD - [2009/03/30 04:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2007/08/11 23:20:46 | 000,307,200 | ---- | M] () -- C:\Program Files\TSMV4\ZedGraph.dll
MOD - [2006/07/17 16:56:52 | 000,077,824 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSEVENT.DLL
MOD - [2006/07/17 16:56:32 | 000,024,576 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSERROR.DLL
MOD - [2006/07/17 16:45:26 | 000,040,960 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE
MOD - [2006/07/17 16:44:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSREG.DLL
MOD - [2006/07/17 16:40:50 | 000,016,384 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\SMSG.DLL


========== Services (SafeList) ==========

SRV - [2014/02/21 15:41:18 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/18 18:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/25 08:14:16 | 000,298,152 | ---- | M] (SPEEDbit) [Auto | Running] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2013/10/25 02:34:06 | 001,444,120 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/27 15:57:34 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/05/21 04:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/11/25 15:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/03/16 15:18:28 | 000,152,576 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV - [2010/01/18 13:21:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/02/11 15:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/08/19 06:19:38 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2008/08/15 16:53:36 | 000,099,568 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe -- (dldtCATSCustConnectService)
SRV - [2008/02/25 10:38:12 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldtcoms.exe -- (dldt_device)
SRV - [2008/01/21 02:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/10/23 12:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\netfilter.sys -- (netfilter)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{238FC398-6E30-4CB8-A19C-9256D94FF15F}\MpKsl6938a72b.sys -- (MpKsl6938a72b)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\HIGHTO~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2014/03/06 01:53:05 | 000,395,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\IPSDefs\20140306.005\IDSvix86.sys -- (IDSVix86)
DRV - [2014/02/09 23:49:42 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20140306.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/02/09 23:49:42 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/02/09 23:49:42 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20140306.034\NAVENG.SYS -- (NAVENG)
DRV - [2013/12/18 00:32:11 | 001,098,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\BASHDefs\20140214.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/12/13 06:33:17 | 000,340,432 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys -- (RapportCerberus_59849)
DRV - [2013/11/21 03:21:13 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/10/25 02:34:18 | 000,230,448 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2013/10/25 02:34:18 | 000,157,264 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2013/10/25 02:34:18 | 000,108,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013/06/18 05:32:43 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/23 05:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013/05/21 05:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symds.sys -- (SymDS)
DRV - [2013/05/16 05:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013/04/25 00:43:56 | 000,352,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symtdiv.sys -- (SYMTDIv)
DRV - [2013/04/16 02:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\ccsetx86.sys -- (ccSet_NIS)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/05 01:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2013/03/05 01:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2011/12/01 10:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/12/01 10:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2009/12/31 15:56:38 | 000,177,748 | ---- | M] (Divio Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pcam.sys -- (DCamUSBNW802)
DRV - [2009/11/16 03:13:14 | 000,216,576 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/10/21 06:38:35 | 000,229,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/08/26 17:55:14 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/08/19 07:03:28 | 000,079,960 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2008/08/19 07:02:56 | 000,027,648 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV - [2008/02/05 00:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2008/01/21 02:23:50 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/29 22:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw)
DRV - [2006/11/02 07:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope = {443789B7-F39C-4b5c-9287-DA72D38F4FE6}
IE - HKLM\..\SearchScopes\{09BF01E0-CFE9-4104-B0BB-B5724D999A05}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...mrud=19-03-2013
IE - HKLM\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://go.speedbit.c...q={searchTerms}
IE - HKLM\..\SearchScopes\{86789896-718A-4BDD-93BC-10B967B0B5FC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.conduit.com/?ctid=CT [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.outfox.tv/?referid=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 8A F6 F7 95 A3 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {421fb3de-4b9f-48e5-abf1-f96f8aaca70a} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{09BF01E0-CFE9-4104-B0BB-B5724D999A05}: "URL" = http://www.google.co...&rlz=1I7GGIE_en
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...91-11255921A2F7
IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylo....19&affID=17160
IE - HKCU\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...mrud=19-03-2013
IE - HKCU\..\SearchScopes\{7382B45C-D8A1-4143-8EE6-B25852BFA719}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://go.speedbit.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://uk.ask.com/we...l&geo=GB&ver=18
IE - HKCU\..\SearchScopes\FFF9366C2DEB4E6B8AE77F135949B1E9: "URL" = http://search.speedb...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@ReadingFanatic_6x.com/Plugin: C:\Program Files\ReadingFanatic_6x\bar\8.bin\NP6xStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/01/02 09:20:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\coFFPlgn\ [2014/03/07 08:40:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]_6x.com: C:\Program Files\ReadingFanatic_6x\bar\8.bin [2014/03/04 20:56:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\IPSFF [2013/10/09 18:56:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Programs\DAP\daplinkchecker [2013/10/18 07:50:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Programs\DAP\DAPFireFox [2013/10/18 07:50:48 | 000,000,000 | ---D | M]

[2010/07/23 10:19:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hightorque UK\AppData\Roaming\Mozilla\Extensions
[2010/07/23 10:19:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hightorque UK\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/05/23 09:00:10 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

========== Chrome ==========

CHR - default_search_provider: Conduit Search (Enabled)
CHR - default_search_provider: search_url = http://search.condui...rchTerms}&SSPV=
CHR - default_search_provider: suggest_url = http://suggest.searc...x={searchTerms},
CHR - homepage: http://search.condui...&UM=4&UP=&SSPV=
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: DAP Link Checker = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh\1.0.1.2_1\
CHR - Extension: Google Search = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: SpeedBit Video Downloader = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb\2.1.1_1\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.10_1\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: SpeedBit Search Predict = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ledcpigomgblcmofccnacobhmcdkpiea\2.0.3_1\
CHR - Extension: Norton Identity Protection = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.7.3_1\
CHR - Extension: Google Wallet = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011/09/01 12:17:10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Search Assistant BHO) - {2d948797-8fe3-4508-9b6f-4bf349a9ea34} - C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xSrcAs.dll (MindSpark)
O2 - BHO: (SaveSense) - {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} - C:\Program Files\SaveSense\SaveSenseIE.dll (SaveSense)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (AOL Broadband Toolbar Loader) - {776a9d06-e178-4aa0-aee4-b4de3a64ad28} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
O2 - BHO: (SBCONVERT Class) - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Programs\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Programs\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Toolbar BHO) - {f149b372-5830-4d88-b8f6-2853d12c1af5} - C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xbar.dll (MindSpark)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programs\DAP\dapieloader.dll (SpeedBit Ltd.)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programs\SpeedBit Video Downloader\Toolbar\Grabber.dll (SPEEDbit)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Programs\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ReadingFanatic) - {b36151d1-7770-4480-87e4-f89fb54e173d} - C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (AOL Broadband Toolbar) - {e6ed7f95-e571-4f81-8757-5eb11252703d} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Broadband Toolbar) - {E6ED7F95-E571-4F81-8757-5EB11252703D} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrowserSafeguard] "C:\Program Files\Browsersafeguard\BrowserSafeguard.exe" File not found
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1255507870\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [OLP-Tray] C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE ()
O4 - HKLM..\Run: [ReadingFanatic Search Scope Monitor] C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [ReadingFanatic_6x Browser Plugin Loader] C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [Registry Helper] "C:\Program Files\Registry Helper\RegistryHelper.Exe" /boot File not found
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [DAP10] C:\Programs\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Programs\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKCU..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe File not found
O4 - HKCU..\Run: [SpeedBitVideoAccelerator] C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe (SPEEDbit)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Clean Traces - C:\Programs\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Programs\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Programs\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Programs\DAP\dapextie2.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: pornbb.org ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: rapidgator.net ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: rapidgator.net ([www] http in Trusted sites)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{625F0475-6EA3-4FEA-B9C8-224019DDD165}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~2\Datamngr\datamngr.dll) - C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/03/06 13:34:51 | 000,000,000 | ---D | C] -- C:\eBooks
[2014/03/06 13:32:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF to ePUB Mobi Converter
[2014/03/06 13:32:14 | 000,000,000 | ---D | C] -- C:\Program Files\PDF to ePUB Mobi Converter
[2014/03/04 17:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/03/04 17:33:44 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/03/04 08:09:36 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\BrowserSafeguard
[2014/03/03 11:19:45 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\damaged_parcel
[2014/03/01 06:54:44 | 000,000,000 | -HSD | C] -- C:\found.001
[2014/02/25 13:34:48 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Roaming\Roxio Log Files
[2014/02/24 18:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeSoft
[2014/02/24 18:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2014/02/22 11:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/22 07:30:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\Plugins
[2014/02/21 15:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\SavingsBull
[2014/02/21 15:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Registry Helper
[2014/02/19 08:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2014/02/19 08:30:29 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Desktop 9.7c
[2014/02/18 10:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014/02/18 10:09:20 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/02/17 14:05:01 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\My Kindle Content
[2014/02/17 10:15:21 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\TSM4
[2014/02/17 10:13:13 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\TSM
[2014/02/16 12:45:23 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\.android
[2014/02/16 12:45:12 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\cache
[2014/02/16 12:44:39 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Roaming\newnext.me
[2014/02/16 12:44:17 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\genienext
[2014/02/16 12:44:11 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\Mobogenie
[2014/02/16 12:44:11 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\Mobogenie
[2014/02/16 12:41:36 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\GCC
[2014/02/15 20:53:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB to MOBI
[2014/02/15 20:53:11 | 000,000,000 | ---D | C] -- C:\Program Files\EPUB to MOBI
[2014/02/13 06:57:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\SearchProtect
[2014/02/12 01:05:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2014/02/12 01:05:29 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/02/12 01:05:28 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/02/12 01:05:28 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/02/12 01:05:28 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/02/12 01:05:27 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2014/02/12 01:05:27 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/02/12 01:05:26 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/02/12 01:05:26 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/02/12 01:05:26 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/02/12 01:05:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/02/12 01:05:25 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/02/12 01:05:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/02/12 01:05:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/02/12 01:05:23 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/02/12 01:05:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/02/12 01:05:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/02/12 01:05:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/02/12 01:05:22 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/02/11 10:48:19 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\epub
[2014/02/11 10:40:35 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
[2014/02/11 10:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
[2014/02/10 13:31:04 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\ERW
[2014/02/07 13:37:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter
[2014/02/07 13:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\InstallConverter
[2014/02/07 13:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\REGSERVO
[2014/02/07 13:12:19 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REGSERVO
[2014/02/07 08:26:11 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
[2014/02/07 08:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\SaveSense
[2014/02/07 08:25:57 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/02/07 08:23:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder
[2014/02/07 08:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2014/02/07 08:23:46 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\SearchProtect
[2014/02/06 12:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2014/02/06 09:13:10 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\IV140122HDE-1
[2013/12/07 01:02:43 | 017,968,344 | ---- | C] (Steganos Software GmbH) -- C:\Users\Hightorque UK\safe2012int_nero.exe
[2013/09/24 12:53:24 | 020,158,824 | ---- | C] (Microsoft Corporation) -- C:\Users\Hightorque UK\BOIE9_ENUS_BO0085_VIS.EXE
[2012/09/03 12:15:12 | 053,588,376 | ---- | C] (TuneUp Software) -- C:\Users\Hightorque UK\TuneUpUtilities2012-multilingual.exe
[2012/09/03 12:10:50 | 436,342,856 | ---- | C] (Nero AG) -- C:\Users\Hightorque UK\Nero-11.2.00600.exe
[2011/03/03 09:38:21 | 014,117,728 | ---- | C] (IObit ) -- C:\Users\Hightorque UK\is360setup.exe
[34 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[34 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Hightorque UK\*.tmp files -> C:\Users\Hightorque UK\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/03/07 11:44:34 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{95D5E3F6-1BC2-48DA-87DA-387FB7EB0FB8}.job
[2014/03/07 11:42:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1187167D-694A-4D97-9748-C1A6B331311F}.job
[2014/03/07 11:38:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/07 11:19:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/07 10:38:06 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/07 10:38:06 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/07 09:39:23 | 000,000,897 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\PDFToePUB.exe - Shortcut.lnk
[2014/03/07 09:10:14 | 000,070,664 | ---- | M] () -- C:\Users\Hightorque UK\Documents\Inv141667.pdf
[2014/03/07 08:59:50 | 000,002,435 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\Betting Assistant.lnk
[2014/03/07 08:39:27 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/07 08:38:20 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2014/03/07 08:37:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/07 08:37:43 | 3184,513,024 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/06 18:00:39 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2014/03/06 13:32:21 | 000,000,897 | ---- | M] () -- C:\Users\Public\Desktop\PDF to ePUB Mobi Converter.lnk
[2014/03/06 12:13:43 | 000,000,680 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\d3d9caps.dat
[2014/03/06 10:25:56 | 000,002,376 | ---- | M] () -- C:\{8A42E215-40D1-4A15-8564-513DD3F032EF}
[2014/03/05 11:52:53 | 000,649,822 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/05 11:52:53 | 000,125,862 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/04 17:34:16 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/04 12:00:04 | 000,000,516 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job
[2014/03/04 11:04:12 | 000,000,524 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\New - Shortcut.lnk
[2014/03/04 09:57:24 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/03 11:19:45 | 006,754,680 | ---- | M] () -- C:\Users\Hightorque UK\Documents\damaged_parcel.zip
[2014/03/03 07:43:34 | 000,002,984 | ---- | M] () -- C:\{4A7544F2-4542-4BFD-8159-068C617AEBB8}
[2014/03/02 22:11:40 | 000,003,952 | ---- | M] () -- C:\{3086D3D3-3700-4E11-91E3-E4131AF239F5}
[2014/03/02 22:01:50 | 000,002,984 | ---- | M] () -- C:\{F32BA2B3-A7FB-424E-BA4D-3B8641A1771A}
[2014/03/02 18:02:27 | 000,002,984 | ---- | M] () -- C:\{D754B03C-BD40-4878-92DA-A155AABCDC35}
[2014/03/02 13:25:58 | 000,002,984 | ---- | M] () -- C:\{2B3DCCC6-885F-4E53-BD82-4C07F5C807C9}
[2014/03/01 09:09:49 | 000,002,984 | ---- | M] () -- C:\{1D5781DF-F56C-44AF-BDDD-3B958B21BB9C}
[2014/03/01 07:08:20 | 000,003,952 | ---- | M] () -- C:\{D3C590DB-9404-407C-BC99-8B87351FA244}
[2014/02/28 21:54:10 | 000,002,984 | ---- | M] () -- C:\{A5B7B5CA-85E8-4A71-BB68-01C5201B46A6}
[2014/02/28 21:19:24 | 000,002,984 | ---- | M] () -- C:\{34C1BFBE-A9C4-4E27-8C59-0CEE5EB40565}
[2014/02/28 21:06:31 | 000,002,984 | ---- | M] () -- C:\{F5D5C4E9-A0BE-4278-ACAE-EDD6BF79E041}
[2014/02/28 20:36:21 | 000,002,984 | ---- | M] () -- C:\{3D4E496F-C120-4F25-8A36-00F6C33BC563}
[2014/02/28 20:06:51 | 000,003,952 | ---- | M] () -- C:\{4B706913-A159-4059-860F-A2486B56428C}
[2014/02/28 20:05:46 | 000,002,984 | ---- | M] () -- C:\{64C815E0-036C-4122-BBF5-97232ABADA48}
[2014/02/28 19:48:01 | 000,002,984 | ---- | M] () -- C:\{FB80A745-DEB5-4248-975F-6F216ED1E394}
[2014/02/28 19:25:00 | 000,002,984 | ---- | M] () -- C:\{D2B230C0-759D-47E5-A4D0-18E847DB87AE}
[2014/02/28 19:09:55 | 000,002,984 | ---- | M] () -- C:\{CD977727-CD6E-44E3-B2AE-B83EECA29EC4}
[2014/02/28 18:49:47 | 000,002,984 | ---- | M] () -- C:\{9D8C464B-441B-497A-B7BE-B78E8519209E}
[2014/02/28 18:47:34 | 000,003,952 | ---- | M] () -- C:\{45D8E0AC-190C-4EE8-9854-5BF896A2AA8D}
[2014/02/28 18:44:17 | 000,002,984 | ---- | M] () -- C:\{B1AB1A9E-667C-4CE9-B6EB-118C662F5091}
[2014/02/28 17:47:52 | 000,002,984 | ---- | M] () -- C:\{EF9E9E63-3B18-4958-9A39-42CC24B312D2}
[2014/02/28 14:18:02 | 000,000,876 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\Norton Installation Files.lnk
[2014/02/28 14:04:22 | 000,002,984 | ---- | M] () -- C:\{A9B59980-5B98-43AA-870A-AFE9F8385110}
[2014/02/28 13:57:36 | 000,002,984 | ---- | M] () -- C:\{E2A409F6-CBC0-4C52-8C7B-4F7C509E24E2}
[2014/02/28 13:45:42 | 000,002,984 | ---- | M] () -- C:\{5BCA3627-81EA-4542-8DE3-4BF243F0C252}
[2014/02/28 13:35:44 | 000,002,984 | ---- | M] () -- C:\{FE58315F-3BA8-4383-B949-74C65ED9CCF7}
[2014/02/28 13:02:50 | 000,002,984 | ---- | M] () -- C:\{DE2AEC18-4C80-49C7-B574-8E4B945F568F}
[2014/02/28 10:59:27 | 000,002,984 | ---- | M] () -- C:\{315D5B01-4904-4229-BF03-CAA7EEF51DC3}
[2014/02/28 10:08:45 | 000,002,984 | ---- | M] () -- C:\{AD998A23-2EEE-40A6-AAD4-638C32DA7DA6}
[2014/02/28 07:46:56 | 000,003,200 | ---- | M] () -- C:\{C3BFC792-D46C-4ED9-8DDF-1C5B8B732A5C}
[2014/02/27 21:50:56 | 000,002,984 | ---- | M] () -- C:\{5E1E9CC8-96A3-44A6-B053-A28C55000E50}
[2014/02/27 21:29:08 | 000,003,952 | ---- | M] () -- C:\{ECC84D31-CFF9-4791-ADA1-C132E58AE5C4}
[2014/02/27 21:26:36 | 000,002,984 | ---- | M] () -- C:\{0461240B-AB99-44AC-A68C-6478283504AD}
[2014/02/27 21:16:55 | 000,002,984 | ---- | M] () -- C:\{8F49ABC6-3F9F-4A6A-AFC5-33A2C412F6AE}
[2014/02/27 19:46:58 | 000,002,984 | ---- | M] () -- C:\{CEE388EF-9EA1-4F08-BDFC-E909684729AE}
[2014/02/27 15:57:01 | 000,002,984 | ---- | M] () -- C:\{5275EC81-BBDD-462E-8AB0-A3DA5A9F9EF8}
[2014/02/27 11:23:30 | 000,002,984 | ---- | M] () -- C:\{47A4E221-B673-49FE-961A-89011B904F2E}
[2014/02/27 09:46:49 | 000,002,984 | ---- | M] () -- C:\{3C10B6E3-4896-4F61-B79B-19A62AA41839}
[2014/02/27 09:26:11 | 000,002,984 | ---- | M] () -- C:\{065EB298-B535-403C-8846-4AC80B43C351}
[2014/02/27 07:40:36 | 000,003,360 | ---- | M] () -- C:\{E6A9E7E2-5BF8-4DA6-89C9-56AEB2A155A4}
[2014/02/26 20:37:11 | 000,002,984 | ---- | M] () -- C:\{245E48B1-8753-48A6-A508-0861AAEB6216}
[2014/02/26 20:30:21 | 000,000,296 | ---- | M] () -- C:\{279E8AD2-029F-4E4C-9756-93D0F2731DDB}
[2014/02/26 19:37:11 | 000,002,984 | ---- | M] () -- C:\{4B2FEDC2-42FB-4C4E-87D0-56C8D187D9C2}
[2014/02/26 19:24:07 | 000,002,984 | ---- | M] () -- C:\{60612E34-C1ED-4560-88EC-218FE2CE8896}
[2014/02/26 19:04:41 | 000,002,984 | ---- | M] () -- C:\{EC4436E7-E676-4A6E-B780-3BEE405E6CD5}
[2014/02/26 17:19:27 | 000,002,984 | ---- | M] () -- C:\{45DC781C-1368-4A2E-A4E2-7805D5F33FF6}
[2014/02/26 16:17:20 | 000,003,952 | ---- | M] () -- C:\{7CDFA68F-52ED-4710-9EE3-0AA124F05DC2}
[2014/02/26 16:15:35 | 000,002,984 | ---- | M] () -- C:\{A0AE74EB-122F-4062-8F14-85371030174A}
[2014/02/26 12:12:07 | 000,547,670 | ---- | M] () -- C:\Users\Hightorque UK\Documents\Bank Statement.jpg
[2014/02/26 09:37:38 | 000,002,984 | ---- | M] () -- C:\{90DA461F-8545-48CE-ACC4-B071D246EC42}
[2014/02/26 09:18:58 | 000,002,984 | ---- | M] () -- C:\{C0B4D154-C5CB-443B-B38D-DBFC6D6B9589}
[2014/02/25 18:21:35 | 000,014,380 | ---- | M] () -- C:\Users\Hightorque UK\Documents\35193.pdf
[2014/02/25 14:54:32 | 000,002,984 | ---- | M] () -- C:\{AABA3250-1C74-46A3-80F9-2F5ED7ABE04D}
[2014/02/25 13:53:36 | 000,002,984 | ---- | M] () -- C:\{8945B4B3-FD18-4550-B4C3-7F425507C986}
[2014/02/25 13:53:30 | 000,000,472 | ---- | M] () -- C:\{BF3CB1D3-A291-4151-BB96-814A243043B7}
[2014/02/25 13:38:18 | 000,000,181 | ---- | M] () -- C:\Windows\WININIT.INI
[2014/02/25 13:07:43 | 000,002,984 | ---- | M] () -- C:\{913A18F1-1AB5-4EC7-8BC4-49B77FDF35C0}
[2014/02/24 14:40:39 | 000,002,984 | ---- | M] () -- C:\{9C4D5B9A-868D-46BF-9E8D-79ACC58ACFB5}
[2014/02/24 14:40:37 | 000,042,232 | ---- | M] () -- C:\{FC63D6A3-CB07-4182-BA3A-0484924B5CFA}
[2014/02/24 14:15:59 | 000,002,984 | ---- | M] () -- C:\{509D1C94-C804-470F-8F5C-29F67EDDA29D}
[2014/02/24 11:49:05 | 000,002,984 | ---- | M] () -- C:\{59443B53-19E1-427C-8190-634EBE170715}
[2014/02/23 08:29:04 | 000,001,957 | ---- | M] () -- C:\Users\Hightorque UK\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/22 22:59:45 | 000,002,872 | ---- | M] () -- C:\{2EF6201B-6697-47FA-9507-BEC61A1B731A}
[2014/02/22 21:48:54 | 000,003,952 | ---- | M] () -- C:\{62A2FFE0-37EE-4220-B62B-7D90123C2515}
[2014/02/22 21:47:22 | 000,002,984 | ---- | M] () -- C:\{E972C357-456D-495D-AEC1-2F5C6DA42442}
[2014/02/22 16:17:54 | 000,002,984 | ---- | M] () -- C:\{DECEEE24-2334-4525-A344-EDA59ABF1229}
[2014/02/21 15:41:06 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/02/21 15:41:06 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/02/21 08:17:50 | 000,031,640 | ---- | M] () -- C:\{E3E31B88-0ED7-45E4-98D5-3F4A8D6319D5}
[2014/02/19 20:37:56 | 000,002,984 | ---- | M] () -- C:\{5DBF9735-5F9D-4436-8FC0-52AC01569252}
[2014/02/19 13:14:23 | 000,059,059 | ---- | M] () -- C:\Users\Hightorque UK\Documents\inv141597.html
[2014/02/19 08:37:21 | 000,000,909 | ---- | M] () -- C:\Users\Hightorque UK\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.7.lnk
[2014/02/19 08:37:18 | 000,000,805 | ---- | M] () -- C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
[2014/02/19 07:06:47 | 000,000,426 | ---- | M] () -- C:\AVScanner.ini
[2014/02/19 00:20:57 | 000,018,432 | ---- | M] () -- C:\Users\Hightorque UK\Documents\[email protected]_com.eml
[2014/02/18 11:10:58 | 000,003,000 | ---- | M] () -- C:\{9929DD5A-4C8D-4122-8670-27C3627F11D6}
[2014/02/18 10:40:24 | 000,002,198 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/02/18 09:38:45 | 000,070,404 | ---- | M] () -- C:\Users\Hightorque UK\Documents\inv141599.pdf
[2014/02/17 20:10:08 | 000,002,984 | ---- | M] () -- C:\{368EFE50-B418-49BA-B186-C68A3DEA5E73}
[2014/02/17 18:18:15 | 000,003,952 | ---- | M] () -- C:\{D477ACDF-CC73-4136-8A33-486C4405B225}
[2014/02/17 18:16:43 | 000,002,984 | ---- | M] () -- C:\{0B487C60-D006-41FA-BCC1-AFF91DEBFF87}
[2014/02/17 13:57:04 | 000,003,952 | ---- | M] () -- C:\{C30423BE-5AA0-4689-A1DF-A08987033324}
[2014/02/17 13:26:34 | 000,002,984 | ---- | M] () -- C:\{D978A037-257B-4354-AA80-4E09C6F40FC8}
[2014/02/16 15:52:56 | 000,002,984 | ---- | M] () -- C:\{52CB0EFF-978B-4B3E-B45F-F32AE0DFD79F}
[2014/02/16 15:07:22 | 000,002,984 | ---- | M] () -- C:\{D3D4BC62-C1A7-4DE0-A7D0-A8B8C18CB26A}
[2014/02/16 13:20:24 | 000,002,984 | ---- | M] () -- C:\{9AA6C66F-7690-4B61-9755-6DF9D55C0F1A}
[2014/02/16 09:09:33 | 000,000,804 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\epubtomobi.exe - Shortcut.lnk
[2014/02/11 10:40:36 | 000,001,632 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\FBReader.lnk
[2014/02/11 10:35:28 | 000,070,716 | ---- | M] () -- C:\Users\Hightorque UK\Documents\inv141411.pdf
[2014/02/10 12:45:51 | 000,216,576 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/02/10 08:22:30 | 000,000,686 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\Downloads - Shortcut.lnk
[2014/02/07 13:45:07 | 000,003,280 | ---- | M] () -- C:\{180F9711-547D-42C7-B4F7-8662231EAD41}
[2014/02/07 13:37:37 | 000,001,711 | ---- | M] () -- C:\Users\Public\Desktop\InstallConverter.lnk
[2014/02/07 13:29:02 | 000,003,568 | ---- | M] () -- C:\{AEAEFD14-4F40-42A9-B174-BF61E14A6591}
[2014/02/07 13:22:32 | 000,455,286 | ---- | M] () -- C:\Users\Hightorque UK\Documents\The Story of O.html
[2014/02/07 13:12:20 | 000,000,766 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\REGSERVO.lnk
[2014/02/07 10:25:55 | 000,028,840 | ---- | M] () -- C:\Users\Hightorque UK\Documents\Auftrag_CC-15262.pdf
[2014/02/07 08:27:28 | 000,001,716 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\Sync Folder.lnk
[2014/02/07 08:25:58 | 000,000,856 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/02/07 08:25:58 | 000,000,846 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\MyPC Backup.lnk
[2014/02/07 08:23:55 | 000,000,801 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\File Shredder.lnk
[2014/02/07 07:06:18 | 000,000,905 | ---- | M] () -- C:\Users\Hightorque UK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/06 12:54:59 | 000,282,624 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Roaming\SettingsDB.sdf
[2014/02/06 09:13:09 | 000,453,642 | ---- | M] () -- C:\Users\Hightorque UK\Documents\IV140122HDE-1.zip
[34 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[34 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Hightorque UK\*.tmp files -> C:\Users\Hightorque UK\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/03/07 09:39:23 | 000,000,897 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\PDFToePUB.exe - Shortcut.lnk
[2014/03/07 09:10:12 | 000,070,664 | ---- | C] () -- C:\Users\Hightorque UK\Documents\Inv141667.pdf
[2014/03/06 13:32:20 | 000,000,897 | ---- | C] () -- C:\Users\Public\Desktop\PDF to ePUB Mobi Converter.lnk
[2014/03/06 10:25:54 | 000,002,376 | ---- | C] () -- C:\{8A42E215-40D1-4A15-8564-513DD3F032EF}
[2014/03/04 17:34:15 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/04 11:04:26 | 000,000,524 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\New - Shortcut.lnk
[2014/03/04 08:06:54 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2014/03/03 11:18:52 | 006,754,680 | ---- | C] () -- C:\Users\Hightorque UK\Documents\damaged_parcel.zip
[2014/03/03 07:43:34 | 000,002,984 | ---- | C] () -- C:\{4A7544F2-4542-4BFD-8159-068C617AEBB8}
[2014/03/02 22:11:40 | 000,003,952 | ---- | C] () -- C:\{3086D3D3-3700-4E11-91E3-E4131AF239F5}
[2014/03/02 22:01:48 | 000,002,984 | ---- | C] () -- C:\{F32BA2B3-A7FB-424E-BA4D-3B8641A1771A}
[2014/03/02 18:02:27 | 000,002,984 | ---- | C] () -- C:\{D754B03C-BD40-4878-92DA-A155AABCDC35}
[2014/03/02 13:25:58 | 000,002,984 | ---- | C] () -- C:\{2B3DCCC6-885F-4E53-BD82-4C07F5C807C9}
[2014/03/01 09:09:49 | 000,002,984 | ---- | C] () -- C:\{1D5781DF-F56C-44AF-BDDD-3B958B21BB9C}
[2014/03/01 07:08:20 | 000,003,952 | ---- | C] () -- C:\{D3C590DB-9404-407C-BC99-8B87351FA244}
[2014/02/28 21:54:10 | 000,002,984 | ---- | C] () -- C:\{A5B7B5CA-85E8-4A71-BB68-01C5201B46A6}
[2014/02/28 21:19:22 | 000,002,984 | ---- | C] () -- C:\{34C1BFBE-A9C4-4E27-8C59-0CEE5EB40565}
[2014/02/28 21:06:31 | 000,002,984 | ---- | C] () -- C:\{F5D5C4E9-A0BE-4278-ACAE-EDD6BF79E041}
[2014/02/28 20:36:21 | 000,002,984 | ---- | C] () -- C:\{3D4E496F-C120-4F25-8A36-00F6C33BC563}
[2014/02/28 20:06:50 | 000,003,952 | ---- | C] () -- C:\{4B706913-A159-4059-860F-A2486B56428C}
[2014/02/28 20:05:46 | 000,002,984 | ---- | C] () -- C:\{64C815E0-036C-4122-BBF5-97232ABADA48}
[2014/02/28 19:48:01 | 000,002,984 | ---- | C] () -- C:\{FB80A745-DEB5-4248-975F-6F216ED1E394}
[2014/02/28 19:24:59 | 000,002,984 | ---- | C] () -- C:\{D2B230C0-759D-47E5-A4D0-18E847DB87AE}
[2014/02/28 19:09:54 | 000,002,984 | ---- | C] () -- C:\{CD977727-CD6E-44E3-B2AE-B83EECA29EC4}
[2014/02/28 18:49:46 | 000,002,984 | ---- | C] () -- C:\{9D8C464B-441B-497A-B7BE-B78E8519209E}
[2014/02/28 18:47:33 | 000,003,952 | ---- | C] () -- C:\{45D8E0AC-190C-4EE8-9854-5BF896A2AA8D}
[2014/02/28 18:44:17 | 000,002,984 | ---- | C] () -- C:\{B1AB1A9E-667C-4CE9-B6EB-118C662F5091}
[2014/02/28 17:47:52 | 000,002,984 | ---- | C] () -- C:\{EF9E9E63-3B18-4958-9A39-42CC24B312D2}
[2014/02/28 14:04:22 | 000,002,984 | ---- | C] () -- C:\{A9B59980-5B98-43AA-870A-AFE9F8385110}
[2014/02/28 13:57:36 | 000,002,984 | ---- | C] () -- C:\{E2A409F6-CBC0-4C52-8C7B-4F7C509E24E2}
[2014/02/28 13:45:42 | 000,002,984 | ---- | C] () -- C:\{5BCA3627-81EA-4542-8DE3-4BF243F0C252}
[2014/02/28 13:35:44 | 000,002,984 | ---- | C] () -- C:\{FE58315F-3BA8-4383-B949-74C65ED9CCF7}
[2014/02/28 13:02:50 | 000,002,984 | ---- | C] () -- C:\{DE2AEC18-4C80-49C7-B574-8E4B945F568F}
[2014/02/28 10:59:27 | 000,002,984 | ---- | C] () -- C:\{315D5B01-4904-4229-BF03-CAA7EEF51DC3}
[2014/02/28 10:08:45 | 000,002,984 | ---- | C] () -- C:\{AD998A23-2EEE-40A6-AAD4-638C32DA7DA6}
[2014/02/28 07:46:54 | 000,003,200 | ---- | C] () -- C:\{C3BFC792-D46C-4ED9-8DDF-1C5B8B732A5C}
[2014/02/27 21:50:56 | 000,002,984 | ---- | C] () -- C:\{5E1E9CC8-96A3-44A6-B053-A28C55000E50}
[2014/02/27 21:29:08 | 000,003,952 | ---- | C] () -- C:\{ECC84D31-CFF9-4791-ADA1-C132E58AE5C4}
[2014/02/27 21:26:36 | 000,002,984 | ---- | C] () -- C:\{0461240B-AB99-44AC-A68C-6478283504AD}
[2014/02/27 21:16:55 | 000,002,984 | ---- | C] () -- C:\{8F49ABC6-3F9F-4A6A-AFC5-33A2C412F6AE}
[2014/02/27 19:46:58 | 000,002,984 | ---- | C] () -- C:\{CEE388EF-9EA1-4F08-BDFC-E909684729AE}
[2014/02/27 15:57:01 | 000,002,984 | ---- | C] () -- C:\{5275EC81-BBDD-462E-8AB0-A3DA5A9F9EF8}
[2014/02/27 11:23:30 | 000,002,984 | ---- | C] () -- C:\{47A4E221-B673-49FE-961A-89011B904F2E}
[2014/02/27 09:46:49 | 000,002,984 | ---- | C] () -- C:\{3C10B6E3-4896-4F61-B79B-19A62AA41839}
[2014/02/27 09:26:11 | 000,002,984 | ---- | C] () -- C:\{065EB298-B535-403C-8846-4AC80B43C351}
[2014/02/27 07:40:36 | 000,003,360 | ---- | C] () -- C:\{E6A9E7E2-5BF8-4DA6-89C9-56AEB2A155A4}
[2014/02/26 20:37:11 | 000,002,984 | ---- | C] () -- C:\{245E48B1-8753-48A6-A508-0861AAEB6216}
[2014/02/26 20:30:21 | 000,000,296 | ---- | C] () -- C:\{279E8AD2-029F-4E4C-9756-93D0F2731DDB}
[2014/02/26 19:37:10 | 000,002,984 | ---- | C] () -- C:\{4B2FEDC2-42FB-4C4E-87D0-56C8D187D9C2}
[2014/02/26 19:24:07 | 000,002,984 | ---- | C] () -- C:\{60612E34-C1ED-4560-88EC-218FE2CE8896}
[2014/02/26 19:04:41 | 000,002,984 | ---- | C] () -- C:\{EC4436E7-E676-4A6E-B780-3BEE405E6CD5}
[2014/02/26 17:19:26 | 000,002,984 | ---- | C] () -- C:\{45DC781C-1368-4A2E-A4E2-7805D5F33FF6}
[2014/02/26 16:17:20 | 000,003,952 | ---- | C] () -- C:\{7CDFA68F-52ED-4710-9EE3-0AA124F05DC2}
[2014/02/26 16:15:35 | 000,002,984 | ---- | C] () -- C:\{A0AE74EB-122F-4062-8F14-85371030174A}
[2014/02/26 12:12:01 | 000,547,670 | ---- | C] () -- C:\Users\Hightorque UK\Documents\Bank Statement.jpg
[2014/02/26 09:37:38 | 000,002,984 | ---- | C] () -- C:\{90DA461F-8545-48CE-ACC4-B071D246EC42}
[2014/02/26 09:18:58 | 000,002,984 | ---- | C] () -- C:\{C0B4D154-C5CB-443B-B38D-DBFC6D6B9589}
[2014/02/25 18:21:33 | 000,014,380 | ---- | C] () -- C:\Users\Hightorque UK\Documents\35193.pdf
[2014/02/25 14:54:32 | 000,002,984 | ---- | C] () -- C:\{AABA3250-1C74-46A3-80F9-2F5ED7ABE04D}
[2014/02/25 13:53:32 | 000,002,984 | ---- | C] () -- C:\{8945B4B3-FD18-4550-B4C3-7F425507C986}
[2014/02/25 13:53:30 | 000,000,472 | ---- | C] () -- C:\{BF3CB1D3-A291-4151-BB96-814A243043B7}
[2014/02/25 13:38:16 | 000,000,181 | ---- | C] () -- C:\Windows\WININIT.INI
[2014/02/25 13:07:43 | 000,002,984 | ---- | C] () -- C:\{913A18F1-1AB5-4EC7-8BC4-49B77FDF35C0}
[2014/02/24 14:40:37 | 000,042,232 | ---- | C] () -- C:\{FC63D6A3-CB07-4182-BA3A-0484924B5CFA}
[2014/02/24 14:40:37 | 000,002,984 | ---- | C] () -- C:\{9C4D5B9A-868D-46BF-9E8D-79ACC58ACFB5}
[2014/02/24 14:15:59 | 000,002,984 | ---- | C] () -- C:\{509D1C94-C804-470F-8F5C-29F67EDDA29D}
[2014/02/24 11:49:05 | 000,002,984 | ---- | C] () -- C:\{59443B53-19E1-427C-8190-634EBE170715}
[2014/02/22 22:59:44 | 000,002,872 | ---- | C] () -- C:\{2EF6201B-6697-47FA-9507-BEC61A1B731A}
[2014/02/22 21:48:53 | 000,003,952 | ---- | C] () -- C:\{62A2FFE0-37EE-4220-B62B-7D90123C2515}
[2014/02/22 21:47:21 | 000,002,984 | ---- | C] () -- C:\{E972C357-456D-495D-AEC1-2F5C6DA42442}
[2014/02/22 16:17:54 | 000,002,984 | ---- | C] () -- C:\{DECEEE24-2334-4525-A344-EDA59ABF1229}
[2014/02/22 11:59:12 | 000,001,957 | ---- | C] () -- C:\Users\Hightorque UK\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/22 11:59:12 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/21 08:17:50 | 000,031,640 | ---- | C] () -- C:\{E3E31B88-0ED7-45E4-98D5-3F4A8D6319D5}
[2014/02/19 20:37:55 | 000,002,984 | ---- | C] () -- C:\{5DBF9735-5F9D-4436-8FC0-52AC01569252}
[2014/02/19 13:14:23 | 000,059,059 | ---- | C] () -- C:\Users\Hightorque UK\Documents\inv141597.html
[2014/02/18 11:10:58 | 000,003,000 | ---- | C] () -- C:\{9929DD5A-4C8D-4122-8670-27C3627F11D6}
[2014/02/18 10:17:26 | 000,001,788 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014/02/18 10:11:09 | 000,002,198 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/02/18 09:38:43 | 000,070,404 | ---- | C] () -- C:\Users\Hightorque UK\Documents\inv141599.pdf
[2014/02/17 20:10:08 | 000,002,984 | ---- | C] () -- C:\{368EFE50-B418-49BA-B186-C68A3DEA5E73}
[2014/02/17 18:18:14 | 000,003,952 | ---- | C] () -- C:\{D477ACDF-CC73-4136-8A33-486C4405B225}
[2014/02/17 18:16:43 | 000,002,984 | ---- | C] () -- C:\{0B487C60-D006-41FA-BCC1-AFF91DEBFF87}
[2014/02/17 13:57:03 | 000,003,952 | ---- | C] () -- C:\{C30423BE-5AA0-4689-A1DF-A08987033324}
[2014/02/17 13:26:33 | 000,002,984 | ---- | C] () -- C:\{D978A037-257B-4354-AA80-4E09C6F40FC8}
[2014/02/16 15:52:56 | 000,002,984 | ---- | C] () -- C:\{52CB0EFF-978B-4B3E-B45F-F32AE0DFD79F}
[2014/02/16 15:07:22 | 000,002,984 | ---- | C] () -- C:\{D3D4BC62-C1A7-4DE0-A7D0-A8B8C18CB26A}
[2014/02/16 13:20:24 | 000,002,984 | ---- | C] () -- C:\{9AA6C66F-7690-4B61-9755-6DF9D55C0F1A}
[2014/02/16 09:09:33 | 000,000,804 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\epubtomobi.exe - Shortcut.lnk
[2014/02/11 10:40:36 | 000,001,632 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\FBReader.lnk
[2014/02/11 10:35:25 | 000,070,716 | ---- | C] () -- C:\Users\Hightorque UK\Documents\inv141411.pdf
[2014/02/10 08:22:30 | 000,000,686 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\Downloads - Shortcut.lnk
[2014/02/07 13:45:07 | 000,003,280 | ---- | C] () -- C:\{180F9711-547D-42C7-B4F7-8662231EAD41}
[2014/02/07 13:37:37 | 000,001,711 | ---- | C] () -- C:\Users\Public\Desktop\InstallConverter.lnk
[2014/02/07 13:29:00 | 000,003,568 | ---- | C] () -- C:\{AEAEFD14-4F40-42A9-B174-BF61E14A6591}
[2014/02/07 13:22:24 | 000,455,286 | ---- | C] () -- C:\Users\Hightorque UK\Documents\The Story of O.html
[2014/02/07 13:12:20 | 000,000,766 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\REGSERVO.lnk
[2014/02/07 10:25:54 | 000,028,840 | ---- | C] () -- C:\Users\Hightorque UK\Documents\Auftrag_CC-15262.pdf
[2014/02/07 08:27:26 | 000,001,716 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\Sync Folder.lnk
[2014/02/07 08:25:58 | 000,000,856 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/02/07 08:25:58 | 000,000,846 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\MyPC Backup.lnk
[2014/02/07 08:23:55 | 000,000,801 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\File Shredder.lnk
[2014/02/06 09:13:04 | 000,453,642 | ---- | C] () -- C:\Users\Hightorque UK\Documents\IV140122HDE-1.zip
[2013/08/11 19:07:17 | 000,224,041 | ---- | C] () -- C:\Users\Hightorque UK\Northampton_Milton_Keynes_Leighton_Buzzard_London.pdf
[2013/08/05 08:34:37 | 030,914,760 | ---- | C] () -- C:\Users\Hightorque UK\TomTomHOME2winlatest_1.exe
[2013/08/05 08:33:37 | 030,914,760 | ---- | C] () -- C:\Users\Hightorque UK\TomTomHOME2winlatest.exe
[2013/04/30 13:32:14 | 000,282,624 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Roaming\SettingsDB.sdf
[2012/11/22 08:19:20 | 000,013,399 | ---- | C] () -- C:\Users\Hightorque UK\248.pdf
[2012/11/19 16:19:07 | 000,013,535 | ---- | C] () -- C:\Users\Hightorque UK\247.pdf
[2012/11/19 09:15:24 | 000,013,456 | ---- | C] () -- C:\Users\Hightorque UK\246.pdf
[2012/11/19 08:05:09 | 000,013,446 | ---- | C] () -- C:\Users\Hightorque UK\245.pdf
[2012/11/11 19:29:13 | 000,013,438 | ---- | C] () -- C:\Users\Hightorque UK\243.pdf
[2012/11/05 20:36:21 | 000,013,412 | ---- | C] () -- C:\Users\Hightorque UK\242.pdf
[2012/10/27 08:53:01 | 000,013,419 | ---- | C] () -- C:\Users\Hightorque UK\241.pdf
[2012/10/24 08:08:34 | 000,013,434 | ---- | C] () -- C:\Users\Hightorque UK\240.pdf
[2012/10/20 06:53:25 | 000,000,000 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Roaming\.NANotifyHere
[2012/10/05 15:42:42 | 000,013,395 | ---- | C] () -- C:\Users\Hightorque UK\237.pdf
[2012/10/05 15:42:26 | 000,013,393 | ---- | C] () -- C:\Users\Hightorque UK\236.pdf
[2012/09/29 06:53:56 | 000,013,400 | ---- | C] () -- C:\Users\Hightorque UK\235.pdf
[2012/09/20 14:40:24 | 000,013,497 | ---- | C] () -- C:\Users\Hightorque UK\234.pdf
[2012/09/18 07:37:21 | 000,013,549 | ---- | C] () -- C:\Users\Hightorque UK\233.pdf
[2012/09/15 18:48:01 | 000,013,382 | ---- | C] () -- C:\Users\Hightorque UK\232.pdf
[2012/09/05 09:49:38 | 000,013,481 | ---- | C] () -- C:\Users\Hightorque UK\231.pdf
[2012/09/04 12:20:38 | 000,005,102 | ---- | C] () -- C:\Users\Hightorque UK\page.pdf
[2012/09/03 12:16:39 | 000,060,285 | ---- | C] () -- C:\Users\Hightorque UK\RE-1201012735.pdf
[2012/03/16 11:02:58 | 000,014,412 | ---- | C] () -- C:\Users\Hightorque UK\Invoice R Gorry.pdf
[2012/02/10 09:30:35 | 000,000,000 | ---- | C] () -- C:\Users\Hightorque UK\chkdsk
[2011/09/01 15:29:54 | 009,395,499 | ---- | C] () -- C:\Users\Hightorque UK\smartstampsetup3.0.0.8XP.zip
[2010/08/25 09:54:17 | 000,000,780 | ---- | C] () -- C:\Users\Hightorque UK\.recently-used.xbel
[2010/06/18 14:40:14 | 000,000,340 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Roaming\wklnhst.dat
[2009/12/09 11:43:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/24 08:39:59 | 000,178,688 | ---- | C] () -- C:\Program Files\hjsplit.exe
[2009/10/23 08:02:50 | 000,000,081 | ---- | C] () -- C:\Users\Hightorque UK\CTX.DAT
[2009/10/22 15:21:53 | 008,801,704 | ---- | C] () -- C:\Program Files\FLV PlayerATBSetup.exe
[2009/10/14 09:24:51 | 000,000,680 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Local\d3d9caps.dat
[2009/10/13 13:50:47 | 000,216,576 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/13 11:05:29 | 000,000,008 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Roaming\usb.dat.bin

========== ZeroAccess Check ==========

[2006/11/02 12:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 06:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 06:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 929 bytes -> C:\Users\Hightorque UK\Documents\[email protected]_com.eml:OECustomProperty
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:56E2E879
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:D74B6CF5
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:553CA6CA

< End of report >
  • 0

Advertisements

#2
godawgs
Posted 07 March 2014 - 02:54 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello Geekimnot, :wave: Welcome to the forums!
:welcome:. My name is godawgs and I will be assisting you with your Virus / Malware issues.
I will start working on your Malware issues. This may, or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine!

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.
If you have not, please adhere to the guidelines below and then carefully follow all future instructions:

You must reply to posts within four days. If you haven't replied within that time, the topic will be closed! If you need additional time to complete things, just let me know.
If you're not sure, or if something unexpected happens, Do NOT continue! Stop and ask!

This board can notify you when a new reply is added to a topic. Please read this topic to find out how to do that.

Please do not run any tools unless instructed to do so.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability. Do as the instructions ask, nothing extra. Do Not run things twice unless instructed.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • If I ask a Question just answer it, don't run anything unless directed to.
Please read every post completely before doing anything.
  • Pay special attention to the NOTE: lines, or anything in red. These entries identify an individual issue or important step in the cleanup process.
  • Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. Some of the steps I will be asking you to do may require you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
Logs from malware diagnostic or removal programs (OTL is one of them) can take some time to analyze.
  • I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forum, (sometimes :lol: )
  • Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
Lastly, Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. Some infections are so severe that we might encounter situations where the only recourse is to re-format and re-install your operating system. Don't worry, this only happens in severe cases, but, sadly, it does happen.
In light of this be prepared to back up your data. Have means of backing up your data available.

IMPORTANT:Change your browser(s) to download any tools to the desktop.
Follow the directions here
For FireFox check the dot beside "Always ask me where to save files."
For Chrome, check the box beside "Ask where to save each file before downloading"
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

When OTL runs the first time it creates a file named Extras.txt. It should be in the same directory you ran OTL from. Please post the contents of that file.

There is a whole boat load of nasty that we need to get rid of but the first thing that needs addressing in your antivirus protection. You have two antivirus programs installed and running:

Norton Internet Security and Microsoft Security Essentials.

Multiple Antivirus Programs Installed

I see that you have more than one antivirus programs installed and running. You should only have one antivirus program installed and running. Antivirus programs run in the background providing continuous protection of your system. It's called Real-Time Protection, or scanning, and it uses system resources as it runs. Two or more antivirus programs running at the same time will use 2 or 3 times the amount of system resources, or more. Because each program wants control of the system, there will be conflicts caused, including false positives. The end result is actually LESS antivirus protection.

Please let me know which anntivirus program you want to keep when you post the Extras.txt log and I will help you uninstall the other one.
  • 0

#3
Geekimnot
Posted 08 March 2014 - 01:53 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
Hi,
Thank you for your offer of assistance.

I originally asked for help because of the problems with file deletion. Here is the link

http://www.geekstogo...35#entry2376235

As you will see I eventually ran Malwarebytes and got about 125 nasties

I was not aware that I had two sets of antivirus running, will keep whichever you suggest.

Cannot find a file called Extras.txt, only file with the OTL.exe is called OTL.txt that I already copied.
  • 0

#4
Geekimnot
Posted 08 March 2014 - 04:41 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
I was about to make a bootable DVD in case I have to do a full restore from backup an dgot a BLUE screen, it made some sort of "crash file" and I had to close the computer manually and reboot again.
  • 0

#5
godawgs
Posted 08 March 2014 - 10:47 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
I am aware of your topic in the Applications forum but thanks for informing me it was there.
As for the antivirus program, I'm afraid that's your call. Since you must pay a subscription fee each year for the Norton product I would ask you if the subscription is up to date. If it is and has many months left then you should keep the Norton AV.
If the Norton subscription has lapsed and you didn't renew it then you can go with either. I personally am not a big fan of Norton/Symantec. The program hogs too many system resources (RAM) and takes an enormous amount of space on the hard drive.

As for restoring Windows on the hard drive, it's possible that creating the disk won't work because of the malware on the system, however, the Disk Management screenshot that you provided in the application forum shows that your computer has a Recovery partition installed on the it. This recovery partition will let you restore the computer to factory specs. This is not a full restore from a backup as this option would require you to restore the computer then reinstall all updates and 3rd party software that has been installed since you got the computer. But you should be able to back up any personal date so that the data could be restored once the system has been restored. Of course this would be a last resort.

Can you tell me hat these files are:?

[2014/03/03 07:43:34 | 000,002,984 | ---- | M] () -- C:\{4A7544F2-4542-4BFD-8159-068C617AEBB8}
[2014/03/02 22:11:40 | 000,003,952 | ---- | M] () -- C:\{3086D3D3-3700-4E11-91E3-E4131AF239F5}
[2014/03/02 22:01:50 | 000,002,984 | ---- | M] () -- C:\{F32BA2B3-A7FB-424E-BA4D-3B8641A1771A}
[2014/03/02 18:02:27 | 000,002,984 | ---- | M] () -- C:\{D754B03C-BD40-4878-92DA-A155AABCDC35}
[2014/03/02 13:25:58 | 000,002,984 | ---- | M] () -- C:\{2B3DCCC6-885F-4E53-BD82-4C07F5C807C9}
[2014/03/01 09:09:49 | 000,002,984 | ---- | M] () -- C:\{1D5781DF-F56C-44AF-BDDD-3B958B21BB9C}
[2014/03/01 07:08:20 | 000,003,952 | ---- | M] () -- C:\{D3C590DB-9404-407C-BC99-8B87351FA244}
[2014/02/28 21:54:10 | 000,002,984 | ---- | M] () -- C:\{A5B7B5CA-85E8-4A71-BB68-01C5201B46A6}
[2014/02/28 21:19:24 | 000,002,984 | ---- | M] () -- C:\{34C1BFBE-A9C4-4E27-8C59-0CEE5EB40565}
[2014/02/28 21:06:31 | 000,002,984 | ---- | M] () -- C:\{F5D5C4E9-A0BE-4278-ACAE-EDD6BF79E041}
[2014/02/28 20:36:21 | 000,002,984 | ---- | M] () -- C:\{3D4E496F-C120-4F25-8A36-00F6C33BC563}
[2014/02/28 20:06:51 | 000,003,952 | ---- | M] () -- C:\{4B706913-A159-4059-860F-A2486B56428C}
[2014/02/28 20:05:46 | 000,002,984 | ---- | M] () -- C:\{64C815E0-036C-4122-BBF5-97232ABADA48}
[2014/02/28 19:48:01 | 000,002,984 | ---- | M] () -- C:\{FB80A745-DEB5-4248-975F-6F216ED1E394}
[2014/02/28 19:25:00 | 000,002,984 | ---- | M] () -- C:\{D2B230C0-759D-47E5-A4D0-18E847DB87AE}
[2014/02/28 19:09:55 | 000,002,984 | ---- | M] () -- C:\{CD977727-CD6E-44E3-B2AE-B83EECA29EC4}
[2014/02/28 18:49:47 | 000,002,984 | ---- | M] () -- C:\{9D8C464B-441B-497A-B7BE-B78E8519209E}
[2014/02/28 18:47:34 | 000,003,952 | ---- | M] () -- C:\{45D8E0AC-190C-4EE8-9854-5BF896A2AA8D}
[2014/02/28 18:44:17 | 000,002,984 | ---- | M] () -- C:\{B1AB1A9E-667C-4CE9-B6EB-118C662F5091}
[2014/02/28 17:47:52 | 000,002,984 | ---- | M] () -- C:\{EF9E9E63-3B18-4958-9A39-42CC24B312D2}
[2014/02/28 14:04:22 | 000,002,984 | ---- | M] () -- C:\{A9B59980-5B98-43AA-870A-AFE9F8385110}
[2014/02/28 13:57:36 | 000,002,984 | ---- | M] () -- C:\{E2A409F6-CBC0-4C52-8C7B-4F7C509E24E2}
[2014/02/28 13:45:42 | 000,002,984 | ---- | M] () -- C:\{5BCA3627-81EA-4542-8DE3-4BF243F0C252}
[2014/02/28 13:35:44 | 000,002,984 | ---- | M] () -- C:\{FE58315F-3BA8-4383-B949-74C65ED9CCF7}
[2014/02/28 13:02:50 | 000,002,984 | ---- | M] () -- C:\{DE2AEC18-4C80-49C7-B574-8E4B945F568F}
[2014/02/28 10:59:27 | 000,002,984 | ---- | M] () -- C:\{315D5B01-4904-4229-BF03-CAA7EEF51DC3}
[2014/02/28 10:08:45 | 000,002,984 | ---- | M] () -- C:\{AD998A23-2EEE-40A6-AAD4-638C32DA7DA6}
[2014/02/28 07:46:56 | 000,003,200 | ---- | M] () -- C:\{C3BFC792-D46C-4ED9-8DDF-1C5B8B732A5C}
[2014/02/27 21:50:56 | 000,002,984 | ---- | M] () -- C:\{5E1E9CC8-96A3-44A6-B053-A28C55000E50}
[2014/02/27 21:29:08 | 000,003,952 | ---- | M] () -- C:\{ECC84D31-CFF9-4791-ADA1-C132E58AE5C4}
[2014/02/27 21:26:36 | 000,002,984 | ---- | M] () -- C:\{0461240B-AB99-44AC-A68C-6478283504AD}
[2014/02/27 21:16:55 | 000,002,984 | ---- | M] () -- C:\{8F49ABC6-3F9F-4A6A-AFC5-33A2C412F6AE}
[2014/02/27 19:46:58 | 000,002,984 | ---- | M] () -- C:\{CEE388EF-9EA1-4F08-BDFC-E909684729AE}
[2014/02/27 15:57:01 | 000,002,984 | ---- | M] () -- C:\{5275EC81-BBDD-462E-8AB0-A3DA5A9F9EF8}
[2014/02/27 11:23:30 | 000,002,984 | ---- | M] () -- C:\{47A4E221-B673-49FE-961A-89011B904F2E}
[2014/02/27 09:46:49 | 000,002,984 | ---- | M] () -- C:\{3C10B6E3-4896-4F61-B79B-19A62AA41839}
[2014/02/27 09:26:11 | 000,002,984 | ---- | M] () -- C:\{065EB298-B535-403C-8846-4AC80B43C351}
[2014/02/27 07:40:36 | 000,003,360 | ---- | M] () -- C:\{E6A9E7E2-5BF8-4DA6-89C9-56AEB2A155A4}
[2014/02/26 20:37:11 | 000,002,984 | ---- | M] () -- C:\{245E48B1-8753-48A6-A508-0861AAEB6216}
[2014/02/26 20:30:21 | 000,000,296 | ---- | M] () -- C:\{279E8AD2-029F-4E4C-9756-93D0F2731DDB}
[2014/02/26 19:37:11 | 000,002,984 | ---- | M] () -- C:\{4B2FEDC2-42FB-4C4E-87D0-56C8D187D9C2}
[2014/02/26 19:24:07 | 000,002,984 | ---- | M] () -- C:\{60612E34-C1ED-4560-88EC-218FE2CE8896}
[2014/02/26 19:04:41 | 000,002,984 | ---- | M] () -- C:\{EC4436E7-E676-4A6E-B780-3BEE405E6CD5}
[2014/02/26 17:19:27 | 000,002,984 | ---- | M] () -- C:\{45DC781C-1368-4A2E-A4E2-7805D5F33FF6}
[2014/02/26 16:17:20 | 000,003,952 | ---- | M] () -- C:\{7CDFA68F-52ED-4710-9EE3-0AA124F05DC2}
[2014/02/26 16:15:35 | 000,002,984 | ---- | M] () -- C:\{A0AE74EB-122F-4062-8F14-85371030174A}
[2014/02/26 09:37:38 | 000,002,984 | ---- | M] () -- C:\{90DA461F-8545-48CE-ACC4-B071D246EC42}
[2014/02/26 09:18:58 | 000,002,984 | ---- | M] () -- C:\{C0B4D154-C5CB-443B-B38D-DBFC6D6B9589}
[2014/02/25 14:54:32 | 000,002,984 | ---- | M] () -- C:\{AABA3250-1C74-46A3-80F9-2F5ED7ABE04D}
[2014/02/25 13:53:36 | 000,002,984 | ---- | M] () -- C:\{8945B4B3-FD18-4550-B4C3-7F425507C986}
[2014/02/25 13:53:30 | 000,000,472 | ---- | M] () -- C:\{BF3CB1D3-A291-4151-BB96-814A243043B7}
[2014/02/25 13:07:43 | 000,002,984 | ---- | M] () -- C:\{913A18F1-1AB5-4EC7-8BC4-49B77FDF35C0}
[2014/02/24 14:40:39 | 000,002,984 | ---- | M] () -- C:\{9C4D5B9A-868D-46BF-9E8D-79ACC58ACFB5}
[2014/02/24 14:40:37 | 000,042,232 | ---- | M] () -- C:\{FC63D6A3-CB07-4182-BA3A-0484924B5CFA}
[2014/02/24 14:15:59 | 000,002,984 | ---- | M] () -- C:\{509D1C94-C804-470F-8F5C-29F67EDDA29D}
[2014/02/24 11:49:05 | 000,002,984 | ---- | M] () -- C:\{59443B53-19E1-427C-8190-634EBE170715}
[2014/02/22 22:59:45 | 000,002,872 | ---- | M] () -- C:\{2EF6201B-6697-47FA-9507-BEC61A1B731A}
[2014/02/22 21:48:54 | 000,003,952 | ---- | M] () -- C:\{62A2FFE0-37EE-4220-B62B-7D90123C2515}
[2014/02/22 21:47:22 | 000,002,984 | ---- | M] () -- C:\{E972C357-456D-495D-AEC1-2F5C6DA42442}
[2014/02/22 16:17:54 | 000,002,984 | ---- | M] () -- C:\{DECEEE24-2334-4525-A344-EDA59ABF1229}
[2014/02/21 08:17:50 | 000,031,640 | ---- | M] () -- C:\{E3E31B88-0ED7-45E4-98D5-3F4A8D6319D5}
[2014/02/19 20:37:56 | 000,002,984 | ---- | M] () -- C:\{5DBF9735-5F9D-4436-8FC0-52AC01569252}
[2014/02/18 11:10:58 | 000,003,000 | ---- | M] () -- C:\{9929DD5A-4C8D-4122-8670-27C3627F11D6}
[2014/02/17 20:10:08 | 000,002,984 | ---- | M] () -- C:\{368EFE50-B418-49BA-B186-C68A3DEA5E73}
[2014/02/17 18:18:15 | 000,003,952 | ---- | M] () -- C:\{D477ACDF-CC73-4136-8A33-486C4405B225}
[2014/02/17 18:16:43 | 000,002,984 | ---- | M] () -- C:\{0B487C60-D006-41FA-BCC1-AFF91DEBFF87}
[2014/02/17 13:57:04 | 000,003,952 | ---- | M] () -- C:\{C30423BE-5AA0-4689-A1DF-A08987033324}
[2014/02/17 13:26:34 | 000,002,984 | ---- | M] () -- C:\{D978A037-257B-4354-AA80-4E09C6F40FC8}
[2014/02/16 15:52:56 | 000,002,984 | ---- | M] () -- C:\{52CB0EFF-978B-4B3E-B45F-F32AE0DFD79F}
[2014/02/16 15:07:22 | 000,002,984 | ---- | M] () -- C:\{D3D4BC62-C1A7-4DE0-A7D0-A8B8C18CB26A}
[2014/02/16 13:20:24 | 000,002,984 | ---- | M] () -- C:\{9AA6C66F-7690-4B61-9755-6DF9D55C0F1A}
[2014/02/07 13:45:07 | 000,003,280 | ---- | M] () -- C:\{180F9711-547D-42C7-B4F7-8662231EAD41}
[2014/02/07 13:29:02 | 000,003,568 | ---- | M] () -- C:\{AEAEFD14-4F40-42A9-B174-BF61E14A6591}


As for the Extras.txt log, OTL only generates this log on it's first run, but saves it in the same folder that OTL is run from. Please check the C:\Users\Hightorque UK\Downloads folder again for the Extras.txt log. If it isn't there we will force OTL to generate another one.


Posted Image OTL Scan

Please re-open Posted Image on the desktop. To do that:
  • Vista /7 users: right click the icon and click Run as Administrator.
Make sure all other windows are closed .
  • You will see a console like the one below:

    Posted Image
  • At the top of the console click the greyed out None button<---Very Important
  • Make sure the Output box at the top is set to Standard Output.
  • In the Extra Registry section click the radio button beside Use Safelist.<---Very Important
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted.
  • When the scan completes, it will open two notepad windows, OTL.Txt will be open on the desktop and the Extras.Txt file will be minimized on the taskbar.
  • I don't need the OTL.txt log so click the red X in the upper right hand corner of the file to delete it.
  • Open the Extras.txt file and Copy and Paste it into your next reply, along with the answers to my questions.

  • 0

#6
Geekimnot
Posted 09 March 2014 - 04:46 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
I have no idea what are the list of files, and where they came from.

Drive D is a virtual drive, a partition of drive C, if the computer fails to reboot surely I would need a bootable disc?

I will be quite happy to unistall Norton.

I ran the OTL program with the selections requeated, the OTL program did not give 64 bit option, just "Scan all users" once again it only produced the OTL.txt log

Took 1h40min to run

Tried to paste a copy of the OTL image but it would not paste.

I am using Nero Live backup for drivcs C D and F, C = 191.10megs D = 6.54megs and F = 128.04megs, but the backup files are not of a corresponding size.

Should I copy them onto one of my removable drives ?
  • 0

#7
godawgs
Posted 09 March 2014 - 10:12 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Thanks for the info about the antivirus.

I ran the OTL program with the selections requeated, the OTL program did not give 64 bit option, just "Scan all users" once again it only produced the OTL.txt log

That's probably because you didn't click the NONE button at the top and click the UseSafelist radio button in the Extra Registry section. You won't get the Include 64bit Scans box because this is a 32-bit system. And selecting the None button should drastically cut the time it takes the scan to run.
I have redone the directions and put a red box around the items.


Posted Image OTL Scan

Please re-open Posted Image on the desktop. To do that:
  • Vista /7 users: right click the icon and click Run as Administrator.
Make sure all other windows are closed .
  • You will see a console like the one below:

    [attachment=69477:Force Extras text.jpg]

  • At the top of the console (#1.), click the greyed out None button.
    NOTE: When you click the None button, ALL of the sections will immediately selsect the None radio button.
  • At the top of the console (#2.), click the box beside Scan All Users
  • Make sure the Output box at the top is set to Standard Output. (#3.)
  • In the Extra Registry section (#4.) click the circle beside Use Safelist.
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted.
  • When the scan completes, it will open two notepad windows, OTL.txt will be open on the desktop and Extras.txt will be minimized on the taskbar. These are saved in the same location as OTL.
  • I don't need the OTL.txt file so just close it and open the Extras.txt file. Please copy the contents of that file and paste it into your reply. To do that:
  • On the .txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
  • Right-click inside the forum post window then click Paste. This will paste the contents of the .txt file in the in the post window.

  • 0

#8
Geekimnot
Posted 09 March 2014 - 10:18 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
Hi

I followed your instructions exactly, could not get the screenshot to paste, have added it as an attachment.

Do you want me to run it again?
  • 0

#9
Geekimnot
Posted 09 March 2014 - 10:27 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
Sorry
Did not realise you changed the settings :whistling:
  • 0

#10
Geekimnot
Posted 09 March 2014 - 10:32 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
I will be more careful reading next time - so sorry - don't want to be wasting your time. :surrender:

Here is the extras log


OTL Extras logfile created on: 09/03/2014 16:26:52 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hightorque UK\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19499)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.97 Gb Total Physical Memory | 1.50 Gb Available Physical Memory | 50.74% Memory free
6.14 Gb Paging File | 3.65 Gb Available in Paging File | 59.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.01 Gb Total Space | 104.08 Gb Free Space | 36.14% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 3.45 Gb Free Space | 34.54% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 157.58 Gb Free Space | 52.86% Space Free | Partition Type: NTFS
Drive G: | 111.79 Gb Total Space | 20.96 Gb Free Space | 18.75% Space Free | Partition Type: NTFS
Drive H: | 931.28 Gb Total Space | 629.93 Gb Free Space | 67.64% Space Free | Partition Type: FAT32

Computer Name: HIGHTORQUEUK-PC | User Name: Hightorque UK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = ComFile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [SPEEDbitVideoConverter] -- "C:\Programs\SpeedBit Video Downloader\Converter.exe" -convert=%1 (SPEEDbit Ltd.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07F317C1-2ABF-42F5-A597-E22C4B90F9F7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{0DF4B059-33D0-4EBE-B517-07B93B6C3EEC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0FE5F941-4EA2-43F8-BDFB-B153CD95F414}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{132A4A84-DEC5-49AB-AD08-A8EEC7621BDB}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{186A2EB4-F0C9-4D01-966C-E858A2B4EC9E}" = lport=445 | protocol=6 | dir=in | app=system |
"{22223CFD-C6C9-41DD-878A-4D3C91B04791}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{28F4C516-9F5E-44E5-A5F4-CED982A48ED0}" = rport=138 | protocol=17 | dir=out | app=system |
"{3DF0E31A-4FC8-441A-986C-1CF54C3F54AD}" = rport=139 | protocol=6 | dir=out | app=system |
"{5FCFC544-157D-4685-A500-7F05C0BB235E}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{616E1A1A-9D53-4BD4-A910-A1F4D8811DA5}" = rport=445 | protocol=6 | dir=out | app=system |
"{6E61D9F7-EA39-412C-87FF-120D88904FCC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{985AAB07-9A85-41F8-9F5A-AAE08A1897C1}" = lport=138 | protocol=17 | dir=in | app=system |
"{A915999D-8266-4E82-B29A-CD33F848E67B}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{B4465873-6042-450F-A487-91737CFD870F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{CE11F9E4-51D6-456D-B9BB-93D754DF3969}" = lport=139 | protocol=6 | dir=in | app=system |
"{CE21B1F0-DBA2-405F-A6E2-49E2A88D2E5E}" = rport=137 | protocol=17 | dir=out | app=system |
"{D43F589D-A0CD-4766-91C4-B52E7A4F28B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D4A62FD1-C4F1-4CCF-8017-290D6E2CDBAF}" = lport=137 | protocol=17 | dir=in | app=system |
"{EE4EFC20-09FC-4E00-B582-6B74AC31D1AE}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{053A9B01-9708-4585-BBB2-F66F9D451DC9}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{07DCE907-F1C3-4B54-8938-A55575742FD0}" = protocol=58 | dir=out | [email protected],-28546 |
"{08525BC6-1F27-4AB9-93EA-9A9C10D665B2}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7a\aolbrowser\aolbrowser.exe |
"{0BAB4358-293A-44DE-8323-D85A72676A6E}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{0CC4B27C-CD83-4AF9-B17A-A91EA71CF60F}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{0D14B2C7-3BEC-4BE2-9EC6-949B1F0EAD5C}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{0D2A32CA-E472-4272-9A84-27261BA4C076}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{12460854-D7C3-490F-90B0-1EB111A704CD}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7b\aolbrowser\aolbrowser.exe |
"{16E07B99-5ED2-4C09-8091-4F1505929AA1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aoldesktop.exe |
"{19625F6B-7C0B-4F8F-82F0-A9279E3B175A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{1B306D3A-C250-432C-934E-6B2E283EC830}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe |
"{1BA6D15B-4395-4075-BCF0-B9BCB4436467}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{1BFFF3A2-B1E8-4EDA-9ABC-6856394B50B8}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aolsoftware.exe |
"{1C605D36-C784-4F50-A42A-4361EBABD28E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{21CC8216-0C2F-4D90-AEB3-E6F1413AB281}" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"{22ED4388-A121-4F40-BAE1-E0E01ACEFE36}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{2331A264-D2DA-4B37-9960-99DF2010DF14}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7c\aolbrowser\aolbrowser.exe |
"{2524A187-87A4-45C6-840A-74E94C434DE7}" = protocol=6 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{2CBA721C-2FBC-4741-AEA5-5E785E9E28F8}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{2F098411-DF09-4F9D-92B0-E6D19DF3A778}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{33CC5930-4FDD-48E4-ADC9-7391EEB88B34}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{3483881B-0620-4E87-BE2B-02B5D57DCE54}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7\waol.exe |
"{34AE0147-823F-44F9-BAED-EF086638DAB5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{36370AF4-D0FE-43E3-9989-01BADEFA69F8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{36B3DE03-9E53-49B2-B1FA-55F30F6241D4}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7\aolbrowser\aolbrowser.exe |
"{3A9E62F5-B390-42AE-AFCF-5E655AA5D0A2}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{3BE798B8-2290-41E4-B70F-96FB03BCF376}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{3BF8BF90-C81A-4DDC-BF8A-FB87AE0D9869}" = protocol=17 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{3D7E87D3-FF62-4E71-B134-5C06EC8342EC}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{3FFF71AD-DDD2-4CEE-A0A7-F58998BD96BA}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7c\aolbrowser\aolbrowser.exe |
"{4048A7CD-1A46-431C-B3C4-9836C61CC2F8}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7\waol.exe |
"{4135EEBE-B411-49BD-A4F0-20AE6E431868}" = protocol=17 | dir=in | app=c:\downloads\pdfconvertersetup.exe |
"{47B72E79-C624-486B-B1B3-6DA58743B51B}" = protocol=6 | dir=in | app=c:\program files\nero\km\kwikmedia.exe |
"{4A9FD253-21AB-4F95-AE51-307F8D21D43F}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{4AA8AD6F-45D6-4B69-AF50-6C0F4E3AC67B}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7b\aolbrowser\aolbrowser.exe |
"{4E0CA0C8-E4F3-4CE0-B844-C0EFAAE7505D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{4F459A0F-7178-400C-95F3-D1FBCB0FF9EF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{4F4AC99E-7227-4BAB-B2CC-FE08465603DF}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{501E3BDE-D4D6-4BE3-9677-900D946638B1}" = protocol=1 | dir=in | [email protected],-28543 |
"{505DE934-6DC2-4153-89FD-CB35A7549CF8}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{51589D12-87D3-497E-A7A4-82012F714A00}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{552A2D5A-B83C-410B-9E38-913D3257038F}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7a\aolbrowser\aolbrowser.exe |
"{5833F161-62A0-4006-B466-BD1EBE506F71}" = protocol=1 | dir=out | [email protected],-28544 |
"{586E13FB-A713-49F5-A139-D2CF967BEFEA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aolsoftware.exe |
"{5FD4F1C1-4B75-4505-848A-A6B3A1459606}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7a\waol.exe |
"{62AB1400-41CE-410F-B818-24AC0E614217}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aolsoftware.exe |
"{6517AF5D-C693-4EFD-AA26-B1F6A7990832}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{6602D80B-49AC-4C9A-8B7D-C418FCE86AF0}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{674D64B5-6D7B-4477-8090-02DB9D482E76}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6ED51702-B50A-40CF-9B52-09C668D52D91}" = protocol=17 | dir=in | app=c:\program files\nero\km\kwikmedia.exe |
"{6F690916-8E1A-48DD-B6DB-CDB9F0C7AA67}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{73506CBB-E9F6-4DBC-B00A-D6CC6563C38D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{83772F90-184E-48AE-8982-0DBF112B5F90}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{83C6EB1A-73F4-4776-B1FF-68F5D71EA0FF}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{8758795F-9469-4512-B1CA-A7420DF57D63}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{8B76FF50-123E-4EDD-9E5B-B52CDC2D3993}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{8E9CD44D-1CA3-4ED6-BED6-AA6E1FA1B723}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{90412837-47EB-49E7-94B2-0FE6BE42836D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{96BB0B4D-C498-4EA6-9724-77DC58E40512}" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"{96D2337B-2490-4711-B359-83E7E2AC8850}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{97826E85-FC34-4FC6-8042-7CBFD2919ECD}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe |
"{9B06383E-31FB-48DE-80A7-C5B4556F8278}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{9B836487-69A1-4A99-96F9-F69DD186259D}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7a\waol.exe |
"{9CF8CDBE-ACCA-4711-A1C6-D2EE78BEA7D5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{9FF478B7-5D8A-49C2-9CB8-B2AD0A3547C7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{A5B92A55-A3F4-4436-BE2F-DEDF45F155EC}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{A8482977-2E33-48A7-9CE3-DD9F826CA6F5}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A992D537-816D-4DDD-A2C1-5285C3F6ADE7}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{ABA0D408-366B-4B27-AEF9-EEA004F085A0}" = protocol=6 | dir=in | app=c:\program files\crashplan\crashplanservice.exe |
"{ACF83802-C66C-4C52-A315-3477DE27927D}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.6\aolbrowser\aolbrowser.exe |
"{AD8D5EA1-C2BE-4242-8920-DDCD183BC380}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{AFDDCAF0-EF18-4357-A95F-C4F44AEA2A4A}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7\aolbrowser\aolbrowser.exe |
"{B4588D29-8386-400E-8BBE-FACFC6A90E1F}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.6\aolbrowser\aolbrowser.exe |
"{B4D5B5AE-15C4-42AD-9FEA-2D7C4331663C}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{B5211EE9-F8D4-447E-9C50-990F70785C73}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{BE2D0E59-C544-4B06-9813-8762A46EA9BD}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{BE53A22E-8A96-48A1-AE9E-29A150F306EB}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{BF7F017D-E89F-4DC3-A554-BADD69EBC339}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7c\waol.exe |
"{C6EF6268-DD64-42E3-AEB9-FA6EFE715BB0}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7b\waol.exe |
"{D4D02CC9-56F1-4321-A441-3B495BD4DDCB}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7b\waol.exe |
"{D7042579-3E34-4D4C-BF3E-73D84CF1CF56}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{DC222EA4-9378-48D4-96F4-FF704DC11280}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{DD8418B9-3E78-4FE6-B33C-A579217D46DB}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{E453EEB0-2003-4B5A-AA01-63284B49585E}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{E75D1070-DD7F-486B-8A80-A3E97F839BC7}" = protocol=6 | dir=in | app=c:\downloads\pdfconvertersetup.exe |
"{E9C79063-4138-46A8-981D-CEA7D948396F}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{F13A1143-C234-45AF-A2B7-53573BC44B5D}" = protocol=17 | dir=in | app=c:\program files\crashplan\crashplanservice.exe |
"{F1515556-D768-4CA1-8140-B1F164F6299B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aoldesktop.exe |
"{F2132DBD-DF68-46A1-9CAE-2A4D45453251}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{F4410B67-3373-41E3-865E-8E47989BBF67}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7c\waol.exe |
"{F4E19E49-7DE7-4B76-B70A-80FDF6F62ABB}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.6\waol.exe |
"{F9E23EBA-1560-4793-8371-BB03AFE8B129}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aolsoftware.exe |
"{FCDEC09A-F499-4FD6-A179-84437534B8C5}" = protocol=58 | dir=in | [email protected],-28545 |
"{FEC77303-E6A8-40BF-A0DA-5C00DE1DA2F8}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.6\waol.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{0320AB41-0926-4218-A8A6-68AC84E6BB93}" = Nero Recode 11
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{13d868cf-47e9-4b3d-9366-a0c60f82e5aa}" = Striata Reader
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A6D9B5E-9BAB-4141-85BA-2C6552FA7913}" = Dell Backup and Recovery Manager
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1E604EC6-0410-47FB-A5D0-0A935A0DFA6B}_is1" = PDF to ePUB/Mobi Converter version 2.4.0
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2149FA24-7AD5-4412-89A5-034C9A9710BB}" = CrashPlan
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36EEFD4F-E34C-4491-B04A-DB8F85C3A021}" = Diagnostics32
"{38700C90-0536-4240-8B08-3F83E2CD8AAD}" = Windows Internet Explorer Platform Preview
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{4493E86C-1408-4AF6-8455-0744D25CD355}" = Serif WebPlus 9.0
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D719053-5593-11D3-8F25-0060085C1758}" = Microsoft AutoRoute 2001
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51865D9D-8F63-46F2-87AB-9E72F93B618C}" = Welcome App (Start-up experience)
"{52AF109C-08DC-460D-AA8C-74A71EEEA2BE}" = EMCO MoveOnBoot 2.3
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{60379D61-4F60-4C0D-ADB0-7670BD513AE1}" = Pubs
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}" = SavingsBull
"{70F34647-F8B6-492E-9A21-8232106536EB}" = Word-To-Html
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7A3E6E1C-CF5A-4CE9-B8D6-A2F9B7BA18FC}" = BlackBerry Desktop Software 7.1
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80BFAC4A-59FA-4E3D-8FD7-CFA8F5B227CB}" = Serif WebPlus 9.0 Resource CD-ROM
"{810B7362-6B05-4714-AF6A-EF3A20CCD634}" = Nero 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{99072AB4-D795-44D5-9D65-E3C9F8322C97}" = TomTom HOME
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9)
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BC86ABDF-8148-44B3-8105-4AE9DDBFDCB6}" = Betting Assistant
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C3F9AC0D-3A6D-42F7-8A44-80335A366233}" = Install
"{C61E46F5-0699-400B-B9BF-899349F10776}" = Wireless Setup Utility 32
"{C65AA5AE-8B80-46B6-ADFC-BBF1EFF2AD98}_is1" = EPUB to MOBI
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF0102B1-4E96-4953-8625-E73CEBC491E9}" = SmartStamp
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F4953044-0533-4F01-B0FC-1D271AB998D8}" = Inkjet Toolbox
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"001Joiner_is1" = 001 Joiner
"7-Zip" = 7-Zip 4.57
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AOL Broadband Toolbar" = AOL Broadband Toolbar
"AOL Regclient" = AOL Registration
"AOL Toolbar" = AOL Toolbar
"AOL Toolbar for Firefox" = AOL Toolbar for Firefox
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Applian FLV Player2.0.24" = Applian FLV Player
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"Dell V305" = Dell V305
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"Everything" = Everything 1.2.1.371
"File Shredder_is1" = File Shredder 2.5
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallConverter" = InstallConverter
"InstallShield_{DF0102B1-4E96-4953-8625-E73CEBC491E9}" = SmartStamp
"iPubsoft Word to PDF Converter_is1" = iPubsoft Word to PDF Converter build(2.2.11)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Meo" = MEO Encryption Software
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"NIS" = Norton Internet Security
"PCL-W300 Capture" = PCL-W300 Capture
"PROPLUS" = Microsoft Office Professional Plus 2007
"Rapport_msi" = Trusteer Endpoint Protection
"ReadingFanatic_6xbar Uninstall" = ReadingFanatic Toolbar
"RealPlayer 12.0" = RealPlayer
"Sage Line 50 6.0" = Sage Line 50 6.0
"SaveSense" = SaveSense (remove only)
"SearchProtect" = Search Protect
"Searchqu Toolbar" = Searchqu Toolbar
"Serif PagePlus 5.0" = Serif PagePlus 5.0
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"The Staking Machine V3.0" = The Staking Machine V3.0
"The Staking Machine V4.0" = The Staking Machine V4.0
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.2
"WebPost" = Microsoft Web Publishing Wizard 1.5
"WinLiveSuite" = Windows Live Essentials
"WinTopo" = WinTopo

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"AOL Toolbar" = AOL Toolbar

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 08/03/2014 10:46:15 | Computer Name = HightorqueUK-PC | Source = Application Error | ID = 1000
Description = Faulting application NBCore.exe, version 6.2.2.100, time stamp 0x4f0fd683,
faulting module NBDiskTools.dll, version 6.2.2.100, time stamp 0x4f0fd7c8, exception
code 0xc0000005, fault offset 0x00014140, process id 0x218c, application start time
0x01cf3add18366090.

Error - 08/03/2014 10:46:21 | Computer Name = HightorqueUK-PC | Source = Application Error | ID = 1000
Description = Faulting application NBCore.exe, version 6.2.2.100, time stamp 0x4f0fd683,
faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception
code 0xe06d7363, fault offset 0x0003fc16, process id 0x218c, application start time
0x01cf3add18366090.

Error - 08/03/2014 12:46:14 | Computer Name = HightorqueUK-PC | Source = Application Error | ID = 1000
Description = Faulting application NBCore.exe, version 6.2.2.100, time stamp 0x4f0fd683,
faulting module NBDiskTools.dll, version 6.2.2.100, time stamp 0x4f0fd7c8, exception
code 0xc0000005, fault offset 0x00014140, process id 0x1708, application start time
0x01cf3aeddad98b80.

Error - 08/03/2014 14:46:08 | Computer Name = HightorqueUK-PC | Source = Application Error | ID = 1000
Description = Faulting application NBCore.exe, version 6.2.2.100, time stamp 0x4f0fd683,
faulting module NBDiskTools.dll, version 6.2.2.100, time stamp 0x4f0fd7c8, exception
code 0xc0000005, fault offset 0x00014140, process id 0x1b48, application start time
0x01cf3afe9e115550.

Error - 08/03/2014 18:46:39 | Computer Name = HightorqueUK-PC | Source = Application Error | ID = 1000
Description = Faulting application NBCore.exe, version 6.2.2.100, time stamp 0x4f0fd683,
faulting module NBDiskTools.dll, version 6.2.2.100, time stamp 0x4f0fd7c8, exception
code 0xc0000005, fault offset 0x00014140, process id 0x2738, application start time
0x01cf3b2026affdf0.

Error - 09/03/2014 03:06:37 | Computer Name = HightorqueUK-PC | Source = MsiInstaller | ID = 11719
Description =

Error - 09/03/2014 03:15:55 | Computer Name = HightorqueUK-PC | Source = WinMgmt | ID = 10
Description =

Error - 09/03/2014 08:58:59 | Computer Name = HightorqueUK-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\real\realplayer\plugins\rmxrend.dll".
Dependent
Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 09/03/2014 09:02:10 | Computer Name = HightorqueUK-PC | Source = .NET Runtime | ID = 1026
Description =

Error - 09/03/2014 12:24:30 | Computer Name = HightorqueUK-PC | Source = Application Hang | ID = 1002
Description = The program waol.exe version 9.7.2.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 1074 Start Time: 01cf3b720e35ac91 Termination Time: 156

[ OSession Events ]
Error - 13/02/2012 10:06:03 | Computer Name = HightorqueUK-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 16733
seconds with 720 seconds of active time. This session ended with a crash.

Error - 01/04/2012 06:15:00 | Computer Name = HightorqueUK-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4386
seconds with 540 seconds of active time. This session ended with a crash.

Error - 25/07/2013 03:47:05 | Computer Name = HightorqueUK-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2382
seconds with 900 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 08/03/2014 08:16:34 | Computer Name = HightorqueUK-PC | Source = volsnap | ID = 393230
Description = The shadow copies of volume C: were aborted because of an IO failure
on volume C:.

Error - 08/03/2014 08:45:44 | Computer Name = HightorqueUK-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 09/03/2014 03:08:42 | Computer Name = HightorqueUK-PC | Source = DCOM | ID = 10005
Description =

Error - 09/03/2014 03:09:08 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7043
Description =

Error - 09/03/2014 03:09:08 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 09/03/2014 03:09:08 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 09/03/2014 03:15:55 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 09/03/2014 03:15:55 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 09/03/2014 03:15:56 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 09/03/2014 04:29:00 | Computer Name = HightorqueUK-PC | Source = Microsoft-Windows-DriverFrameworks-UserMode | ID = 10101
Description =


< End of report >
  • 0

Advertisements

#11
godawgs
Posted 09 March 2014 - 03:58 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

I will be more careful reading next time - so sorry - don't want to be wasting your time.

No problem. We'll figure it out as we go along. :) Thanks for the log.
Let's get started. I would recommend that you print these instructions out or save them to a text file so you will have them when you start.
If you don't understand something or have a question please stop and ask.


Step-1.

Please download the following tool and save it to the desktop:

1.
Click here to download the Norton Removal Tool
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.


Step-2.

Uninstall Programs

1. Please click the Start Orb Posted Image, click Control Panel. Under the Programs or Programs and Features heading click Uninstall a program
2. In the list of programs installed, locate the following program(s):

Norton Internet Security
ReadingFanatic Toolbar
SaveSense (remove only)
Search Protect
Searchqu Toolbar
Viewpoint Media Player

3. Right click each program and click Uninstall
4. After the programs have been uninstalled, close the Installed Programs window and the Control Panel.
5. Reboot the computer.
NOTE: If one of the programs won't uninstall just go on to the next one and let me know which program(s) wouldn't uninstall when you post the logs.


Step-3.

Run the Norton Removal Tool

The Norton Removal Tool uninstalls Norton AntiVirus, Norton Internet Security, Norton 360, and Norton SystemWorks from your computer.

  • On the Windows desktop, double-click the Norton Removal Tool icon.
  • Follow the on-screen instructions.
  • Restart your computer.
  • Your computer may be restarted more than once, and you may be asked to repeat some steps after the computer restarts.

Step-4.

Posted Image OTL Fix

Please close all open windows and browsers

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the quote box below (Do Not copy the word Quote. To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.

:COMMANDS
[createrestorepoint]

:OTL
PRC - [2013/07/13 07:19:54 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xbrmon.exe
PRC - [2012/09/02 11:21:22 | 001,890,744 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{238FC398-6E30-4CB8-A19C-9256D94FF15F}\MpKsl6938a72b.sys -- (MpKsl6938a72b)
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.conduit.com/?ctid=CT [Binary data over 200 bytes]
IE - HKCU\..\URLSearchHook: {421fb3de-4b9f-48e5-abf1-f96f8aaca70a} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
http://websearch.ask...91-11255921A2F7
IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylo....19&affID=17160
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
FF - HKLM\Software\MozillaPlugins\@ReadingFanatic_6x.com/Plugin: C:\Program Files\ReadingFanatic_6x\bar\8.bin\NP6xStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]_6x.com: C:\Program Files\ReadingFanatic_6x\bar\8.bin [2014/03/04 20:56:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\IPSFF [2013/10/09 18:56:40 | 000,000,000 | ---D | M]
[2011/05/23 09:00:10 | 000,002,423 | ---- | M] () O2 - BHO: (Search Assistant BHO) - {2d948797-8fe3-4508-9b6f-4bf349a9ea34} - C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xSrcAs.dll (MindSpark)
O2 - BHO: (SaveSense) - {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} - C:\Program Files\SaveSense\SaveSenseIE.dll (SaveSense)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)-- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ReadingFanatic) - {b36151d1-7770-4480-87e4-f89fb54e173d} - C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [BrowserSafeguard] "C:\Program Files\Browsersafeguard\BrowserSafeguard.exe" File not found
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [ReadingFanatic Search Scope Monitor] C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [ReadingFanatic_6x Browser Plugin Loader] C:\Program Files\ReadingFanatic_6x\bar\8.bin\6xbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [Registry Helper] "C:\Program Files\Registry Helper\RegistryHelper.Exe" /boot File not found
O4 - HKCU..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe File not found
O15 - HKCU\..Trusted Domains: pornbb.org ([www] http in Trusted sites)
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~2\Datamngr\datamngr.dll) - C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
[2014/03/04 08:09:36 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\BrowserSafeguard
[2014/02/21 15:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\SavingsBull
[2014/02/21 15:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Registry Helper
[2014/02/16 12:44:39 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Roaming\newnext.me
[2014/02/16 12:44:17 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\genienext
[2014/02/16 12:44:11 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\Mobogenie
[2014/02/16 12:44:11 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\Mobogenie
[2014/02/13 06:57:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\SearchProtect
[2014/02/07 08:26:11 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
[2014/02/07 08:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2014/02/07 08:23:46 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Local\SearchProtect
[2011/03/03 09:38:21 | 014,117,728 | ---- | C] (IObit ) -- C:\Users\Hightorque UK\is360setup.exe
[2014/03/07 08:38:20 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2014/03/06 18:00:39 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2014/03/06 10:25:56 | 000,002,376 | ---- | M] () -- C:\{8A42E215-40D1-4A15-8564-513DD3F032EF}
[2014/03/03 07:43:34 | 000,002,984 | ---- | M] () -- C:\{4A7544F2-4542-4BFD-8159-068C617AEBB8}
[2014/03/02 22:11:40 | 000,003,952 | ---- | M] () -- C:\{3086D3D3-3700-4E11-91E3-E4131AF239F5}
[2014/03/02 22:01:50 | 000,002,984 | ---- | M] () -- C:\{F32BA2B3-A7FB-424E-BA4D-3B8641A1771A}
[2014/03/02 18:02:27 | 000,002,984 | ---- | M] () -- C:\{D754B03C-BD40-4878-92DA-A155AABCDC35}
[2014/03/02 13:25:58 | 000,002,984 | ---- | M] () -- C:\{2B3DCCC6-885F-4E53-BD82-4C07F5C807C9}
[2014/03/01 09:09:49 | 000,002,984 | ---- | M] () -- C:\{1D5781DF-F56C-44AF-BDDD-3B958B21BB9C}
[2014/03/01 07:08:20 | 000,003,952 | ---- | M] () -- C:\{D3C590DB-9404-407C-BC99-8B87351FA244}
[2014/02/28 21:54:10 | 000,002,984 | ---- | M] () -- C:\{A5B7B5CA-85E8-4A71-BB68-01C5201B46A6}
[2014/02/28 21:19:24 | 000,002,984 | ---- | M] () -- C:\{34C1BFBE-A9C4-4E27-8C59-0CEE5EB40565}
[2014/02/28 21:06:31 | 000,002,984 | ---- | M] () -- C:\{F5D5C4E9-A0BE-4278-ACAE-EDD6BF79E041}
[2014/02/28 20:36:21 | 000,002,984 | ---- | M] () -- C:\{3D4E496F-C120-4F25-8A36-00F6C33BC563}
[2014/02/28 20:06:51 | 000,003,952 | ---- | M] () -- C:\{4B706913-A159-4059-860F-A2486B56428C}
[2014/02/28 20:05:46 | 000,002,984 | ---- | M] () -- C:\{64C815E0-036C-4122-BBF5-97232ABADA48}
[2014/02/28 19:48:01 | 000,002,984 | ---- | M] () -- C:\{FB80A745-DEB5-4248-975F-6F216ED1E394}
[2014/02/28 19:25:00 | 000,002,984 | ---- | M] () -- C:\{D2B230C0-759D-47E5-A4D0-18E847DB87AE}
[2014/02/28 19:09:55 | 000,002,984 | ---- | M] () -- C:\{CD977727-CD6E-44E3-B2AE-B83EECA29EC4}
[2014/02/28 18:49:47 | 000,002,984 | ---- | M] () -- C:\{9D8C464B-441B-497A-B7BE-B78E8519209E}
[2014/02/28 18:47:34 | 000,003,952 | ---- | M] () -- C:\{45D8E0AC-190C-4EE8-9854-5BF896A2AA8D}
[2014/02/28 18:44:17 | 000,002,984 | ---- | M] () -- C:\{B1AB1A9E-667C-4CE9-B6EB-118C662F5091}
[2014/02/28 17:47:52 | 000,002,984 | ---- | M] () -- C:\{EF9E9E63-3B18-4958-9A39-42CC24B312D2}
[2014/02/28 14:04:22 | 000,002,984 | ---- | M] () -- C:\{A9B59980-5B98-43AA-870A-AFE9F8385110}
[2014/02/28 13:57:36 | 000,002,984 | ---- | M] () -- C:\{E2A409F6-CBC0-4C52-8C7B-4F7C509E24E2}
[2014/02/28 13:45:42 | 000,002,984 | ---- | M] () -- C:\{5BCA3627-81EA-4542-8DE3-4BF243F0C252}
[2014/02/28 13:35:44 | 000,002,984 | ---- | M] () -- C:\{FE58315F-3BA8-4383-B949-74C65ED9CCF7}
[2014/02/28 13:02:50 | 000,002,984 | ---- | M] () -- C:\{DE2AEC18-4C80-49C7-B574-8E4B945F568F}
[2014/02/28 10:59:27 | 000,002,984 | ---- | M] () -- C:\{315D5B01-4904-4229-BF03-CAA7EEF51DC3}
[2014/02/28 10:08:45 | 000,002,984 | ---- | M] () -- C:\{AD998A23-2EEE-40A6-AAD4-638C32DA7DA6}
[2014/02/28 07:46:56 | 000,003,200 | ---- | M] () -- C:\{C3BFC792-D46C-4ED9-8DDF-1C5B8B732A5C}
[2014/02/27 21:50:56 | 000,002,984 | ---- | M] () -- C:\{5E1E9CC8-96A3-44A6-B053-A28C55000E50}
[2014/02/27 21:29:08 | 000,003,952 | ---- | M] () -- C:\{ECC84D31-CFF9-4791-ADA1-C132E58AE5C4}
[2014/02/27 21:26:36 | 000,002,984 | ---- | M] () -- C:\{0461240B-AB99-44AC-A68C-6478283504AD}
[2014/02/27 21:16:55 | 000,002,984 | ---- | M] () -- C:\{8F49ABC6-3F9F-4A6A-AFC5-33A2C412F6AE}
[2014/02/27 19:46:58 | 000,002,984 | ---- | M] () -- C:\{CEE388EF-9EA1-4F08-BDFC-E909684729AE}
[2014/02/27 15:57:01 | 000,002,984 | ---- | M] () -- C:\{5275EC81-BBDD-462E-8AB0-A3DA5A9F9EF8}
[2014/02/27 11:23:30 | 000,002,984 | ---- | M] () -- C:\{47A4E221-B673-49FE-961A-89011B904F2E}
[2014/02/27 09:46:49 | 000,002,984 | ---- | M] () -- C:\{3C10B6E3-4896-4F61-B79B-19A62AA41839}
[2014/02/27 09:26:11 | 000,002,984 | ---- | M] () -- C:\{065EB298-B535-403C-8846-4AC80B43C351}
[2014/02/27 07:40:36 | 000,003,360 | ---- | M] () -- C:\{E6A9E7E2-5BF8-4DA6-89C9-56AEB2A155A4}
[2014/02/26 20:37:11 | 000,002,984 | ---- | M] () -- C:\{245E48B1-8753-48A6-A508-0861AAEB6216}
[2014/02/26 20:30:21 | 000,000,296 | ---- | M] () -- C:\{279E8AD2-029F-4E4C-9756-93D0F2731DDB}
[2014/02/26 19:37:11 | 000,002,984 | ---- | M] () -- C:\{4B2FEDC2-42FB-4C4E-87D0-56C8D187D9C2}
[2014/02/26 19:24:07 | 000,002,984 | ---- | M] () -- C:\{60612E34-C1ED-4560-88EC-218FE2CE8896}
[2014/02/26 19:04:41 | 000,002,984 | ---- | M] () -- C:\{EC4436E7-E676-4A6E-B780-3BEE405E6CD5}
[2014/02/26 17:19:27 | 000,002,984 | ---- | M] () -- C:\{45DC781C-1368-4A2E-A4E2-7805D5F33FF6}
[2014/02/26 16:17:20 | 000,003,952 | ---- | M] () -- C:\{7CDFA68F-52ED-4710-9EE3-0AA124F05DC2}
[2014/02/26 16:15:35 | 000,002,984 | ---- | M] () -- C:\{A0AE74EB-122F-4062-8F14-85371030174A}
[2014/02/26 12:12:07 | 000,547,670 | ---- | M] () -- C:\Users\Hightorque UK\Documents\Bank Statement.jpg
[2014/02/26 09:37:38 | 000,002,984 | ---- | M] () -- C:\{90DA461F-8545-48CE-ACC4-B071D246EC42}
[2014/02/26 09:18:58 | 000,002,984 | ---- | M] () -- C:\{C0B4D154-C5CB-443B-B38D-DBFC6D6B9589}
[2014/02/25 18:21:35 | 000,014,380 | ---- | M] () -- C:\Users\Hightorque UK\Documents\35193.pdf
[2014/02/25 14:54:32 | 000,002,984 | ---- | M] () -- C:\{AABA3250-1C74-46A3-80F9-2F5ED7ABE04D}
[2014/02/25 13:53:36 | 000,002,984 | ---- | M] () -- C:\{8945B4B3-FD18-4550-B4C3-7F425507C986}
[2014/02/25 13:53:30 | 000,000,472 | ---- | M] () -- C:\{BF3CB1D3-A291-4151-BB96-814A243043B7}
[2014/02/25 13:07:43 | 000,002,984 | ---- | M] () -- C:\{913A18F1-1AB5-4EC7-8BC4-49B77FDF35C0}
[2014/02/24 14:40:39 | 000,002,984 | ---- | M] () -- C:\{9C4D5B9A-868D-46BF-9E8D-79ACC58ACFB5}
[2014/02/24 14:40:37 | 000,042,232 | ---- | M] () -- C:\{FC63D6A3-CB07-4182-BA3A-0484924B5CFA}
[2014/02/24 14:15:59 | 000,002,984 | ---- | M] () -- C:\{509D1C94-C804-470F-8F5C-29F67EDDA29D}
[2014/02/24 11:49:05 | 000,002,984 | ---- | M] () -- C:\{59443B53-19E1-427C-8190-634EBE170715}
[2014/02/22 22:59:45 | 000,002,872 | ---- | M] () -- C:\{2EF6201B-6697-47FA-9507-BEC61A1B731A}
[2014/02/22 21:48:54 | 000,003,952 | ---- | M] () -- C:\{62A2FFE0-37EE-4220-B62B-7D90123C2515}
[2014/02/22 21:47:22 | 000,002,984 | ---- | M] () -- C:\{E972C357-456D-495D-AEC1-2F5C6DA42442}
[2014/02/22 16:17:54 | 000,002,984 | ---- | M] () -- C:\{DECEEE24-2334-4525-A344-EDA59ABF1229}
[2014/02/21 08:17:50 | 000,031,640 | ---- | M] () -- C:\{E3E31B88-0ED7-45E4-98D5-3F4A8D6319D5}
[2014/02/19 20:37:56 | 000,002,984 | ---- | M] () -- C:\{5DBF9735-5F9D-4436-8FC0-52AC01569252}
[2014/02/18 11:10:58 | 000,003,000 | ---- | M] () -- C:\{9929DD5A-4C8D-4122-8670-27C3627F11D6}
[2014/02/17 20:10:08 | 000,002,984 | ---- | M] () -- C:\{368EFE50-B418-49BA-B186-C68A3DEA5E73}
[2014/02/17 18:18:15 | 000,003,952 | ---- | M] () -- C:\{D477ACDF-CC73-4136-8A33-486C4405B225}
[2014/02/17 18:16:43 | 000,002,984 | ---- | M] () -- C:\{0B487C60-D006-41FA-BCC1-AFF91DEBFF87}
[2014/02/17 13:57:04 | 000,003,952 | ---- | M] () -- C:\{C30423BE-5AA0-4689-A1DF-A08987033324}
[2014/02/17 13:26:34 | 000,002,984 | ---- | M] () -- C:\{D978A037-257B-4354-AA80-4E09C6F40FC8}
[2014/02/16 15:52:56 | 000,002,984 | ---- | M] () -- C:\{52CB0EFF-978B-4B3E-B45F-F32AE0DFD79F}
[2014/02/16 15:07:22 | 000,002,984 | ---- | M] () -- C:\{D3D4BC62-C1A7-4DE0-A7D0-A8B8C18CB26A}
[2014/02/16 13:20:24 | 000,002,984 | ---- | M] () -- C:\{9AA6C66F-7690-4B61-9755-6DF9D55C0F1A}
[2014/02/07 13:45:07 | 000,003,280 | ---- | M] () -- C:\{180F9711-547D-42C7-B4F7-8662231EAD41}
[2014/02/07 13:29:02 | 000,003,568 | ---- | M] () -- C:\{AEAEFD14-4F40-42A9-B174-BF61E14A6591}

:REG
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3D7E87D3-FF62-4E71-B134-5C06EC8342EC}" = -
"{51589D12-87D3-497E-A7A4-82012F714A00}" = -
ipconfig /flushdns /c
netsh advfirewall reset /c
netsh advfirewall set allprofiles state ON /c

:FILES
C:\Program Files\ReadingFanatic_6x
C:\ProgramData\Norton
C:\Program Files\SaveSense
C:\Program Files\BabylonToolbar
C:\Program Files\Norton Internet Security

:COMMANDS
[emptytemp]


Warning: This fix is relevant for this system and no other. If you are not this user, DO NOT follow these directions as they could damage the workings of your system.

2. Please re-open Posted Image on your desktop. To do that:
  • Vista and 7 users: Right click the icon and click Run as Administrator
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).


Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
1. Let me know how the uninstalls went.
2. The OTL fixes log
  • 0

#12
Geekimnot
Posted 10 March 2014 - 06:20 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
Completed steps 1, 2(there were no SafeSense,Search Project or Searchhqu toolbar programs to uninstall" and 3.

The OTL program hung up, "program not responding" for 1h 30m, had to kill the process and close and restart the computer manually, it had reached the Norton section of the FILES section when it stopped, therefore no log to send, should I run it again ?
  • 0

#13
godawgs
Posted 10 March 2014 - 06:48 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
If the Norton remover tool did it's job there shouldn't have been many Norton files. Boot into Safe Mode and see if the OTL fix will run, please.
  • 0

#14
Geekimnot
Posted 10 March 2014 - 01:46 PM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
I get a I cannot get the computer toboot up in Safe Mode, when I hold down F8 I get a series of clics for s second or so then it boots up normally, the only way I will get to Safe mode is if I switch of without closing down.

I have run the Norton Removal program 3 times, but OTL still hangs up aon the Norton file.

Should I crash out and see if it works in Safe mode ??
  • 0

#15
godawgs
Posted 10 March 2014 - 04:06 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

I get a I cannot get the computer toboot up in Safe Mode, when I hold down F8...

You don't want to hold the F8 key down. See if this helps.


Reboot into Safe Mode.

  • Restart Windows in Safe Mode. To do that....
  • Restart your computer and as soon as it starts booting up again continuously tap the F8 key.
  • An Advanced Boot Options screen will come up where you will be given the option to enter Safe Mode.
    NOTE: If you miss the Boot menu, continue to let the machine boot up. Then restart the machine and start tapping the F8 key.
    Very Important: Never restart the computer while it is booting up. Bad things, including the computer not being able to load Windows, can occur!
  • Use the down arrow key to highlight Safe Mode and push the ENTER key.
Windows Vista
Posted Image
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP