Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows explorer hanging up, files on drive C will not delete etc [Sol

Started by Geekimnot , Mar 07 2014 06:39 AM

  • This topic is locked This topic is locked

#16
Geekimnot
Posted 11 March 2014 - 12:52 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Got there in the end.

Windows help tells you to hold down F8, not tap it.

Here is the Extras


OTL Extras logfile created on: 11/03/2014 06:44:58 - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hightorque UK\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19499)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.97 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 53.43% Memory free
6.14 Gb Paging File | 4.43 Gb Available in Paging File | 72.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.01 Gb Total Space | 109.08 Gb Free Space | 37.87% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.93 Gb Free Space | 49.34% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 157.69 Gb Free Space | 52.90% Space Free | Partition Type: NTFS
Drive G: | 111.79 Gb Total Space | 37.43 Gb Free Space | 33.48% Space Free | Partition Type: NTFS
Drive H: | 931.28 Gb Total Space | 592.19 Gb Free Space | 63.59% Space Free | Partition Type: FAT32

Computer Name: HIGHTORQUEUK-PC | User Name: Hightorque UK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = ComFile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [SPEEDbitVideoConverter] -- "C:\Programs\SpeedBit Video Downloader\Converter.exe" -convert=%1 (SPEEDbit Ltd.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07F317C1-2ABF-42F5-A597-E22C4B90F9F7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{0DF4B059-33D0-4EBE-B517-07B93B6C3EEC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0FE5F941-4EA2-43F8-BDFB-B153CD95F414}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{132A4A84-DEC5-49AB-AD08-A8EEC7621BDB}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{186A2EB4-F0C9-4D01-966C-E858A2B4EC9E}" = lport=445 | protocol=6 | dir=in | app=system |
"{22223CFD-C6C9-41DD-878A-4D3C91B04791}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{28F4C516-9F5E-44E5-A5F4-CED982A48ED0}" = rport=138 | protocol=17 | dir=out | app=system |
"{3DF0E31A-4FC8-441A-986C-1CF54C3F54AD}" = rport=139 | protocol=6 | dir=out | app=system |
"{5FCFC544-157D-4685-A500-7F05C0BB235E}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{616E1A1A-9D53-4BD4-A910-A1F4D8811DA5}" = rport=445 | protocol=6 | dir=out | app=system |
"{6E61D9F7-EA39-412C-87FF-120D88904FCC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{985AAB07-9A85-41F8-9F5A-AAE08A1897C1}" = lport=138 | protocol=17 | dir=in | app=system |
"{A915999D-8266-4E82-B29A-CD33F848E67B}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{B4465873-6042-450F-A487-91737CFD870F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{CE11F9E4-51D6-456D-B9BB-93D754DF3969}" = lport=139 | protocol=6 | dir=in | app=system |
"{CE21B1F0-DBA2-405F-A6E2-49E2A88D2E5E}" = rport=137 | protocol=17 | dir=out | app=system |
"{D43F589D-A0CD-4766-91C4-B52E7A4F28B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D4A62FD1-C4F1-4CCF-8017-290D6E2CDBAF}" = lport=137 | protocol=17 | dir=in | app=system |
"{EE4EFC20-09FC-4E00-B582-6B74AC31D1AE}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{053A9B01-9708-4585-BBB2-F66F9D451DC9}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{07DCE907-F1C3-4B54-8938-A55575742FD0}" = protocol=58 | dir=out | [email protected],-28546 |
"{08525BC6-1F27-4AB9-93EA-9A9C10D665B2}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7a\aolbrowser\aolbrowser.exe |
"{0BAB4358-293A-44DE-8323-D85A72676A6E}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{0CC4B27C-CD83-4AF9-B17A-A91EA71CF60F}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{0D14B2C7-3BEC-4BE2-9EC6-949B1F0EAD5C}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{0D2A32CA-E472-4272-9A84-27261BA4C076}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{12460854-D7C3-490F-90B0-1EB111A704CD}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7b\aolbrowser\aolbrowser.exe |
"{16E07B99-5ED2-4C09-8091-4F1505929AA1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aoldesktop.exe |
"{19625F6B-7C0B-4F8F-82F0-A9279E3B175A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{1B306D3A-C250-432C-934E-6B2E283EC830}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe |
"{1BA6D15B-4395-4075-BCF0-B9BCB4436467}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{1BFFF3A2-B1E8-4EDA-9ABC-6856394B50B8}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aolsoftware.exe |
"{1C605D36-C784-4F50-A42A-4361EBABD28E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{21CC8216-0C2F-4D90-AEB3-E6F1413AB281}" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"{22ED4388-A121-4F40-BAE1-E0E01ACEFE36}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{2331A264-D2DA-4B37-9960-99DF2010DF14}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7c\aolbrowser\aolbrowser.exe |
"{2524A187-87A4-45C6-840A-74E94C434DE7}" = protocol=6 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{2CBA721C-2FBC-4741-AEA5-5E785E9E28F8}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{2F098411-DF09-4F9D-92B0-E6D19DF3A778}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{33CC5930-4FDD-48E4-ADC9-7391EEB88B34}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{3483881B-0620-4E87-BE2B-02B5D57DCE54}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7\waol.exe |
"{34AE0147-823F-44F9-BAED-EF086638DAB5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{36370AF4-D0FE-43E3-9989-01BADEFA69F8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{36B3DE03-9E53-49B2-B1FA-55F30F6241D4}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7\aolbrowser\aolbrowser.exe |
"{3A9E62F5-B390-42AE-AFCF-5E655AA5D0A2}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{3BE798B8-2290-41E4-B70F-96FB03BCF376}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{3BF8BF90-C81A-4DDC-BF8A-FB87AE0D9869}" = protocol=17 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{3FFF71AD-DDD2-4CEE-A0A7-F58998BD96BA}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7c\aolbrowser\aolbrowser.exe |
"{4048A7CD-1A46-431C-B3C4-9836C61CC2F8}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7\waol.exe |
"{4135EEBE-B411-49BD-A4F0-20AE6E431868}" = protocol=17 | dir=in | app=c:\downloads\pdfconvertersetup.exe |
"{47B72E79-C624-486B-B1B3-6DA58743B51B}" = protocol=6 | dir=in | app=c:\program files\nero\km\kwikmedia.exe |
"{4A9FD253-21AB-4F95-AE51-307F8D21D43F}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{4AA8AD6F-45D6-4B69-AF50-6C0F4E3AC67B}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7b\aolbrowser\aolbrowser.exe |
"{4E0CA0C8-E4F3-4CE0-B844-C0EFAAE7505D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{4F459A0F-7178-400C-95F3-D1FBCB0FF9EF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{4F4AC99E-7227-4BAB-B2CC-FE08465603DF}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{501E3BDE-D4D6-4BE3-9677-900D946638B1}" = protocol=1 | dir=in | [email protected],-28543 |
"{505DE934-6DC2-4153-89FD-CB35A7549CF8}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{552A2D5A-B83C-410B-9E38-913D3257038F}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7a\aolbrowser\aolbrowser.exe |
"{5833F161-62A0-4006-B466-BD1EBE506F71}" = protocol=1 | dir=out | [email protected],-28544 |
"{586E13FB-A713-49F5-A139-D2CF967BEFEA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aolsoftware.exe |
"{5FD4F1C1-4B75-4505-848A-A6B3A1459606}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7a\waol.exe |
"{62AB1400-41CE-410F-B818-24AC0E614217}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aolsoftware.exe |
"{6517AF5D-C693-4EFD-AA26-B1F6A7990832}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{6602D80B-49AC-4C9A-8B7D-C418FCE86AF0}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{674D64B5-6D7B-4477-8090-02DB9D482E76}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6ED51702-B50A-40CF-9B52-09C668D52D91}" = protocol=17 | dir=in | app=c:\program files\nero\km\kwikmedia.exe |
"{6F690916-8E1A-48DD-B6DB-CDB9F0C7AA67}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{73506CBB-E9F6-4DBC-B00A-D6CC6563C38D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{83772F90-184E-48AE-8982-0DBF112B5F90}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{83C6EB1A-73F4-4776-B1FF-68F5D71EA0FF}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{8758795F-9469-4512-B1CA-A7420DF57D63}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{8B76FF50-123E-4EDD-9E5B-B52CDC2D3993}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{8E9CD44D-1CA3-4ED6-BED6-AA6E1FA1B723}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{90412837-47EB-49E7-94B2-0FE6BE42836D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{96BB0B4D-C498-4EA6-9724-77DC58E40512}" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"{96D2337B-2490-4711-B359-83E7E2AC8850}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{97826E85-FC34-4FC6-8042-7CBFD2919ECD}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe |
"{9B06383E-31FB-48DE-80A7-C5B4556F8278}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{9B836487-69A1-4A99-96F9-F69DD186259D}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7a\waol.exe |
"{9CF8CDBE-ACCA-4711-A1C6-D2EE78BEA7D5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{9FF478B7-5D8A-49C2-9CB8-B2AD0A3547C7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{A5B92A55-A3F4-4436-BE2F-DEDF45F155EC}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{A8482977-2E33-48A7-9CE3-DD9F826CA6F5}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A992D537-816D-4DDD-A2C1-5285C3F6ADE7}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{ABA0D408-366B-4B27-AEF9-EEA004F085A0}" = protocol=6 | dir=in | app=c:\program files\crashplan\crashplanservice.exe |
"{ACF83802-C66C-4C52-A315-3477DE27927D}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.6\aolbrowser\aolbrowser.exe |
"{AD8D5EA1-C2BE-4242-8920-DDCD183BC380}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{AFDDCAF0-EF18-4357-A95F-C4F44AEA2A4A}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7\aolbrowser\aolbrowser.exe |
"{B4588D29-8386-400E-8BBE-FACFC6A90E1F}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.6\aolbrowser\aolbrowser.exe |
"{B4D5B5AE-15C4-42AD-9FEA-2D7C4331663C}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{B5211EE9-F8D4-447E-9C50-990F70785C73}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{BE2D0E59-C544-4B06-9813-8762A46EA9BD}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{BE53A22E-8A96-48A1-AE9E-29A150F306EB}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{BF7F017D-E89F-4DC3-A554-BADD69EBC339}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7c\waol.exe |
"{C6EF6268-DD64-42E3-AEB9-FA6EFE715BB0}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.7b\waol.exe |
"{D4D02CC9-56F1-4321-A441-3B495BD4DDCB}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7b\waol.exe |
"{D7042579-3E34-4D4C-BF3E-73D84CF1CF56}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{DC222EA4-9378-48D4-96F4-FF704DC11280}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{DD8418B9-3E78-4FE6-B33C-A579217D46DB}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{E453EEB0-2003-4B5A-AA01-63284B49585E}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{E75D1070-DD7F-486B-8A80-A3E97F839BC7}" = protocol=6 | dir=in | app=c:\downloads\pdfconvertersetup.exe |
"{E9C79063-4138-46A8-981D-CEA7D948396F}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{F13A1143-C234-45AF-A2B7-53573BC44B5D}" = protocol=17 | dir=in | app=c:\program files\crashplan\crashplanservice.exe |
"{F1515556-D768-4CA1-8140-B1F164F6299B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aoldesktop.exe |
"{F2132DBD-DF68-46A1-9CAE-2A4D45453251}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{F4410B67-3373-41E3-865E-8E47989BBF67}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.7c\waol.exe |
"{F4E19E49-7DE7-4B76-B70A-80FDF6F62ABB}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.6\waol.exe |
"{F9E23EBA-1560-4793-8371-BB03AFE8B129}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1255507870\ee\aolsoftware.exe |
"{FCDEC09A-F499-4FD6-A179-84437534B8C5}" = protocol=58 | dir=in | [email protected],-28545 |
"{FEC77303-E6A8-40BF-A0DA-5C00DE1DA2F8}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.6\waol.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{0320AB41-0926-4218-A8A6-68AC84E6BB93}" = Nero Recode 11
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{13d868cf-47e9-4b3d-9366-a0c60f82e5aa}" = Striata Reader
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A6D9B5E-9BAB-4141-85BA-2C6552FA7913}" = Dell Backup and Recovery Manager
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1E604EC6-0410-47FB-A5D0-0A935A0DFA6B}_is1" = PDF to ePUB/Mobi Converter version 2.4.0
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2149FA24-7AD5-4412-89A5-034C9A9710BB}" = CrashPlan
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36EEFD4F-E34C-4491-B04A-DB8F85C3A021}" = Diagnostics32
"{38700C90-0536-4240-8B08-3F83E2CD8AAD}" = Windows Internet Explorer Platform Preview
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{4493E86C-1408-4AF6-8455-0744D25CD355}" = Serif WebPlus 9.0
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D719053-5593-11D3-8F25-0060085C1758}" = Microsoft AutoRoute 2001
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51865D9D-8F63-46F2-87AB-9E72F93B618C}" = Welcome App (Start-up experience)
"{52AF109C-08DC-460D-AA8C-74A71EEEA2BE}" = EMCO MoveOnBoot 2.3
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{60379D61-4F60-4C0D-ADB0-7670BD513AE1}" = Pubs
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}" = SavingsBull
"{70F34647-F8B6-492E-9A21-8232106536EB}" = Word-To-Html
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7A3E6E1C-CF5A-4CE9-B8D6-A2F9B7BA18FC}" = BlackBerry Desktop Software 7.1
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80BFAC4A-59FA-4E3D-8FD7-CFA8F5B227CB}" = Serif WebPlus 9.0 Resource CD-ROM
"{810B7362-6B05-4714-AF6A-EF3A20CCD634}" = Nero 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{99072AB4-D795-44D5-9D65-E3C9F8322C97}" = TomTom HOME
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9)
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BC86ABDF-8148-44B3-8105-4AE9DDBFDCB6}" = Betting Assistant
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C3F9AC0D-3A6D-42F7-8A44-80335A366233}" = Install
"{C61E46F5-0699-400B-B9BF-899349F10776}" = Wireless Setup Utility 32
"{C65AA5AE-8B80-46B6-ADFC-BBF1EFF2AD98}_is1" = EPUB to MOBI
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF0102B1-4E96-4953-8625-E73CEBC491E9}" = SmartStamp
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F4953044-0533-4F01-B0FC-1D271AB998D8}" = Inkjet Toolbox
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"001Joiner_is1" = 001 Joiner
"7-Zip" = 7-Zip 4.57
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AOL Broadband Toolbar" = AOL Broadband Toolbar
"AOL Regclient" = AOL Registration
"AOL Toolbar" = AOL Toolbar
"AOL Toolbar for Firefox" = AOL Toolbar for Firefox
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Applian FLV Player2.0.24" = Applian FLV Player
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"Dell V305" = Dell V305
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"Everything" = Everything 1.2.1.371
"File Shredder_is1" = File Shredder 2.5
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallConverter" = InstallConverter
"InstallShield_{DF0102B1-4E96-4953-8625-E73CEBC491E9}" = SmartStamp
"iPubsoft Word to PDF Converter_is1" = iPubsoft Word to PDF Converter build(2.2.11)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Meo" = MEO Encryption Software
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"PCL-W300 Capture" = PCL-W300 Capture
"PROPLUS" = Microsoft Office Professional Plus 2007
"Rapport_msi" = Trusteer Endpoint Protection
"RealPlayer 12.0" = RealPlayer
"Sage Line 50 6.0" = Sage Line 50 6.0
"Serif PagePlus 5.0" = Serif PagePlus 5.0
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"The Staking Machine V3.0" = The Staking Machine V3.0
"The Staking Machine V4.0" = The Staking Machine V4.0
"VLC media player" = VLC media player 1.0.2
"WebPost" = Microsoft Web Publishing Wizard 1.5
"WinLiveSuite" = Windows Live Essentials
"WinTopo" = WinTopo

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"AOL Toolbar" = AOL Toolbar

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/03/2014 10:26:29 | Computer Name = HightorqueUK-PC | Source = Application Hang | ID = 1002
Description = The program waol.exe version 9.7.2.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: d60 Start Time: 01cf3c6c6b8aae6d Termination Time: 16

Error - 10/03/2014 15:39:48 | Computer Name = HightorqueUK-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/03/2014 01:58:53 | Computer Name = HightorqueUK-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/03/2014 02:12:25 | Computer Name = HightorqueUK-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/03/2014 02:13:38 | Computer Name = HightorqueUK-PC | Source = EventSystem | ID = 4609
Description =

Error - 11/03/2014 02:23:14 | Computer Name = HightorqueUK-PC | Source = EventSystem | ID = 4609
Description =

Error - 11/03/2014 02:24:11 | Computer Name = HightorqueUK-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/03/2014 02:31:42 | Computer Name = HightorqueUK-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/03/2014 02:43:37 | Computer Name = HightorqueUK-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\real\realplayer\plugins\rmxrend.dll".
Dependent
Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/03/2014 02:43:38 | Computer Name = HightorqueUK-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\real\realplayer\plugins\rmxrend.dll".
Dependent
Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ OSession Events ]
Error - 13/02/2012 10:06:03 | Computer Name = HightorqueUK-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 16733
seconds with 720 seconds of active time. This session ended with a crash.

Error - 01/04/2012 06:15:00 | Computer Name = HightorqueUK-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4386
seconds with 540 seconds of active time. This session ended with a crash.

Error - 25/07/2013 03:47:05 | Computer Name = HightorqueUK-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2382
seconds with 900 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11/03/2014 02:24:11 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 11/03/2014 02:24:11 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 11/03/2014 02:24:11 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 11/03/2014 02:24:11 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 11/03/2014 02:24:11 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 11/03/2014 02:24:11 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 11/03/2014 02:24:58 | Computer Name = HightorqueUK-PC | Source = DCOM | ID = 10005
Description =

Error - 11/03/2014 02:24:59 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 11/03/2014 02:28:54 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 11/03/2014 02:31:42 | Computer Name = HightorqueUK-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0

Advertisements

#17
Geekimnot
Posted 11 March 2014 - 02:01 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Can you please note that this is the only computer that I have, and that I run a small internet business so I cannot have it down for long periods.
I will be away this afternoon, so my replies may be slower today.
Thanks
  • 0

#18
godawgs
Posted 11 March 2014 - 08:04 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

Can you please note that this is the only computer that I have, and that I run a small internet business so I cannot have it down for long periods.

Fair enough. But please understand that the OTL scan and fixes normally only take a few minutes at the most. They are taking a long time to run here because the malware on the system is trying to protect itself and prevent anything from removing it. There isn't anything that I can do about that.
At least you still have the computer to work from while we are cleaning it. If, for example, you took the computer to a repair shop they would likely have it for at least a week. And most of them would probably advise that you just reformat the hard drive and reinstall Windows because having them try to clean it is a costly endeavor. But if it doesn't get cleaned it may reach a point where it won't run, or may not even boot up. At that point the clean up process will be much harder and take longer.

I will be away this afternoon, so my replies may be slower today.

Acknowledged.

When Norton was removed the Windows firewall didn't get turned back on so we need to do that.

Turn on Windows Firewall

  • Open Windows Firewall by clicking the Start button Posted Image, clicking Control Panel, clicking Security, and then clicking Windows Firewall.
  • Click Turn Windows Firewall on or off. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  • Click On (recommended), and then click OK, and close the Control Panel.
.

The new Extras.txt log that you posted shows that Norton is gone. Did you get the OTL fix to run in Safe Mode? If you did, please go to the C:\_OTL\MovedFiles\ folder and look for a file named mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date and time of the tool run) and post it.

If you can't find the file then let's get a scan from a different tool. Maybe it won't take so long.

IF you couldn't find the C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log file please complete the following:

Fabar Recovery Scan

A.
Download the Tool
  • Please click here to go to the Farbar Recovery Scan Tool download page.
  • Click the Download Now(32bit Version) button and save it to your desktop.
B.
Run the Tool
Close all open Windows and browsers
  • Right click the FRST.exe file and click Run as Administrator to run the tool.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
1. The OTL fixes log, OR
2. The FRST.txt log
3. The Addition.txt log
  • 0

#19
Geekimnot
Posted 11 March 2014 - 10:13 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Fiewall turned on.

Here is the log you requested


Error: Unable to interpret <OTL logfile created on: 09/03/2014 16:26:52 - Run 5> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hightorque UK\Downloads> in the current context!
Error: Unable to interpret <Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 8.0.6001.19499)> in the current context!
Error: Unable to interpret <Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <2.97 Gb Total Physical Memory | 1.50 Gb Available Physical Memory | 50.74% Memory free> in the current context!
Error: Unable to interpret <6.14 Gb Paging File | 3.65 Gb Available in Paging File | 59.52% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files> in the current context!
Error: Unable to interpret <Drive C: | 288.01 Gb Total Space | 104.08 Gb Free Space | 36.14% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive D: | 10.00 Gb Total Space | 3.45 Gb Free Space | 34.54% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive F: | 298.09 Gb Total Space | 157.58 Gb Free Space | 52.86% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive G: | 111.79 Gb Total Space | 20.96 Gb Free Space | 18.75% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive H: | 931.28 Gb Total Space | 629.93 Gb Free Space | 67.64% Space Free | Partition Type: FAT32> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: HIGHTORQUEUK-PC | User Name: Hightorque UK | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: All users> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret << End of report >> in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 03112014_062711







Please note

I was not indicating a complaint, I really appreciate what you are doing for me. Just wanted to explain my circumstances.

If the worst happens then I will just have to find a way to recover. Seems to be going OK so far. I had forgotten how fast this computer used to run.
:thumbsup:
  • 0

#20
godawgs
Posted 11 March 2014 - 05:53 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

I was not indicating a complaint...

I'm sorry if I gave that impression. I was just trying to let you know what was happening.

I'm sorry but what you posted looks like you somehow copied part of an OTL log and pasted it in the Scans/Fixes window and ran a scan. That's why you see all of the "Error: Unable to interpret"comments.
Did you look in the C:\_OTLMovedFiles folder for a file named mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date and time of the tool run)? It will look like 13102014.083215.log

If you have a file like that double click it to open it . Then copy the contents and paste them in your next reply. If you don't see a file like that please let me know.
  • 0

#21
Geekimnot
Posted 12 March 2014 - 12:54 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Log I pasted was called 03112014_062711.log in the C:\_OTLMovedFiles, there are a series of sub folders, mostly empty, but none have a log file.

I have run FRST here are the logs

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2014
Ran by Hightorque UK (administrator) on HIGHTORQUEUK-PC on 12-03-2014 06:41:54
Running from F:\Downloads\Downloads
Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Andrea Electronics Corporation) C:\Windows\system32\AERTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CrashPlan) C:\Program Files\CrashPlan\CrashPlanService.exe
() C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtserv.exe
( ) C:\Windows\system32\dldtcoms.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(SPEEDbit) C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(AOL Inc.) C:\Program Files\Common Files\aol\1255507870\ee\aolsoftware.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE
(Nero AG) C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ahead Software AG) C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Speedbit Ltd.) C:\Programs\DAP\DAP.exe
(SPEEDbit) C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Code 42 Software, Inc.) C:\Program Files\CrashPlan\CrashPlanTray.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
() C:\Users\Hightorque UK\AppData\Local\GCC\Controller.exe
() C:\Users\Hightorque UK\AppData\Local\GCC\Controller.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKLM\...\Run: [Microsoft Default Manager] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [HostManager] - C:\Program Files\Common Files\AOL\1255507870\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6265376 2008-08-19] (Realtek Semiconductor)
HKLM\...\Run: [OLP-Tray] - C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE [40960 2006-07-17] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [NBAgent] - C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [DownloadAccelerator] - C:\Programs\DAP\DAP.EXE [3795160 2013-10-18] (Speedbit Ltd.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-02] (Google Inc.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [NBJ] - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [1957888 2005-06-02] (Ahead Software AG)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [DAP10] - C:\Programs\DAP\DAP.EXE [3795160 2013-10-18] (Speedbit Ltd.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [SpeedBitVideoAccelerator] - C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe [1517224 2013-11-25] (SPEEDbit)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x708AF6F795A3CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKLM - AOL Broadband Toolbar Search Class - {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
SearchScopes: HKLM - DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=19-03-2013
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=19-03-2013
SearchScopes: HKLM - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://go.speedbit.c...q={searchTerms}
SearchScopes: HKCU - FFF9366C2DEB4E6B8AE77F135949B1E9 URL = http://search.speedb...q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosear...128491&tsp=5180
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...91-11255921A2F7
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=19-03-2013
SearchScopes: HKCU - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://go.speedbit.c...q={searchTerms}
SearchScopes: HKCU - {86789896-718A-4BDD-93BC-10B967B0B5FC} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://uk.ask.com/we...l&geo=GB&ver=18
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: AOL Toolbar Loader - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
BHO: AOL Broadband Toolbar Loader - {776a9d06-e178-4aa0-aee4-b4de3a64ad28} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: SBCONVERT Class - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Programs\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: SpeedBit Link Verification Helper - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Programs\DAP\LinkVerifier.dll (Speedbit Ltd.)
BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programs\DAP\DAPIEL~1.DLL (SpeedBit Ltd.)
BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programs\SpeedBit Video Downloader\Toolbar\grabber.dll (SPEEDbit)
Toolbar: HKLM - AOL Broadband Toolbar - {e6ed7f95-e571-4f81-8757-5eb11252703d} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
Toolbar: HKLM - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
Toolbar: HKLM - SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Programs\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - AOL Broadband Toolbar - {E6ED7F95-E571-4F81-8757-5EB11252703D} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - AOL Toolbar - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
Toolbar: HKCU - SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Programs\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No File
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=&SSPV=
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: http://search.condui...rchTerms}&SSPV=
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-22]
CHR Extension: (Google Drive) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (YouTube) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-22]
CHR Extension: (DAP Link Checker) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh [2013-10-18]
CHR Extension: (Google Search) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-22]
CHR Extension: (SpeedBit Video Downloader) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb [2011-10-27]
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2011-01-08]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-01-08]
CHR Extension: (SpeedBit Search Predict) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ledcpigomgblcmofccnacobhmcdkpiea [2011-10-27]
CHR Extension: (Google Wallet) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-22]
CHR Extension: (Gmail) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-22]
CHR HKLM\...\Chrome\Extension: [bodfdknjhecmadheclfjkhhiofeagdbh] - C:\Programs\DAP\daplinkchecker.crx [2013-10-18]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx [2013-10-18]
CHR HKLM\...\Chrome\Extension: [djcpfkccckpeeghiklnhienllljccglb] - C:\Programs\SpeedBit Video Downloader\Chrome\DownloaderChrome.crx [2011-10-12]
CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Programs\DAP\DAPChrome\DAPChrome6.crx [2010-11-26]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-11-26]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-01-02]
CHR HKLM\...\Chrome\Extension: [ledcpigomgblcmofccnacobhmcdkpiea] - C:\Program Files\SearchPredict\Chrome\SearchPredictChrome.crx [2011-10-12]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2013-05-14]

========================== Services (Whitelisted) =================

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [81920 2008-08-19] (Andrea Electronics Corporation)
S2 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [152576 2011-03-16] (CrashPlan)
R2 dldtCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldtserv.exe [99568 2008-08-15] ()
R2 dldt_device; C:\Windows\system32\dldtcoms.exe [595184 2008-02-25] ( )
S2 gupdate1ca533d60cc32d0; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-10-22] (Google Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [687400 2011-11-25] (Nero AG)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 VideoAcceleratorService; C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe [298152 2013-11-25] (SPEEDbit)

==================== Drivers (Whitelisted) ====================

S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [79960 2008-08-19] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-03-11] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [340432 2013-12-13] ()
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-08-19] (Windows ® Codename Longhorn DDK provider)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-29] (America Online, Inc.)
S3 catchme; \??\C:\Users\HIGHTO~1\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKsl6c36b1d3; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DA5FE0F0-335A-4A85-9655-4BAF976AD973}\MpKsl6c36b1d3.sys [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-12 06:41 - 2014-03-12 06:41 - 00000000 ____D () C:\FRST
2014-03-11 10:17 - 2014-03-11 10:17 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-03-11 06:44 - 2014-03-11 06:44 - 00002876 _____ () C:\Users\Hightorque UK\Downloads\OTL.Txt
2014-03-10 08:55 - 2014-03-10 08:55 - 00000000 ____D () C:\_OTL
2014-03-10 08:21 - 2014-03-10 08:21 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-03-10 08:13 - 2014-03-10 08:13 - 00000710 _____ () C:\Users\Hightorque UK\Desktop\Norton_Removal_Tool.exe - Shortcut.lnk
2014-03-10 07:50 - 2014-03-10 07:50 - 00003200 _____ () C:\{36482CA2-D388-4412-AACA-F38151844B2F}
2014-03-09 20:47 - 2014-03-09 20:47 - 00002984 _____ () C:\{AA85D1DB-5D0F-4714-95F9-21954EFE87B5}
2014-03-09 17:47 - 2014-03-09 17:47 - 00002984 _____ () C:\{9EF9ED66-1EF3-40CC-BF22-531397875F31}
2014-03-09 16:30 - 2014-03-11 06:47 - 00081972 _____ () C:\Users\Hightorque UK\Downloads\Extras.Txt
2014-03-09 06:48 - 2014-03-09 06:48 - 00002984 _____ () C:\{C0F8D77B-0B88-4343-A11F-B0A317DAAB9C}
2014-03-09 02:33 - 2014-03-09 02:33 - 00003200 _____ () C:\{9276A535-53AF-411E-B0E4-91116A774164}
2014-03-08 23:58 - 2014-03-08 23:58 - 00003952 _____ () C:\{BD18D77E-BF93-47E2-9421-463B19EAC7F4}
2014-03-08 23:55 - 2014-03-08 23:55 - 00002984 _____ () C:\{1DD5A44B-0301-4E68-A372-FC57B3F31612}
2014-03-08 22:47 - 2014-03-08 22:47 - 00002984 _____ () C:\{83F2B480-204F-4ADD-8399-75C27E3E84E7}
2014-03-08 13:54 - 2014-03-08 13:54 - 00002984 _____ () C:\{9FDCB06F-D1C9-46C9-BE7A-491589FE6995}
2014-03-08 13:15 - 2014-03-08 13:15 - 00002984 _____ () C:\{4C71F50A-B052-4D42-A09F-1F7D9107D2F0}
2014-03-08 13:11 - 2014-03-08 13:11 - 00002984 _____ () C:\{6DD096B6-CCB9-46BA-93A7-2578B07D9196}
2014-03-08 13:04 - 2014-03-08 13:04 - 00002984 _____ () C:\{C84465AF-4480-4555-AB37-0C691B818712}
2014-03-08 11:42 - 2014-03-08 11:43 - 00783464 _____ ( ) C:\Users\Hightorque UK\Downloads\FlvPlayerSetup (2).exe
2014-03-08 11:40 - 2014-03-08 11:41 - 00783464 _____ ( ) C:\Users\Hightorque UK\Downloads\FlvPlayerSetup (1).exe
2014-03-08 11:39 - 2014-03-08 11:40 - 00783464 _____ ( ) C:\Users\Hightorque UK\Downloads\FlvPlayerSetup.exe
2014-03-08 10:20 - 2014-03-08 10:20 - 00146024 _____ () C:\Windows\Minidump\Mini030814-01.dmp
2014-03-08 09:39 - 2014-03-08 09:39 - 03692780 _____ (iPubsoft ) C:\Users\Hightorque UK\Desktop\ipub-word2pdf-converter.exe
2014-03-08 09:39 - 2014-03-08 09:39 - 00000991 _____ () C:\Users\Public\Desktop\iPubsoft Word to PDF Converter.lnk
2014-03-08 09:39 - 2014-03-08 09:39 - 00000000 ____D () C:\Users\Hightorque UK\Documents\iPubsoft files
2014-03-08 09:39 - 2014-03-08 09:39 - 00000000 ____D () C:\Users\Hightorque UK\Documents\iPubsoft
2014-03-08 09:39 - 2014-03-08 09:39 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\iPubsoft
2014-03-08 09:39 - 2014-03-08 09:39 - 00000000 ____D () C:\Program Files\iPubsoft
2014-03-08 09:08 - 2014-03-08 09:08 - 00002984 _____ () C:\{56A4B7F8-A5B2-4AC1-B26C-C698743D90C8}
2014-03-07 21:59 - 2014-03-07 21:59 - 00002984 _____ () C:\{DEAB95AA-D500-4366-9B0D-22438CF7C933}
2014-03-07 20:38 - 2014-03-07 20:38 - 00002984 _____ () C:\{AD9414B7-7047-46B4-AC3E-5EF1E094D41F}
2014-03-07 16:38 - 2014-03-07 16:38 - 00002984 _____ () C:\{4AD5B9D8-B491-488F-A943-34068E60E70B}
2014-03-07 16:31 - 2014-03-07 16:31 - 00002984 _____ () C:\{A3375D00-7D4E-4E8B-A592-1C2569B98894}
2014-03-07 12:19 - 2014-03-09 16:26 - 00002874 _____ () C:\Users\Hightorque UK\Downloads\OTL_1.Txt
2014-03-07 12:14 - 2014-03-07 12:14 - 00002984 _____ () C:\{C7D83432-A0AE-4053-8EE7-04C8985C8F2C}
2014-03-07 11:29 - 2014-03-07 11:29 - 00602112 _____ (OldTimer Tools) C:\Users\Hightorque UK\Downloads\OTL.exe
2014-03-07 09:39 - 2014-03-07 09:39 - 00000897 _____ () C:\Users\Hightorque UK\Desktop\PDFToePUB.exe - Shortcut.lnk
2014-03-06 13:34 - 2014-03-06 13:42 - 00000000 ____D () C:\eBooks
2014-03-06 13:32 - 2014-03-11 08:57 - 00000000 ____D () C:\Program Files\PDF to ePUB Mobi Converter
2014-03-06 13:32 - 2014-03-06 13:32 - 00000897 _____ () C:\Users\Public\Desktop\PDF to ePUB Mobi Converter.lnk
2014-03-04 17:34 - 2014-03-04 17:34 - 00000868 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-04 17:33 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-04 11:04 - 2014-03-04 11:04 - 00000524 _____ () C:\Users\Hightorque UK\Desktop\New - Shortcut.lnk
2014-03-04 08:06 - 2014-02-19 07:06 - 00000426 _____ () C:\AVScanner.ini
2014-03-03 17:26 - 2014-03-03 17:26 - 00000000 ____D () C:\Users\Public\New Folder
2014-03-03 11:19 - 2014-03-03 11:19 - 00000000 ____D () C:\Users\Hightorque UK\Documents\damaged_parcel
2014-03-03 11:18 - 2014-03-03 11:19 - 06754680 _____ () C:\Users\Hightorque UK\Documents\damaged_parcel.zip
2014-03-01 06:54 - 2014-03-01 06:54 - 00000000 __SHD () C:\found.001
2014-02-28 09:31 - 2014-02-28 09:31 - 03075578 _____ () C:\Users\Hightorque UK\Downloads\Selena_Kitt___On_Cherry_Hill.epub
2014-02-28 09:19 - 2014-02-28 09:20 - 00682882 _____ () C:\Users\Hightorque UK\Downloads\Big Book of Smut.epub
2014-02-27 09:49 - 2014-03-05 22:52 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\Naughty Bits (EA12)
2014-02-27 09:47 - 2014-02-27 09:48 - 01934735 _____ () C:\Users\Hightorque UK\Downloads\Naughty_Bits_(EA12).zip
2014-02-27 07:39 - 2013-10-25 18:55 - 02799873 _____ () C:\Users\Hightorque UK\Downloads\0352347538_Love.epub
2014-02-27 07:37 - 2014-02-27 07:37 - 03187620 _____ () C:\Users\Hightorque UK\Downloads\4871797849_0352347538_Love.rar
2014-02-25 13:38 - 2014-02-25 13:38 - 00000181 _____ () C:\Windows\WININIT.INI
2014-02-25 13:34 - 2014-02-25 13:34 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Roxio Log Files
2014-02-25 11:35 - 2013-07-30 12:59 - 1056315637 _____ () C:\Users\Hightorque UK\Downloads\Jul 29, 2013.mp4
2014-02-25 11:19 - 2014-03-05 22:57 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\epub
2014-02-25 09:49 - 2014-03-05 22:52 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\New Dawning International Bookfair
2014-02-25 09:49 - 2012-05-21 17:21 - 00000365 _____ () C:\Users\Hightorque UK\Downloads\More FREE eBooks at www.ebook-forums.org.txt
2014-02-25 09:47 - 2014-02-25 09:47 - 03822924 _____ () C:\Users\Hightorque UK\Downloads\New_Dawning_International_Bookfair.rar
2014-02-24 18:41 - 2014-02-24 18:41 - 00000000 ____D () C:\ProgramData\SafeSoft
2014-02-24 18:40 - 2014-02-24 18:44 - 00000000 ____D () C:\ProgramData\InstallMate
2014-02-23 08:47 - 2014-02-23 08:47 - 00448512 _____ (OldTimer Tools) C:\Users\Hightorque UK\Downloads\TFC.exe
2014-02-22 12:23 - 2014-02-22 12:23 - 00101523 _____ () C:\Users\Hightorque UK\Downloads\The Teacher (BDSM Erotic Romance) (His D - Claire, Ava.epub
2014-02-22 12:14 - 2014-02-22 12:14 - 00940525 _____ () C:\Users\Hightorque UK\Downloads\John Cleland - Fanny Hill Memoirs of a Woman of Pleasure.epub
2014-02-22 11:59 - 2014-03-04 09:57 - 00001933 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-22 11:57 - 2014-02-22 11:57 - 00847848 _____ (Google Inc.) C:\Users\Hightorque UK\Downloads\ChromeSetup.exe
2014-02-22 07:30 - 2014-02-23 08:25 - 00000000 ____D () C:\Windows\system32\Plugins
2014-02-21 14:58 - 2014-03-08 22:37 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OutfoxTV
2014-02-21 14:58 - 2014-02-21 14:58 - 00000945 _____ () C:\Users\Hightorque UK\Desktop\OutfoxTV.lnk
2014-02-20 07:41 - 2014-02-20 07:41 - 00208278 _____ () C:\Users\Hightorque UK\Downloads\Cassidy_Chloe-Billionaires_Wife__The_Complete_Collection_A_BDSM_Erotic_Romance_Novel_The.epub
2014-02-19 13:23 - 2014-02-19 13:23 - 00000000 _____ () C:\Users\Hightorque UK\Documents\inv141597.txt
2014-02-19 13:14 - 2014-02-19 13:14 - 00059059 _____ () C:\Users\Hightorque UK\Documents\inv141597.html
2014-02-19 08:36 - 2014-02-19 08:36 - 00000000 ____D () C:\Program Files\Common Files\Software Update Utility
2014-02-19 08:30 - 2014-02-19 08:40 - 00000000 ____D () C:\Program Files\AOL Desktop 9.7c
2014-02-18 10:16 - 2014-02-18 10:17 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-02-18 10:11 - 2014-02-18 10:40 - 00002198 _____ () C:\Windows\epplauncher.mif
2014-02-18 10:09 - 2010-04-05 20:00 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-18 09:59 - 2014-02-18 09:59 - 11125072 _____ (Microsoft Corporation) C:\Users\Hightorque UK\Downloads\mseinstall.exe
2014-02-17 14:05 - 2014-03-11 11:38 - 00000000 ____D () C:\Users\Hightorque UK\Documents\My Kindle Content
2014-02-17 10:15 - 2014-03-01 11:40 - 00000000 ____D () C:\Users\Hightorque UK\Documents\TSM4
2014-02-17 10:13 - 2014-02-18 22:51 - 00000000 ____D () C:\Users\Hightorque UK\Documents\TSM
2014-02-16 12:45 - 2014-02-16 12:52 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\cache
2014-02-16 12:45 - 2014-02-16 12:45 - 00000000 ____D () C:\Users\Hightorque UK\.android
2014-02-16 12:44 - 2014-02-16 12:44 - 00000000 _____ () C:\Users\Hightorque UK\daemonprocess.txt
2014-02-16 12:41 - 2014-03-05 07:28 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\GCC
2014-02-16 09:15 - 2014-03-05 22:52 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\Mobi
2014-02-16 09:09 - 2014-02-16 09:09 - 00000804 _____ () C:\Users\Hightorque UK\Desktop\epubtomobi.exe - Shortcut.lnk
2014-02-16 09:08 - 2014-02-16 09:08 - 01519223 _____ (epubtomobi.com ) C:\Users\Hightorque UK\Downloads\epubtomobi_setup.exe
2014-02-15 23:02 - 2014-02-15 23:02 - 00371159 _____ () C:\Users\Hightorque UK\Downloads\The story of O - Pauline Reage.mobi
2014-02-15 20:53 - 2014-02-15 20:53 - 00000000 ____D () C:\Program Files\EPUB to MOBI
2014-02-15 20:49 - 2014-02-15 20:49 - 00930440 _____ (CNET Download.com) C:\Users\Hightorque UK\Downloads\cbsidlm-cbsi176-EPUB_to_MOBI-ORG-75613706.exe
2014-02-14 07:18 - 2014-02-14 07:18 - 00267801 _____ () C:\Users\Hightorque UK\Downloads\sexy-briefs-tasty-little-tails_20pct_sample.mobi
2014-02-14 07:17 - 2014-02-14 07:17 - 01071028 _____ () C:\Users\Hightorque UK\Downloads\shower-time.mobi
2014-02-12 01:05 - 2014-02-02 20:10 - 11111424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 06019584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 01:05 - 2014-02-02 20:10 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 01:05 - 2014-02-02 20:10 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-02-12 01:05 - 2014-02-01 22:54 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-12 01:05 - 2014-02-01 22:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 01:05 - 2014-02-01 22:47 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 01:05 - 2014-02-01 22:46 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 01:05 - 2014-02-01 22:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-12 01:05 - 2013-12-22 15:42 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 01:05 - 2013-12-05 02:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-11 10:48 - 2014-02-11 10:48 - 00000000 ____D () C:\Users\Hightorque UK\Documents\epub
2014-02-11 10:40 - 2014-02-11 10:40 - 00001632 _____ () C:\Users\Hightorque UK\Desktop\FBReader.lnk
2014-02-11 10:40 - 2014-02-11 10:40 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
2014-02-11 09:19 - 2014-02-11 09:19 - 05337840 _____ () C:\Users\Hightorque UK\Downloads\FBReaderSetup-0.12.10.exe
2014-02-10 13:31 - 2014-02-11 22:53 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\ERW
2014-02-10 09:19 - 2014-02-10 09:19 - 00048128 _____ () C:\Users\Hightorque UK\Documents\neilbuch141564.xls
2014-02-10 08:22 - 2014-02-10 08:22 - 00000686 _____ () C:\Users\Hightorque UK\Desktop\Downloads - Shortcut.lnk

==================== One Month Modified Files and Folders =======

2014-03-12 06:42 - 2009-12-14 16:28 - 00000422 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1187167D-694A-4D97-9748-C1A6B331311F}.job
2014-03-12 06:41 - 2014-03-12 06:41 - 00000000 ____D () C:\FRST
2014-03-12 06:39 - 2009-10-13 10:05 - 00000434 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{95D5E3F6-1BC2-48DA-87DA-387FB7EB0FB8}.job
2014-03-12 06:38 - 2012-04-16 06:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-12 06:36 - 2009-10-08 18:25 - 01415775 _____ () C:\Windows\WindowsUpdate.log
2014-03-12 06:27 - 2009-10-23 06:42 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-12 06:22 - 2006-11-02 13:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-12 06:22 - 2006-11-02 12:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-12 06:22 - 2006-11-02 12:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-11 22:31 - 2006-11-02 13:01 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-11 22:19 - 2009-10-23 06:42 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-11 12:00 - 2011-08-30 11:06 - 00000516 _____ () C:\Windows\Tasks\One-Click Tweak.job
2014-03-11 11:38 - 2014-02-17 14:05 - 00000000 ____D () C:\Users\Hightorque UK\Documents\My Kindle Content
2014-03-11 10:49 - 2009-10-14 09:14 - 00000000 ____D () C:\ProgramData\Dl_cats
2014-03-11 10:44 - 2013-12-10 07:14 - 00002435 _____ () C:\Users\Hightorque UK\Desktop\Betting Assistant.lnk
2014-03-11 10:17 - 2014-03-11 10:17 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-03-11 08:57 - 2014-03-06 13:32 - 00000000 ____D () C:\Program Files\PDF to ePUB Mobi Converter
2014-03-11 08:28 - 2009-10-13 13:50 - 00221696 _____ () C:\Users\Hightorque UK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-11 06:47 - 2014-03-09 16:30 - 00081972 _____ () C:\Users\Hightorque UK\Downloads\Extras.Txt
2014-03-11 06:44 - 2014-03-11 06:44 - 00002876 _____ () C:\Users\Hightorque UK\Downloads\OTL.Txt
2014-03-11 06:13 - 2006-11-02 12:52 - 00906385 _____ () C:\Windows\setupact.log
2014-03-10 13:57 - 2006-11-02 13:00 - 01334726 _____ () C:\Windows\PFRO.log
2014-03-10 13:43 - 2009-10-08 18:40 - 00000000 ____D () C:\ProgramData\Norton
2014-03-10 08:58 - 2009-10-13 10:03 - 00000000 ____D () C:\Users\Hightorque UK
2014-03-10 08:56 - 2010-04-20 13:53 - 00000000 ____D () C:\Program Files\SearchPredict
2014-03-10 08:55 - 2014-03-10 08:55 - 00000000 ____D () C:\_OTL
2014-03-10 08:21 - 2014-03-10 08:21 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-03-10 08:13 - 2014-03-10 08:13 - 00000710 _____ () C:\Users\Hightorque UK\Desktop\Norton_Removal_Tool.exe - Shortcut.lnk
2014-03-10 07:50 - 2014-03-10 07:50 - 00003200 _____ () C:\{36482CA2-D388-4412-AACA-F38151844B2F}
2014-03-09 20:47 - 2014-03-09 20:47 - 00002984 _____ () C:\{AA85D1DB-5D0F-4714-95F9-21954EFE87B5}
2014-03-09 17:47 - 2014-03-09 17:47 - 00002984 _____ () C:\{9EF9ED66-1EF3-40CC-BF22-531397875F31}
2014-03-09 16:26 - 2014-03-07 12:19 - 00002874 _____ () C:\Users\Hightorque UK\Downloads\OTL_1.Txt
2014-03-09 14:38 - 2006-11-02 10:33 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-09 06:48 - 2014-03-09 06:48 - 00002984 _____ () C:\{C0F8D77B-0B88-4343-A11F-B0A317DAAB9C}
2014-03-09 06:36 - 2011-02-09 08:04 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\CrashDumps
2014-03-09 02:33 - 2014-03-09 02:33 - 00003200 _____ () C:\{9276A535-53AF-411E-B0E4-91116A774164}
2014-03-08 23:58 - 2014-03-08 23:58 - 00003952 _____ () C:\{BD18D77E-BF93-47E2-9421-463B19EAC7F4}
2014-03-08 23:55 - 2014-03-08 23:55 - 00002984 _____ () C:\{1DD5A44B-0301-4E68-A372-FC57B3F31612}
2014-03-08 22:47 - 2014-03-08 22:47 - 00002984 _____ () C:\{83F2B480-204F-4ADD-8399-75C27E3E84E7}
2014-03-08 22:37 - 2014-02-21 14:58 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OutfoxTV
2014-03-08 13:54 - 2014-03-08 13:54 - 00002984 _____ () C:\{9FDCB06F-D1C9-46C9-BE7A-491589FE6995}
2014-03-08 13:15 - 2014-03-08 13:15 - 00002984 _____ () C:\{4C71F50A-B052-4D42-A09F-1F7D9107D2F0}
2014-03-08 13:11 - 2014-03-08 13:11 - 00002984 _____ () C:\{6DD096B6-CCB9-46BA-93A7-2578B07D9196}
2014-03-08 13:04 - 2014-03-08 13:04 - 00002984 _____ () C:\{C84465AF-4480-4555-AB37-0C691B818712}
2014-03-08 11:43 - 2014-03-08 11:42 - 00783464 _____ ( ) C:\Users\Hightorque UK\Downloads\FlvPlayerSetup (2).exe
2014-03-08 11:41 - 2014-03-08 11:40 - 00783464 _____ ( ) C:\Users\Hightorque UK\Downloads\FlvPlayerSetup (1).exe
2014-03-08 11:40 - 2014-03-08 11:39 - 00783464 _____ ( ) C:\Users\Hightorque UK\Downloads\FlvPlayerSetup.exe
2014-03-08 10:20 - 2014-03-08 10:20 - 00146024 _____ () C:\Windows\Minidump\Mini030814-01.dmp
2014-03-08 10:20 - 2010-01-16 15:28 - 00000000 ____D () C:\Windows\Minidump
2014-03-08 10:19 - 2010-01-16 15:27 - 383168038 _____ () C:\Windows\MEMORY.DMP
2014-03-08 09:39 - 2014-03-08 09:39 - 03692780 _____ (iPubsoft ) C:\Users\Hightorque UK\Desktop\ipub-word2pdf-converter.exe
2014-03-08 09:39 - 2014-03-08 09:39 - 00000991 _____ () C:\Users\Public\Desktop\iPubsoft Word to PDF Converter.lnk
2014-03-08 09:39 - 2014-03-08 09:39 - 00000000 ____D () C:\Users\Hightorque UK\Documents\iPubsoft files
2014-03-08 09:39 - 2014-03-08 09:39 - 00000000 ____D () C:\Users\Hightorque UK\Documents\iPubsoft
2014-03-08 09:39 - 2014-03-08 09:39 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\iPubsoft
2014-03-08 09:39 - 2014-03-08 09:39 - 00000000 ____D () C:\Program Files\iPubsoft
2014-03-08 09:38 - 2006-11-02 11:18 - 00000000 ___RD () C:\Users\Public
2014-03-08 09:26 - 2012-09-04 09:25 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Nero
2014-03-08 09:08 - 2014-03-08 09:08 - 00002984 _____ () C:\{56A4B7F8-A5B2-4AC1-B26C-C698743D90C8}
2014-03-07 21:59 - 2014-03-07 21:59 - 00002984 _____ () C:\{DEAB95AA-D500-4366-9B0D-22438CF7C933}
2014-03-07 20:38 - 2014-03-07 20:38 - 00002984 _____ () C:\{AD9414B7-7047-46B4-AC3E-5EF1E094D41F}
2014-03-07 16:38 - 2014-03-07 16:38 - 00002984 _____ () C:\{4AD5B9D8-B491-488F-A943-34068E60E70B}
2014-03-07 16:31 - 2014-03-07 16:31 - 00002984 _____ () C:\{A3375D00-7D4E-4E8B-A592-1C2569B98894}
2014-03-07 12:14 - 2014-03-07 12:14 - 00002984 _____ () C:\{C7D83432-A0AE-4053-8EE7-04C8985C8F2C}
2014-03-07 11:29 - 2014-03-07 11:29 - 00602112 _____ (OldTimer Tools) C:\Users\Hightorque UK\Downloads\OTL.exe
2014-03-07 09:39 - 2014-03-07 09:39 - 00000897 _____ () C:\Users\Hightorque UK\Desktop\PDFToePUB.exe - Shortcut.lnk
2014-03-06 13:42 - 2014-03-06 13:34 - 00000000 ____D () C:\eBooks
2014-03-06 13:32 - 2014-03-06 13:32 - 00000897 _____ () C:\Users\Public\Desktop\PDF to ePUB Mobi Converter.lnk
2014-03-06 12:13 - 2009-10-14 09:24 - 00000680 _____ () C:\Users\Hightorque UK\AppData\Local\d3d9caps.dat
2014-03-05 22:59 - 2014-01-19 08:19 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\2013
2014-03-05 22:59 - 2014-01-19 08:19 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\2012
2014-03-05 22:59 - 2014-01-19 08:19 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\2011
2014-03-05 22:59 - 2014-01-19 08:19 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\2010
2014-03-05 22:59 - 2014-01-19 08:19 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\2009
2014-03-05 22:59 - 2014-01-19 08:19 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\2008
2014-03-05 22:59 - 2014-01-19 08:19 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\2007
2014-03-05 22:57 - 2014-02-25 11:19 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\epub
2014-03-05 22:52 - 2014-02-27 09:49 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\Naughty Bits (EA12)
2014-03-05 22:52 - 2014-02-25 09:49 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\New Dawning International Bookfair
2014-03-05 22:52 - 2014-02-16 09:15 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\Mobi
2014-03-05 11:44 - 2010-07-26 12:46 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\vlc
2014-03-05 07:31 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-05 07:28 - 2014-02-16 12:41 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\GCC
2014-03-04 20:56 - 2009-04-11 15:44 - 00000000 ____D () C:\Windows\Panther
2014-03-04 20:46 - 2009-10-18 12:04 - 00000000 ____D () C:\7 Zip
2014-03-04 17:34 - 2014-03-04 17:34 - 00000868 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-04 17:34 - 2010-09-30 11:55 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-04 11:04 - 2014-03-04 11:04 - 00000524 _____ () C:\Users\Hightorque UK\Desktop\New - Shortcut.lnk
2014-03-04 09:57 - 2014-02-22 11:59 - 00001933 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 08:25 - 2013-12-08 13:26 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-04 08:25 - 2013-12-08 13:26 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-04 08:25 - 2013-12-08 13:21 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-03 17:26 - 2014-03-03 17:26 - 00000000 ____D () C:\Users\Public\New Folder
2014-03-03 11:19 - 2014-03-03 11:19 - 00000000 ____D () C:\Users\Hightorque UK\Documents\damaged_parcel
2014-03-03 11:19 - 2014-03-03 11:18 - 06754680 _____ () C:\Users\Hightorque UK\Documents\damaged_parcel.zip
2014-03-01 11:40 - 2014-02-17 10:15 - 00000000 ____D () C:\Users\Hightorque UK\Documents\TSM4
2014-03-01 06:54 - 2014-03-01 06:54 - 00000000 __SHD () C:\found.001
2014-02-28 21:36 - 2012-02-02 14:52 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-02-28 14:18 - 2013-02-21 10:47 - 00000876 _____ () C:\Users\Hightorque UK\Desktop\Norton Installation Files.lnk
2014-02-28 09:31 - 2014-02-28 09:31 - 03075578 _____ () C:\Users\Hightorque UK\Downloads\Selena_Kitt___On_Cherry_Hill.epub
2014-02-28 09:20 - 2014-02-28 09:19 - 00682882 _____ () C:\Users\Hightorque UK\Downloads\Big Book of Smut.epub
2014-02-27 21:14 - 2011-04-30 08:39 - 00000000 ____D () C:\Users\Hightorque UK\Desktop\XL files
2014-02-27 21:09 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\DoC - Mar 15, 2007 - Adriana Amante
2014-02-27 21:09 - 2014-01-18 10:51 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\DoC - May 31, 2007 - Sabrina Sparx
2014-02-27 21:03 - 2013-12-31 13:09 - 00000000 ____D () C:\Users\Hightorque UK\Downloads\Isi_Lov.b
2014-02-27 09:48 - 2014-02-27 09:47 - 01934735 _____ () C:\Users\Hightorque UK\Downloads\Naughty_Bits_(EA12).zip
2014-02-27 08:19 - 2011-03-31 12:00 - 00000000 ____D () C:\Program Files\CrashPlan
2014-02-27 07:37 - 2014-02-27 07:37 - 03187620 _____ () C:\Users\Hightorque UK\Downloads\4871797849_0352347538_Love.rar
2014-02-25 21:03 - 2009-12-09 09:47 - 00000000 ___RD () C:\Program Files\Skype
2014-02-25 21:03 - 2009-12-09 09:47 - 00000000 ____D () C:\ProgramData\Skype
2014-02-25 13:38 - 2014-02-25 13:38 - 00000181 _____ () C:\Windows\WININIT.INI
2014-02-25 13:36 - 2009-10-08 18:41 - 00000000 ____D () C:\Program Files\Common Files\Roxio Shared
2014-02-25 13:36 - 2009-10-08 18:41 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine
2014-02-25 13:35 - 2009-10-08 18:39 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-02-25 13:34 - 2014-02-25 13:34 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Roxio Log Files
2014-02-25 13:32 - 2011-09-13 09:13 - 00000000 ____D () C:\Program Files\FileHippo.com
2014-02-25 09:47 - 2014-02-25 09:47 - 03822924 _____ () C:\Users\Hightorque UK\Downloads\New_Dawning_International_Bookfair.rar
2014-02-24 18:44 - 2014-02-24 18:40 - 00000000 ____D () C:\ProgramData\InstallMate
2014-02-24 18:41 - 2014-02-24 18:41 - 00000000 ____D () C:\ProgramData\SafeSoft
2014-02-24 08:04 - 2009-12-31 15:36 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-02-24 08:04 - 2009-12-31 15:36 - 00000000 ____D () C:\ProgramData\DriverCure
2014-02-24 08:04 - 2009-12-31 15:36 - 00000000 ____D () C:\Program Files\Common Files\ParetoLogic
2014-02-23 18:11 - 2012-02-02 14:52 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-02-23 08:47 - 2014-02-23 08:47 - 00448512 _____ (OldTimer Tools) C:\Users\Hightorque UK\Downloads\TFC.exe
2014-02-23 08:25 - 2014-02-22 07:30 - 00000000 ____D () C:\Windows\system32\Plugins
2014-02-22 22:55 - 2014-02-07 08:25 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-02-22 12:23 - 2014-02-22 12:23 - 00101523 _____ () C:\Users\Hightorque UK\Downloads\The Teacher (BDSM Erotic Romance) (His D - Claire, Ava.epub
2014-02-22 12:14 - 2014-02-22 12:14 - 00940525 _____ () C:\Users\Hightorque UK\Downloads\John Cleland - Fanny Hill Memoirs of a Woman of Pleasure.epub
2014-02-22 11:58 - 2009-10-22 17:30 - 00000000 ____D () C:\Program Files\Google
2014-02-22 11:57 - 2014-02-22 11:57 - 00847848 _____ (Google Inc.) C:\Users\Hightorque UK\Downloads\ChromeSetup.exe
2014-02-21 15:41 - 2012-04-16 06:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 15:41 - 2011-06-07 06:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-21 14:58 - 2014-02-21 14:58 - 00000945 _____ () C:\Users\Hightorque UK\Desktop\OutfoxTV.lnk
2014-02-20 07:41 - 2014-02-20 07:41 - 00208278 _____ () C:\Users\Hightorque UK\Downloads\Cassidy_Chloe-Billionaires_Wife__The_Complete_Collection_A_BDSM_Erotic_Romance_Novel_The.epub
2014-02-19 13:33 - 2009-10-08 18:36 - 00000000 ____D () C:\Program Files\Adobe
2014-02-19 13:23 - 2014-02-19 13:23 - 00000000 _____ () C:\Users\Hightorque UK\Documents\inv141597.txt
2014-02-19 13:14 - 2014-02-19 13:14 - 00059059 _____ () C:\Users\Hightorque UK\Documents\inv141597.html
2014-02-19 08:40 - 2014-02-19 08:30 - 00000000 ____D () C:\Program Files\AOL Desktop 9.7c
2014-02-19 08:37 - 2011-09-13 09:30 - 00155203 _____ () C:\install.log
2014-02-19 08:37 - 2011-09-13 09:30 - 00000805 _____ () C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
2014-02-19 08:37 - 2009-10-14 08:13 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\AOL
2014-02-19 08:37 - 2009-10-14 08:12 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\AOL
2014-02-19 08:36 - 2014-02-19 08:36 - 00000000 ____D () C:\Program Files\Common Files\Software Update Utility
2014-02-19 08:35 - 2009-10-14 08:11 - 00000000 ____D () C:\Program Files\Common Files\aol
2014-02-19 08:30 - 2009-10-14 09:49 - 00000000 ____D () C:\Program Files\Common Files\aolshare
2014-02-19 08:29 - 2009-10-14 08:11 - 00000000 ____D () C:\ProgramData\AOL
2014-02-19 07:06 - 2014-03-04 08:06 - 00000426 _____ () C:\AVScanner.ini
2014-02-19 00:20 - 2010-04-26 14:19 - 00018432 _____ () C:\Users\Hightorque UK\Documents\Ricevutadeltuopagamentoahightorqueuk@aol_com.eml
2014-02-18 23:35 - 2011-05-28 09:12 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\go
2014-02-18 22:56 - 2014-02-06 09:13 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IV140122HDE-1
2014-02-18 22:56 - 2013-12-05 08:44 - 00000000 ____D () C:\Users\Hightorque UK\Documents\34820
2014-02-18 22:56 - 2013-11-23 10:06 - 00000000 ____D () C:\Users\Hightorque UK\Documents\0A801C2B-CAE9-4217-A82E-B696FB76FF8C1
2014-02-18 22:56 - 2013-08-06 11:52 - 00000000 ____D () C:\Users\Hightorque UK\Documents\34221
2014-02-18 22:56 - 2013-02-07 14:15 - 00000000 ____D () C:\Users\Hightorque UK\Documents\BlackBerry
2014-02-18 22:56 - 2012-12-05 09:05 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Foto
2014-02-18 22:56 - 2012-12-05 08:40 - 00000000 ____D () C:\Users\Hightorque UK\Documents\CFK1
2014-02-18 22:56 - 2012-11-13 08:16 - 00000000 ____D () C:\Users\Hightorque UK\Documents\applicationoverseastransferbop38_4
2014-02-18 22:56 - 2012-08-26 06:48 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Ian20111037
2014-02-18 22:56 - 2012-08-22 14:23 - 00000000 ____D () C:\Users\Hightorque UK\Documents\53_22a
2014-02-18 22:56 - 2012-05-21 09:11 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Cons16570644
2014-02-18 22:56 - 2012-05-12 08:08 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Indie_I1
2014-02-18 22:56 - 2012-04-17 14:39 - 00000000 ____D () C:\Users\Hightorque UK\Documents\ATT000671
2014-02-18 22:56 - 2012-02-29 10:18 - 00000000 ____D () C:\Users\Hightorque UK\Documents\31430
2014-02-18 22:56 - 2012-02-08 09:15 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IV120102HDE(RESEND)
2014-02-18 22:56 - 2012-01-03 08:20 - 00000000 ____D () C:\Users\Hightorque UK\Documents\HDEBC54
2014-02-18 22:56 - 2011-12-15 09:14 - 00000000 ____D () C:\Users\Hightorque UK\Documents\d.1stXV1959-60
2014-02-18 22:56 - 2011-09-20 10:49 - 00000000 ____D () C:\Users\Hightorque UK\Documents\GaryLarson1
2014-02-18 22:56 - 2011-08-25 06:42 - 00000000 ____D () C:\Users\Hightorque UK\Documents\HRB Data
2014-02-18 22:56 - 2011-07-18 08:56 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Awesome_Aviation_Art_WW2
2014-02-18 22:56 - 2011-05-22 07:30 - 00000000 ____D () C:\Users\Hightorque UK\Documents\DSCF1148
2014-02-18 22:56 - 2011-05-18 08:13 - 00000000 ____D () C:\Users\Hightorque UK\Documents\image001
2014-02-18 22:56 - 2011-05-08 19:43 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Kara8weeks042
2014-02-18 22:56 - 2011-04-15 06:58 - 00000000 ____D () C:\Users\Hightorque UK\Documents\DSCF0914
2014-02-18 22:56 - 2011-04-08 17:34 - 00000000 ____D () C:\Users\Hightorque UK\Documents\DSCF0884
2014-02-18 22:56 - 2011-04-06 14:28 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Cowleycutting
2014-02-18 22:56 - 2011-03-22 13:53 - 00000000 ____D () C:\Users\Hightorque UK\Documents\HightorqueFax
2014-02-18 22:56 - 2011-03-10 20:06 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Kara010
2014-02-18 22:56 - 2011-02-24 08:31 - 00000000 ____D () C:\Users\Hightorque UK\Documents\blersCelebrateCentenaryYear-MarchbyPipeMajorWillieMcColl
2014-02-18 22:56 - 2011-02-15 08:54 - 00000000 ____D () C:\Users\Hightorque UK\Documents\BellUH1C_1_large
2014-02-18 22:56 - 2011-02-02 20:45 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IMG_2421
2014-02-18 22:56 - 2011-02-01 14:57 - 00000000 ____D () C:\Users\Hightorque UK\Documents\depronparkflyer
2014-02-18 22:56 - 2010-12-08 09:31 - 00000000 ____D () C:\Users\Hightorque UK\Documents\AGM2010
2014-02-18 22:56 - 2010-12-01 09:46 - 00000000 ____D () C:\Users\Hightorque UK\Documents\28550
2014-02-18 22:56 - 2010-10-30 07:04 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IMG_2280
2014-02-18 22:56 - 2010-09-15 13:42 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IMG_2195
2014-02-18 22:56 - 2010-04-21 11:12 - 00000000 ____D () C:\Users\Hightorque UK\Documents\AFM-C-1006-BF109E7-Speed400
2014-02-18 22:56 - 2010-03-04 08:03 - 00000000 ____D () C:\Users\Hightorque UK\Documents\HIGHTORQUE005
2014-02-18 22:56 - 2010-02-26 09:57 - 00000000 ____D () C:\Users\Hightorque UK\Documents\DSCF3104
2014-02-18 22:56 - 2010-02-25 12:01 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IMG_1834
2014-02-18 22:56 - 2010-01-18 13:25 - 00000000 ____D () C:\Users\Hightorque UK\Documents\HunSpell
2014-02-18 22:56 - 2009-12-16 15:00 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Inv_249_from_Hightorque_USA
2014-02-18 22:56 - 2009-12-13 08:51 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IMG_0942
2014-02-18 22:56 - 2009-12-12 08:49 - 00000000 ____D () C:\Users\Hightorque UK\Documents\5042_Ian
2014-02-18 22:56 - 2009-11-23 15:17 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Inv_235_from_Hightorque_USA
2014-02-18 22:56 - 2009-11-19 13:55 - 00000000 ____D () C:\Users\Hightorque UK\Documents\infongd11421.sql
2014-02-18 22:56 - 2009-10-14 12:11 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Fax
2014-02-18 22:55 - 2011-12-23 10:11 - 00000000 ____D () C:\Users\Hightorque UK\Documents\mbly_Instructions_Retractable_Undercarriage_Size_400-450
2014-02-18 22:55 - 2011-03-16 09:58 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Letters
2014-02-18 22:55 - 2011-01-24 11:45 - 00000000 ___SD () C:\Users\Hightorque UK\Documents\My Data Sources
2014-02-18 22:55 - 2010-04-26 14:19 - 00000000 __RSD () C:\Users\Hightorque UK\Documents\My Stationery
2014-02-18 22:52 - 2014-01-26 14:11 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Thank You Christelle
2014-02-18 22:52 - 2014-01-22 09:42 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PI140122HDE
2014-02-18 22:52 - 2014-01-21 13:01 - 00000000 ____D () C:\Users\Hightorque UK\Documents\NeroVideo
2014-02-18 22:52 - 2014-01-08 12:51 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Receipt-949299205645
2014-02-18 22:52 - 2013-12-02 08:00 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PI131129HDE
2014-02-18 22:52 - 2013-10-21 07:47 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PI131021HDE
2014-02-18 22:52 - 2013-10-17 11:37 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PI131017HDE
2014-02-18 22:52 - 2013-08-30 09:07 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PI130826HDE
2014-02-18 22:52 - 2013-07-09 16:38 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Receipt-938365139609
2014-02-18 22:52 - 2013-05-14 09:12 - 00000000 ____D () C:\Users\Hightorque UK\Documents\REVISED130514_PI130513HDE
2014-02-18 22:52 - 2012-09-26 06:54 - 00000000 ____D () C:\Users\Hightorque UK\Documents\REVISED120926_PI120925HDE
2014-02-18 22:52 - 2012-08-23 10:19 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PI120817HDE
2014-02-18 22:52 - 2012-05-15 06:32 - 00000000 ____D () C:\Users\Hightorque UK\Documents\REVISED120515_PI120514HDE
2014-02-18 22:52 - 2012-05-07 07:16 - 00000000 ____D () C:\Users\Hightorque UK\Documents\rds3
2014-02-18 22:52 - 2012-03-12 10:04 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Pic1.Futureleadersintheirchosenfieldsofwork
2014-02-18 22:52 - 2012-02-08 09:11 - 00000000 ____D () C:\Users\Hightorque UK\Documents\REVISED120208_PI120208HDE
2014-02-18 22:52 - 2011-08-08 14:49 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Pic1.Autumn1961
2014-02-18 22:52 - 2011-03-09 09:21 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Pic1.Mathsclass
2014-02-18 22:52 - 2011-02-27 08:40 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Pic
2014-02-18 22:52 - 2011-02-24 08:34 - 00000000 ____D () C:\Users\Hightorque UK\Documents\QVSXmasCard1953
2014-02-18 22:52 - 2011-01-28 08:37 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PI110128HDE
2014-02-18 22:52 - 2011-01-05 17:09 - 00000000 ____D () C:\Users\Hightorque UK\Documents\photo1
2014-02-18 22:52 - 2011-01-01 14:43 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Pic1.Onthesledginghill.1959-60
2014-02-18 22:52 - 2010-07-13 08:20 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Symantec
2014-02-18 22:52 - 2010-04-25 09:08 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PGPexch
2014-02-18 22:52 - 2009-12-19 08:35 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PO_21_from_Hightorque_USA
2014-02-18 22:52 - 2009-12-09 08:46 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PC060070
2014-02-18 22:52 - 2009-12-03 12:32 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Shackleton
2014-02-18 22:52 - 2009-11-09 14:53 - 00000000 ____D () C:\Users\Hightorque UK\Documents\PO_17_from_Hightorque_USA
2014-02-18 22:52 - 2009-10-15 10:49 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Order_GB_HSB_BSDT_24705710_2009-10-06
2014-02-18 22:51 - 2014-02-17 10:13 - 00000000 ____D () C:\Users\Hightorque UK\Documents\TSM
2014-02-18 22:51 - 2010-07-23 10:19 - 00000000 ____D () C:\Users\Hightorque UK\Documents\TomTom
2014-02-18 22:50 - 2011-08-19 18:33 - 00000000 ____D () C:\Users\Hightorque UK\Documents\TSMsetup_ian
2014-02-18 22:50 - 2009-10-25 09:06 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Turbo Lister Backup
2014-02-18 22:43 - 2011-02-25 08:13 - 00000000 ____D () C:\Users\Hightorque UK\Documents\use1954inclVicLeMaistre,CaptainIdrisWilliamsandTomHunter
2014-02-18 22:41 - 2010-03-29 13:25 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Web
2014-02-18 22:41 - 2009-10-23 09:10 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Virtual Machines
2014-02-18 10:40 - 2014-02-18 10:11 - 00002198 _____ () C:\Windows\epplauncher.mif
2014-02-18 10:17 - 2014-02-18 10:16 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-02-18 09:59 - 2014-02-18 09:59 - 11125072 _____ (Microsoft Corporation) C:\Users\Hightorque UK\Downloads\mseinstall.exe
2014-02-17 13:58 - 2009-11-24 11:36 - 00000000 ____D () C:\Program Files\GroupMail 5
2014-02-17 13:55 - 2009-10-22 17:30 - 00000000 ____D () C:\Program Files\DivX
2014-02-17 13:54 - 2009-10-08 18:39 - 00000000 ____D () C:\Program Files\CyberLink
2014-02-17 13:54 - 2009-10-08 18:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-02-17 12:40 - 2009-10-20 12:11 - 00000000 ____D () C:\Shared Folder Hightorque Vista
2014-02-17 09:11 - 2010-05-05 12:23 - 00000000 ____D () C:\ProgramData\DivX
2014-02-17 08:50 - 2010-09-05 08:15 - 00000000 ____D () C:\Program Files\Coupon Printer
2014-02-16 12:52 - 2014-02-16 12:45 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\cache
2014-02-16 12:45 - 2014-02-16 12:45 - 00000000 ____D () C:\Users\Hightorque UK\.android
2014-02-16 12:44 - 2014-02-16 12:44 - 00000000 _____ () C:\Users\Hightorque UK\daemonprocess.txt
2014-02-16 09:11 - 2014-02-08 08:59 - 01326234 _____ () C:\Users\Hightorque UK\Downloads\E L James - 03 - Fifty Shades Freed.epub
2014-02-16 09:09 - 2014-02-16 09:09 - 00000804 _____ () C:\Users\Hightorque UK\Desktop\epubtomobi.exe - Shortcut.lnk
2014-02-16 09:08 - 2014-02-16 09:08 - 01519223 _____ (epubtomobi.com ) C:\Users\Hightorque UK\Downloads\epubtomobi_setup.exe
2014-02-15 23:02 - 2014-02-15 23:02 - 00371159 _____ () C:\Users\Hightorque UK\Downloads\The story of O - Pauline Reage.mobi
2014-02-15 20:53 - 2014-02-15 20:53 - 00000000 ____D () C:\Program Files\EPUB to MOBI
2014-02-15 20:49 - 2014-02-15 20:49 - 00930440 _____ (CNET Download.com) C:\Users\Hightorque UK\Downloads\cbsidlm-cbsi176-EPUB_to_MOBI-ORG-75613706.exe
2014-02-14 07:18 - 2014-02-14 07:18 - 00267801 _____ () C:\Users\Hightorque UK\Downloads\sexy-briefs-tasty-little-tails_20pct_sample.mobi
2014-02-14 07:17 - 2014-02-14 07:17 - 01071028 _____ () C:\Users\Hightorque UK\Downloads\shower-time.mobi
2014-02-13 22:46 - 2013-07-29 21:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-13 22:41 - 2006-11-02 10:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-12 09:01 - 2013-08-05 08:47 - 00000000 ____D () C:\Program Files\TomTom HOME 2
2014-02-12 09:00 - 2012-12-21 14:09 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\Downloaded Installations
2014-02-11 22:53 - 2014-02-10 13:31 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\ERW
2014-02-11 22:49 - 2014-02-07 13:12 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REGSERVO
2014-02-11 10:48 - 2014-02-11 10:48 - 00000000 ____D () C:\Users\Hightorque UK\Documents\epub
2014-02-11 10:40 - 2014-02-11 10:40 - 00001632 _____ () C:\Users\Hightorque UK\Desktop\FBReader.lnk
2014-02-11 10:40 - 2014-02-11 10:40 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
2014-02-11 09:19 - 2014-02-11 09:19 - 05337840 _____ () C:\Users\Hightorque UK\Downloads\FBReaderSetup-0.12.10.exe
2014-02-10 09:19 - 2014-02-10 09:19 - 00048128 _____ () C:\Users\Hightorque UK\Documents\neilbuch141564.xls
2014-02-10 08:22 - 2014-02-10 08:22 - 00000686 _____ () C:\Users\Hightorque UK\Desktop\Downloads - Shortcut.lnk

Files to move or delete:
====================
C:\Users\Hightorque UK\AppData\Roaming\desktop.ini
C:\Users\Hightorque UK\BOIE9_ENUS_BO0085_VIS.EXE
C:\Users\Hightorque UK\CTX.DAT
C:\Users\Hightorque UK\Nero-11.2.00600.exe
C:\Users\Hightorque UK\safe2012int_nero.exe
C:\Users\Hightorque UK\TomTomHOME2winlatest.exe
C:\Users\Hightorque UK\TomTomHOME2winlatest_1.exe
C:\Users\Hightorque UK\TuneUpUtilities2012-multilingual.exe


Some content of TEMP:
====================
C:\Users\Hightorque UK\AppData\Local\Temp\26c590c4-d4d0-44df-9ec5-8ad42c805165.exe
C:\Users\Hightorque UK\AppData\Local\Temp\AcsInstall.dll
C:\Users\Hightorque UK\AppData\Local\Temp\aolswfchk.dll
C:\Users\Hightorque UK\AppData\Local\Temp\aol_toolbar2C2.exe
C:\Users\Hightorque UK\AppData\Local\Temp\aol_toolbar7DEB.exe
C:\Users\Hightorque UK\AppData\Local\Temp\AskSLib.dll
C:\Users\Hightorque UK\AppData\Local\Temp\BackupSetup.exe
C:\Users\Hightorque UK\AppData\Local\Temp\BrowserSet.dll
C:\Users\Hightorque UK\AppData\Local\Temp\bzmnuiv_.dll
C:\Users\Hightorque UK\AppData\Local\Temp\cabex.dll
C:\Users\Hightorque UK\AppData\Local\Temp\chrome.exe
C:\Users\Hightorque UK\AppData\Local\Temp\dlgui.dll
C:\Users\Hightorque UK\AppData\Local\Temp\installhelper.dll
C:\Users\Hightorque UK\AppData\Local\Temp\install_flashplayer11x32axau_gtbp_chrd_aih.exe
C:\Users\Hightorque UK\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Hightorque UK\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Hightorque UK\AppData\Local\Temp\jre-6u34-windows-i586-iftw.exe
C:\Users\Hightorque UK\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Hightorque UK\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Hightorque UK\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Hightorque UK\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Hightorque UK\AppData\Local\Temp\okhxbavh.dll
C:\Users\Hightorque UK\AppData\Local\Temp\roadie.exe
C:\Users\Hightorque UK\AppData\Local\Temp\RunWizards.exe
C:\Users\Hightorque UK\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Hightorque UK\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\Hightorque UK\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Hightorque UK\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Hightorque UK\AppData\Local\Temp\svd_dap.exe
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite21040.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite42036.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite56295.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite58056.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite60708.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite66000.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite66762.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite70596.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite70615.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite70847.dll
C:\Users\Hightorque UK\AppData\Local\Temp\System.Data.SQLite93916.dll
C:\Users\Hightorque UK\AppData\Local\Temp\tbpreinst6AA8.exe
C:\Users\Hightorque UK\AppData\Local\Temp\TRRemove.exe
C:\Users\Hightorque UK\AppData\Local\Temp\Tsu5A353992.dll
C:\Users\Hightorque UK\AppData\Local\Temp\unelevate.exe
C:\Users\Hightorque UK\AppData\Local\Temp\uninst.dll
C:\Users\Hightorque UK\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Hightorque UK\AppData\Local\Temp\vmpremov.exe
C:\Users\Hightorque UK\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_24190.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-12 06:31

==================== End Of Log ============================

Addition.txt


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2014
Ran by Hightorque UK at 2014-03-12 06:44:24
Running from F:\Downloads\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
001 Joiner (HKLM\...\001Joiner_is1) (Version: 1.0.2 - Silvermaine 2000)
7-Zip 4.57 (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AOL Broadband Toolbar (HKLM\...\AOL Broadband Toolbar) (Version: - )
AOL Registration (HKLM\...\AOL Regclient) (Version: - )
AOL Toolbar (HKCU\...\AOL Toolbar) (Version: - )
AOL Toolbar (HKLM\...\AOL Toolbar) (Version: - AOL Inc.)
AOL Toolbar for Firefox (HKLM\...\AOL Toolbar for Firefox) (Version: 5.13.6.2 - AOL LLC)
AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - AOL Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian FLV Player (HKLM\...\Applian FLV Player2.0.24) (Version: 2.0.24 - Applian Technologies Inc.)
Betting Assistant (HKLM\...\{BC86ABDF-8148-44B3-8105-4AE9DDBFDCB6}) (Version: 1.0.64 - Gruss Software Ltd)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.37 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.37 - Research In Motion Ltd.) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CrashPlan (HKLM\...\{2149FA24-7AD5-4412-89A5-034C9A9710BB}) (Version: 3.0.3 - CrashPlan)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{1A6D9B5E-9BAB-4141-85BA-2C6552FA7913}) (Version: 1.0.1 - Dell, Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.1.08060 - Dell)
Dell V305 (HKLM\...\Dell V305) (Version: - Dell, Inc.)
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diagnostics32 (HKLM\...\{36EEFD4F-E34C-4491-B04A-DB8F85C3A021}) (Version: 1.0.0 - Dell, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10043 (Build 2489) - Speedbit Ltd.)
Download Updater (AOL Inc.) (HKLM\...\SoftwareUpdUtility) (Version: - AOL Inc.) <==== ATTENTION
EMCO MoveOnBoot 2.3 (HKLM\...\{52AF109C-08DC-460D-AA8C-74A71EEEA2BE}) (Version: 2.3.4.3509 - EMCO Software)
EPUB to MOBI (HKLM\...\{C65AA5AE-8B80-46B6-ADFC-BBF1EFF2AD98}_is1) (Version: - epubtomobi.com)
Everything 1.2.1.371 (HKLM\...\Everything) (Version: - )
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Inkjet Toolbox (Version: 1.0.0 - Dell, Inc.) Hidden
Install (Version: 1.0.0 - Dell, Inc.) Hidden
InstallConverter (HKLM\...\InstallConverter) (Version: 1.0 - InstallConverter)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
iPubsoft Word to PDF Converter build(2.2.11) (HKLM\...\iPubsoft Word to PDF Converter_is1) (Version: 2.2.11 - iPubsoft)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MEO Encryption Software (HKLM\...\Meo) (Version: 2.17 - NCH Software)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft AutoRoute 2001 (HKLM\...\{4D719053-5593-11D3-8F25-0060085C1758}) (Version: 8.00.15.1000 - Microsoft)
Microsoft Default Manager (HKLM\...\{61BEA823-ECAF-49F1-8378-A59B3B8AD247}) (Version: 2.1.54.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Publishing Wizard 1.5 (HKLM\...\WebPost) (Version: - )
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 11 (HKLM\...\{810B7362-6B05-4714-AF6A-EF3A20CCD634}) (Version: 11.2.00600 - Nero AG)
Nero 11 Cliparts (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Image Samples (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Video Samples (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp 11 (Version: 6.2.18400.2.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 12.0.4000 - Nero AG)
Nero Blu-ray Player (Version: 12.0.17700 - Nero AG) Hidden
Nero Burning ROM 11 (Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter (Version: 11.0.15500 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components (Version: 11.0.19400 - Nero AG) Hidden
Nero CoverDesigner 11 (Version: 6.0.11000.13.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero Disc Menus Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero Express 11 (Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Express 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero Kwik Media (Version: 1.18.19600 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (Version: 12.0.7000 - Nero AG) Hidden
Nero Kwik Themes Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero Recode 11 (Version: 5.2.10900.0.0 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (Version: 11.0.10600 - Nero AG) Hidden
Nero RescueAgent 11 (Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero SoundTrax 11 (Version: 5.0.10700.6.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
Nero Update (Version: 11.0.11500.28.0 - Nero AG) Hidden
Nero Video 11 (Version: 8.2.15700.3.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero WaveEditor 11 (Version: 6.2.11300.0.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
nero.prerequisites.msi (Version: 11.0.20010 - Nero AG) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PCL-W300 Capture (HKLM\...\PCL-W300 Capture) (Version: - )
PDF to ePUB/Mobi Converter version 2.4.0 (HKLM\...\{1E604EC6-0410-47FB-A5D0-0A935A0DFA6B}_is1) (Version: 2.4.0 - DiscoverySoft)
Pubs (Version: 1.0.0 - Dell, Inc.) Hidden
Rapport (Version: 3.5.1304.15 - Trusteer) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
Realtek Ethernet Network Card Diagnostic tool for Windows Vista (HKLM\...\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}) (Version: 1.00 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RTC Client API v1.2 (HKLM\...\{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)
Sage Line 50 6.0 (HKLM\...\Sage Line 50 6.0) (Version: - )
SavingsBull (Version: 1.0.0.0 - SavingsBull) Hidden <==== ATTENTION
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Serif PagePlus 5.0 (HKLM\...\Serif PagePlus 5.0) (Version: - )
Serif WebPlus 9.0 (HKLM\...\{4493E86C-1408-4AF6-8455-0744D25CD355}) (Version: 9.00 - Serif)
Serif WebPlus 9.0 Resource CD-ROM (HKLM\...\{80BFAC4A-59FA-4E3D-8FD7-CFA8F5B227CB}) (Version: 9.0 - Serif)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartStamp (HKLM\...\InstallShield_{DF0102B1-4E96-4953-8625-E73CEBC491E9}) (Version: 1.0.0 - Royal Mail Group plc)
SmartStamp (Version: 1.0.0 - Royal Mail Group plc) Hidden
SpeedBit Video Accelerator (HKLM\...\SpeedBit Video Accelerator) (Version: 3380(build_3064) - SpeedBit Ltd.)
SpeedBit Video Downloader (HKLM\...\SpeedBit Video Downloader) (Version: 1155(build_502) - SPEEDbit Ltd.)
Striata Reader (HKLM\...\{13d868cf-47e9-4b3d-9366-a0c60f82e5aa}) (Version: 2.9-1 - Striata Communication Solutions)
The Staking Machine V3.0 (HKLM\...\The Staking Machine V3.0) (Version: 3.0.0.0 - 1Million Ltd)
The Staking Machine V4.0 (HKLM\...\The Staking Machine V4.0) (Version: 4.0.0.0 - 1Million Ltd)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1304.15 - Trusteer)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
VLC media player 1.0.2 (HKLM\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
Welcome App (Start-up experience) (Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Internet Explorer Platform Preview (HKLM\...\{38700C90-0536-4240-8B08-3F83E2CD8AAD}) (Version: 1.9.7916.6000 - Microsoft Corporation)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinTopo (HKLM\...\WinTopo) (Version: - )
Wireless Setup Utility 32 (Version: 1.0.0 - Dell, Inc.) Hidden
Word-To-Html (HKLM\...\{70F34647-F8B6-492E-9A21-8232106536EB}) (Version: 1.0.0 - Default Company Name)

==================== Restore Points =========================


==================== Hosts content: ==========================

2006-11-02 10:23 - 2011-09-01 12:17 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {24C4F1DF-F006-4452-8146-533210DE3F7B} - System32\Tasks\GC_Scheduler => %LOCALAPPDATA%\GCC\Controller.exe <==== ATTENTION
Task: {253E6646-6801-4796-962E-0A335DBC22AF} - System32\Tasks\One-Click Tweak => C:\Program Files\Advanced PC Tweaker\OneClick.exe
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {2F2D2C54-F7EC-46C6-A67F-2D3F28C6E296} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-22] (Google Inc.)
Task: {2F9A677E-4D39-4A91-8CEC-C7080A27FE8F} - System32\Tasks\Hightorque UK2 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2012-01-13] (Nero AG)
Task: {47D18EE0-35CF-4570-BC8F-3373D403048E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4A50572A-CF8D-4E9A-95D6-CAC84D6E8380} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {59FC5BC9-3E1F-4980-A5CB-C4C00F5C9D3C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3090621729-691808380-2464640456-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
Task: {607BEEB1-11CE-4DEE-8568-09331AC36D3E} - System32\Tasks\Hightorque UK NBAgent 6 0 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2012-01-13] (Nero AG)
Task: {68962189-0BB9-4891-84B5-E2978177D350} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3090621729-691808380-2464640456-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
Task: {75269E49-1E15-475A-81F3-2FF63FF9E4DE} - System32\Tasks\{E2EF4816-8766-4D84-94AA-416C4AF9467C} => Iexplore.exe http://ui.skype.com/...temlevelpresent
Task: {7BAC48D1-7B8B-4F2B-B78E-F439CBF86784} - System32\Tasks\GC_Informer => %LOCALAPPDATA%\GCC\Controller.exe <==== ATTENTION
Task: {845E4598-C0EE-431A-B85D-288BFF8585FB} - System32\Tasks\Hightorque UK => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2012-01-13] (Nero AG)
Task: {87230141-9D3B-438E-9836-B220607B931C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-22] (Google Inc.)
Task: {8C55CE7E-CE12-484D-9B8C-F1D35FBD3DCA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AABFF369-F58C-4CAC-B387-20BF18BDBDFA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan No Task File
Task: {B7EFDFCE-4617-4E6C-B9B1-AF50A14217AC} - System32\Tasks\Microsoft\Windows\Maintenance\UP_Scheduler => %LOCALAPPDATA%\GCC\Controller.exe <==== ATTENTION
Task: {C6A088B0-4B54-4476-AA54-503A01613672} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
Task: {CE74F5AD-C0B4-4853-B780-398845DCE3A5} - System32\Tasks\{549C7F20-1C4B-47E5-BA35-546CE02E9B97} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {E48A54D6-82A1-4A42-AFE9-883AC5D3BB6C} - System32\Tasks\RtlNICDiagVistaStart => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe [2008-08-19] (Realtek)
Task: {ED8BFA87-27DB-4C65-9591-569E1CCB4780} - System32\Tasks\Hightorque UK Nero LIVEBackup Merge 6 0 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2012-01-13] (Nero AG)
Task: {F06A6BDD-6541-4FE6-934C-ABA054D6BBC7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {F740E5F6-A1A8-4F1F-97DA-8E4F398449C5} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13] ()
Task: {F8BB0221-6BA4-4869-9BD6-C37CD074EF8C} - System32\Tasks\Hightorque UK Nero LIVEBackup 6 0 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2012-01-13] (Nero AG)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\One-Click Tweak.job => C:\Program Files\Advanced PC Tweaker\AdvancedPCTweaker.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version2.job => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{1187167D-694A-4D97-9748-C1A6B331311F}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{95D5E3F6-1BC2-48DA-87DA-387FB7EB0FB8}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2009-10-14 09:14 - 2008-08-15 16:53 - 00115200 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\dldtdrpp.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-03-27 06:13 - 2012-03-27 06:13 - 00013312 _____ () C:\Program Files\CrashPlan\md5.dll
2014-02-27 08:18 - 2014-02-27 08:18 - 00197120 _____ () C:\Program Files\CrashPlan\cpnative.dll
2009-10-09 04:09 - 2008-08-15 16:53 - 00099568 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtserv.exe
2009-10-09 04:09 - 2008-08-15 16:50 - 00782336 _____ () C:\Windows\system32\dldtdrs.dll
2008-01-21 20:05 - 2008-01-21 20:05 - 00077906 _____ () C:\Windows\system32\dldtcfg.dll
2009-10-09 04:09 - 2008-08-15 16:50 - 00081920 _____ () C:\Windows\system32\dldtcaps.dll
2009-10-09 04:09 - 2008-08-15 16:50 - 00069632 _____ () C:\Windows\system32\dldtcnv4.dll
2006-07-17 16:45 - 2006-07-17 16:45 - 00040960 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE
2006-07-17 16:56 - 2006-07-17 16:56 - 00024576 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSERROR.DLL
2006-07-17 16:56 - 2006-07-17 16:56 - 00077824 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSEVENT.DLL
2006-07-17 16:43 - 2011-11-25 08:15 - 00057344 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSLOG.DLL
2006-07-17 16:40 - 2006-07-17 16:40 - 00016384 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\SMSG.DLL
2006-07-17 16:44 - 2006-07-17 16:44 - 00053248 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSREG.DLL
2013-10-21 07:44 - 2013-10-21 07:44 - 00009216 _____ () C:\ProgramData\Speedbit\DAP\Plugins\AddonsCondition.dll
2013-10-21 07:45 - 2014-01-17 06:56 - 00011776 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
2013-10-21 07:45 - 2014-01-17 06:56 - 00010240 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
2013-10-21 07:45 - 2014-01-17 06:56 - 00012800 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
2013-10-21 07:45 - 2014-01-17 06:56 - 00012800 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
2013-10-21 07:45 - 2014-01-17 06:56 - 00010752 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll
2014-02-05 15:30 - 2014-02-05 15:30 - 00475648 _____ () C:\Users\Hightorque UK\AppData\Local\GCC\Controller.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:010ADD2C
AlternateDataStreams: C:\ProgramData\TEMP:2B11E0DF
AlternateDataStreams: C:\ProgramData\TEMP:553CA6CA
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:D74B6CF5
AlternateDataStreams: C:\Users\Hightorque UK\Documents\Ricevutadeltuopagamentoahightorqueuk@aol_com.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BabylonToolbar => "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: dldtamon => "C:\Program Files\Dell V305\dldtamon.exe"
MSCONFIG\startupreg: dldtmon.exe => "C:\Program Files\Dell V305\dldtmon.exe"
MSCONFIG\startupreg: dscactivate => "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
MSCONFIG\startupreg: Everything => "C:\Program Files\Everything\Everything.exe" -startup
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SpeedBitVideoAccelerator => C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: isatap.cable.virginmedia.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: isatap.{2C1BC9D2-671D-4B5E-ABE6-F7869D0225B9}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2014 06:23:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2014 10:30:24 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.75.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1e04
Start Time: 01cf3d131cb1272e
Termination Time: 113

Error: (03/11/2014 04:16:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/11/2014 11:08:58 AM) (Source: Application Hang) (User: )
Description: The program waol.exe version 9.7.2.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1010
Start Time: 01cf3d1a0f73b3ae
Termination Time: 9

Error: (03/11/2014 11:06:57 AM) (Source: Application Hang) (User: )
Description: The program waol.exe version 9.7.2.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 13bc
Start Time: 01cf3cf5febbe56e
Termination Time: 404

Error: (03/11/2014 08:28:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/11/2014 08:28:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/11/2014 08:28:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/11/2014 08:28:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/11/2014 08:28:29 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (03/12/2014 06:23:57 AM) (Source: Service Control Manager) (User: )
Description: netfilter

Error: (03/11/2014 11:09:00 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (03/11/2014 06:31:42 AM) (Source: Service Control Manager) (User: )
Description: netfilter

Error: (03/11/2014 06:28:54 AM) (Source: Service Control Manager) (User: )
Description: Microsoft Antimalware Service1150001Restart the service

Error: (03/11/2014 06:24:59 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (03/11/2014 06:24:58 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (03/11/2014 06:24:11 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (03/11/2014 06:24:11 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (03/11/2014 06:24:11 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (03/11/2014 06:24:11 AM) (Source: Service Control Manager) (User: )
Description: AFD
CSC
DfsC
MpFilter
NetBIOS
netbt
netfilter
nsiproxy
PSched
RapportKELL
RasAcd
rdbss
Smb
spldr
tdx
vmm
Wanarpv6


Microsoft Office Sessions:
=========================
Error: (07/25/2013 07:47:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2382 seconds with 900 seconds of active time. This session ended with a crash.

Error: (04/01/2012 10:15:00 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4386 seconds with 540 seconds of active time. This session ended with a crash.

Error: (02/13/2012 02:06:03 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 16733 seconds with 720 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2014-03-12 06:43:07.621
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-12 06:43:07.263
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-12 06:43:06.857
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-12 06:43:06.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-12 06:43:05.952
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-12 06:43:05.609
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-12 06:43:05.219
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-12 06:43:04.767
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-12 06:43:04.361
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-12 06:43:03.877
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 3036.26 MB
Available physical RAM: 1678.77 MB
Total Pagefile: 6293.4 MB
Available Pagefile: 4738.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:288.01 GB) (Free:111.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.93 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:298.09 GB) (Free:157.69 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:111.79 GB) (Free:37.43 GB) NTFS
Drive h: (HD-PCU2) (Fixed) (Total:931.28 GB) (Free:562.87 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 08000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=288 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: F63BD740)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 931 GB) (Disk ID: A319272F)

Partition: GPT Partition Type.

========================================================
Disk: 3 (Size: 112 GB) (Disk ID: 5B6AC646)
Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#22
godawgs
Posted 12 March 2014 - 11:10 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello,

It looks like the OTL fix completed but I'm not sure why we got the log we got. We're gonna run this next fix from FRST. Maybe that will make it easier.


Step-1.

Farbar Fix

Please carefully read these instructions.

Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

  • Download the attached fixlist.txt file and save it to the same location where the program is, the F:\Downloads\Downloads folder.

    IMPORTANT! IF you don't save the fixlist.txt file to the same location that the FRST.exe program is located the fix will not run.
  • Please re-open the Farbar Scan tool. To do that:
  • Right click the FRST.exe file and click Run as Administrator and OK any UAC prompts to run the program.
  • Press the Fix button just once and wait. The tool will make a log (Fixlog.txt). Please post it in your next reply.
  • If the computer doesn't reboot automatically then manually reboot the computer.
The Fixlog.txt file can also be found in the same location that the program was run from.


Step-2.

Uninstall a Program

1. Please click the Start Orb Posted Image, click Control Panel. Under the Programs or Programs and Features heading click Uninstall a program
2. In the list of programs installed, locate the following program(s):

SavingsBull (Version: 1.0.0.0 - SavingsBull)

3. Right click each program and click Uninstall
4. After the programs have been uninstalled, close the Installed Programs window and the Control Panel.
5. Reboot the computer.


Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
1. Let me know if you were able to find SavingsBull in the list of installed programs and uninstall it successfully.
2. The Fixlog.txt log
  • 0

#23
Geekimnot
Posted 12 March 2014 - 11:21 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
I do not see an attachment.
  • 0

#24
godawgs
Posted 12 March 2014 - 11:30 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
my bad :whistling: Here it is:

[attachment=69579:fixlist.txt]
  • 0

#25
Geekimnot
Posted 12 March 2014 - 12:41 PM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Thanks will run it in the morning :thumbsup:
  • 0

Advertisements

#26
Geekimnot
Posted 13 March 2014 - 01:08 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Here is the Fixlog.txt


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2014
Ran by Hightorque UK at 2014-03-13 07:00:35 Run:1
Running from F:\Downloads\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
() C:\Users\Hightorque UK\AppData\Local\GCC\Controller.exe
() C:\Users\Hightorque UK\AppData\Local\GCC\Controller.exe
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosear...128491&tsp=5180
SearchScopes: HKCU - {86789896-718A-4BDD-93BC-10B967B0B5FC} URL =
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No File
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx [2013-10-18]
CHR HKLM\...\Chrome\Extension: [ledcpigomgblcmofccnacobhmcdkpiea] - C:\Program Files\SearchPredict\Chrome\SearchPredictChrome.crx [2011-10-12]
2014-03-10 08:21 - 2014-03-10 08:21 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-03-10 07:50 - 2014-03-10 07:50 - 00003200 _____ () C:\{36482CA2-D388-4412-AACA-F38151844B2F}
2014-03-09 20:47 - 2014-03-09 20:47 - 00002984 _____ () C:\{AA85D1DB-5D0F-4714-95F9-21954EFE87B5}
2014-03-09 17:47 - 2014-03-09 17:47 - 00002984 _____ () C:\{9EF9ED66-1EF3-40CC-BF22-531397875F31}
2014-03-09 06:48 - 2014-03-09 06:48 - 00002984 _____ () C:\{C0F8D77B-0B88-4343-A11F-B0A317DAAB9C}
2014-03-09 02:33 - 2014-03-09 02:33 - 00003200 _____ () C:\{9276A535-53AF-411E-B0E4-91116A774164}
2014-03-08 23:58 - 2014-03-08 23:58 - 00003952 _____ () C:\{BD18D77E-BF93-47E2-9421-463B19EAC7F4}
2014-03-08 23:55 - 2014-03-08 23:55 - 00002984 _____ () C:\{1DD5A44B-0301-4E68-A372-FC57B3F31612}
2014-03-08 22:47 - 2014-03-08 22:47 - 00002984 _____ () C:\{83F2B480-204F-4ADD-8399-75C27E3E84E7}
2014-03-08 13:54 - 2014-03-08 13:54 - 00002984 _____ () C:\{9FDCB06F-D1C9-46C9-BE7A-491589FE6995}
2014-03-08 13:15 - 2014-03-08 13:15 - 00002984 _____ () C:\{4C71F50A-B052-4D42-A09F-1F7D9107D2F0}
2014-03-08 13:11 - 2014-03-08 13:11 - 00002984 _____ () C:\{6DD096B6-CCB9-46BA-93A7-2578B07D9196}
2014-03-08 13:04 - 2014-03-08 13:04 - 00002984 _____ () C:\{C84465AF-4480-4555-AB37-0C691B818712}
2014-03-08 09:08 - 2014-03-08 09:08 - 00002984 _____ () C:\{56A4B7F8-A5B2-4AC1-B26C-C698743D90C8}
2014-03-07 21:59 - 2014-03-07 21:59 - 00002984 _____ () C:\{DEAB95AA-D500-4366-9B0D-22438CF7C933}
2014-03-07 20:38 - 2014-03-07 20:38 - 00002984 _____ () C:\{AD9414B7-7047-46B4-AC3E-5EF1E094D41F}
2014-03-07 16:38 - 2014-03-07 16:38 - 00002984 _____ () C:\{4AD5B9D8-B491-488F-A943-34068E60E70B}
2014-03-07 16:31 - 2014-03-07 16:31 - 00002984 _____ () C:\{A3375D00-7D4E-4E8B-A592-1C2569B98894}
2014-03-07 12:19 - 2014-03-09 16:26 - 00002874 _____ () C:\Users\Hightorque UK\Downloads\OTL_1.Txt
2014-03-07 12:14 - 2014-03-07 12:14 - 00002984 _____ () C:\{C7D83432-A0AE-4053-8EE7-04C8985C8F2C}
2014-03-11 12:00 - 2011-08-30 11:06 - 00000516 _____ () C:\Windows\Tasks\One-Click Tweak.job
2014-03-10 13:43 - 2009-10-08 18:40 - 00000000 ____D () C:\ProgramData\Norton
2014-03-10 08:21 - 2014-03-10 08:21 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-02-16 12:41 - 2014-03-05 07:28 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\GCC
SavingsBull (Version: 1.0.0.0 - SavingsBull) Hidden <==== ATTENTION
Task: {253E6646-6801-4796-962E-0A335DBC22AF} - System32\Tasks\One-Click Tweak => C:\Program Files\Advanced PC Tweaker\OneClick.exe
Task: {24C4F1DF-F006-4452-8146-533210DE3F7B} - System32\Tasks\GC_Scheduler => %LOCALAPPDATA%\GCC\Controller.exe <==== ATTENTION
Task: {7BAC48D1-7B8B-4F2B-B78E-F439CBF86784} - System32\Tasks\GC_Informer => %LOCALAPPDATA%\GCC\Controller.exe <==== ATTENTION
Task: {B7EFDFCE-4617-4E6C-B9B1-AF50A14217AC} - System32\Tasks\Microsoft\Windows\Maintenance\UP_Scheduler => %LOCALAPPDATA%\GCC\Controller.exe <==== ATTENTION
Task: {C6A088B0-4B54-4476-AA54-503A01613672} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
Task: {F740E5F6-A1A8-4F1F-97DA-8E4F398449C5} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13] ()
Task: C:\Windows\Tasks\One-Click Tweak.job => C:\Program Files\Advanced PC Tweaker\AdvancedPCTweaker.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version2.job => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
C:\Users\Hightorque UK\AppData\Roaming\desktop.ini
C:\Users\Hightorque UK\BOIE9_ENUS_BO0085_VIS.EXE
C:\Users\Hightorque UK\CTX.DAT
C:\Users\Hightorque UK\Nero-11.2.00600.exe
C:\Users\Hightorque UK\safe2012int_nero.exe
C:\Users\Hightorque UK\TomTomHOME2winlatest.exe
C:\Users\Hightorque UK\TomTomHOME2winlatest_1.exe
C:\Users\Hightorque UK\TuneUpUtilities2012-multilingual.exe
C:\Program Files\Common Files\ParetoLogic
C:\Program Files\BabylonToolbar
Folder: C:\Program Files\SearchPredict
Folder: C:\Program Files\Coupon Printer
Folder: C:\Program Files\Advanced PC Tweaker
stop
*****************

[1216] C:\Users\Hightorque UK\AppData\Local\GCC\Controller.exe => Process closed successfully.
[4260] C:\Users\Hightorque UK\AppData\Local\GCC\Controller.exe => Process closed successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{86789896-718A-4BDD-93BC-10B967B0B5FC} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{86789896-718A-4BDD-93BC-10B967B0B5FC} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A13C2648-91D4-4BF3-BC6D-0079707C4389} => Value deleted successfully.
HKCR\CLSID\{A13C2648-91D4-4BF3-BC6D-0079707C4389} => Key not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb => Key deleted successfully.
"C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\ledcpigomgblcmofccnacobhmcdkpiea => Key deleted successfully.
C:\Program Files\SearchPredict\Chrome\SearchPredictChrome.crx => Moved successfully.
C:\ProgramData\Viewpoint => Moved successfully.
C:\{36482CA2-D388-4412-AACA-F38151844B2F} => Moved successfully.
C:\{AA85D1DB-5D0F-4714-95F9-21954EFE87B5} => Moved successfully.
C:\{9EF9ED66-1EF3-40CC-BF22-531397875F31} => Moved successfully.
C:\{C0F8D77B-0B88-4343-A11F-B0A317DAAB9C} => Moved successfully.
C:\{9276A535-53AF-411E-B0E4-91116A774164} => Moved successfully.
C:\{BD18D77E-BF93-47E2-9421-463B19EAC7F4} => Moved successfully.
C:\{1DD5A44B-0301-4E68-A372-FC57B3F31612} => Moved successfully.
C:\{83F2B480-204F-4ADD-8399-75C27E3E84E7} => Moved successfully.
C:\{9FDCB06F-D1C9-46C9-BE7A-491589FE6995} => Moved successfully.
C:\{4C71F50A-B052-4D42-A09F-1F7D9107D2F0} => Moved successfully.
C:\{6DD096B6-CCB9-46BA-93A7-2578B07D9196} => Moved successfully.
C:\{C84465AF-4480-4555-AB37-0C691B818712} => Moved successfully.
C:\{56A4B7F8-A5B2-4AC1-B26C-C698743D90C8} => Moved successfully.
C:\{DEAB95AA-D500-4366-9B0D-22438CF7C933} => Moved successfully.
C:\{AD9414B7-7047-46B4-AC3E-5EF1E094D41F} => Moved successfully.
C:\{4AD5B9D8-B491-488F-A943-34068E60E70B} => Moved successfully.
C:\{A3375D00-7D4E-4E8B-A592-1C2569B98894} => Moved successfully.
C:\Users\Hightorque UK\Downloads\OTL_1.Txt => Moved successfully.
C:\{C7D83432-A0AE-4053-8EE7-04C8985C8F2C} => Moved successfully.
C:\Windows\Tasks\One-Click Tweak.job => Moved successfully.
C:\ProgramData\Norton => Moved successfully.
"C:\ProgramData\Viewpoint" => File/Directory not found.
C:\Users\Hightorque UK\AppData\Local\GCC => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}\\SystemComponent => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{253E6646-6801-4796-962E-0A335DBC22AF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{253E6646-6801-4796-962E-0A335DBC22AF} => Key deleted successfully.
C:\Windows\System32\Tasks\One-Click Tweak => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One-Click Tweak => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24C4F1DF-F006-4452-8146-533210DE3F7B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24C4F1DF-F006-4452-8146-533210DE3F7B} => Key deleted successfully.
C:\Windows\System32\Tasks\GC_Scheduler => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GC_Scheduler => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BAC48D1-7B8B-4F2B-B78E-F439CBF86784} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BAC48D1-7B8B-4F2B-B78E-F439CBF86784} => Key deleted successfully.
C:\Windows\System32\Tasks\GC_Informer => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GC_Informer => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7EFDFCE-4617-4E6C-B9B1-AF50A14217AC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7EFDFCE-4617-4E6C-B9B1-AF50A14217AC} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\UP_Scheduler => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\UP_Scheduler => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6A088B0-4B54-4476-AA54-503A01613672} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6A088B0-4B54-4476-AA54-503A01613672} => Key deleted successfully.
C:\Windows\System32\Tasks\ParetoLogic Registration => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Registration => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F740E5F6-A1A8-4F1F-97DA-8E4F398449C5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F740E5F6-A1A8-4F1F-97DA-8E4F398449C5} => Key deleted successfully.
C:\Windows\System32\Tasks\ParetoLogic Update Version2 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Update Version2 => Key deleted successfully.
C:\Windows\Tasks\One-Click Tweak.job not found.
C:\Windows\Tasks\ParetoLogic Update Version2.job => Moved successfully.
C:\Users\Hightorque UK\AppData\Roaming\desktop.ini => Moved successfully.
C:\Users\Hightorque UK\BOIE9_ENUS_BO0085_VIS.EXE => Moved successfully.
C:\Users\Hightorque UK\CTX.DAT => Moved successfully.
C:\Users\Hightorque UK\Nero-11.2.00600.exe => Moved successfully.
C:\Users\Hightorque UK\safe2012int_nero.exe => Moved successfully.
C:\Users\Hightorque UK\TomTomHOME2winlatest.exe => Moved successfully.
C:\Users\Hightorque UK\TomTomHOME2winlatest_1.exe => Moved successfully.
C:\Users\Hightorque UK\TuneUpUtilities2012-multilingual.exe => Moved successfully.
C:\Program Files\Common Files\ParetoLogic => Moved successfully.
C:\Program Files\BabylonToolbar => Moved successfully.

========================= Folder: C:\Program Files\SearchPredict ========================

2011-10-12 07:20 - 2014-03-13 07:00 - 0000000 ____D () C:\Program Files\SearchPredict\Chrome

====== End of Folder: ======


========================= Folder: C:\Program Files\Coupon Printer ========================

2010-09-05 08:15 - 2010-09-05 08:15 - 0473600 _____ () C:\Program Files\Coupon Printer\uninstall.exe

====== End of Folder: ======


========================= Folder: C:\Program Files\Advanced PC Tweaker ========================

Directory Not Found

====== End of Folder: ======


==== End of Fixlog ====

Savingsbull uninstalled sucessfully
  • 0

#27
godawgs
Posted 13 March 2014 - 09:21 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Thanks for the log. Let's see what else we can find.

Step-1

Please open the C:\Program Files\Search Predict folder and look for a file named uninstall.exe or unwise.exe. If the file is there please right click it and click Run as Administrator. That should uninstall the program. If you get a message telling you that a .dll or some other file is missing just let me know.

Repeat the above for the C:\Program Files\Coupon Printer folder.


Step-2.

Download the following programs and save them to the desktop:

Click here to download aswMBR.exe.

Click here and then click the Download Now @ BleepingComputer button to download AdwCleaner.
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.


Step-3.

Run aswMBR
  • Right click the aswMBR.exe file and click Run as Administrator. If you get a UAC window, allow the file to run.
  • If it asks you if you want to download the latest virus definitions, click Yes
  • Be sure the A/V Scan: is set to QuickScan
  • Click the "Scan" button to start the scan
    Posted Image
  • On completion of the scan click save log. Save it to your desktop and post in your next reply.
    Posted Image
NOTE: When you run aswMBR, if it is shutdown automatically, then it is most likely the infection detecting that aswMBR is running and terminating it. In this situation you should rename the executable (aswMBR.exe) to iexplore.exe and try it again.


Step-4.

AdwCleaner by Xplode

Close all open windows and browsers.
  • Right click the AdwCleaner icon Posted Image on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.

    Posted Image
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above the progress bar you will see Pending. Please uncheck elements you don't want to remove. Please Don't delete anything at this time.
  • Click the Report button to get the log.
  • Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
  • Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.
NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.


Step-5.

Fabar Recovery Scan

Close all open Windows and browsers
  • Right click the FRST.exe file and click Run as Administrator to run the tool.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • There won't be an (Addition.txt this time.

Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
1. Let me know what happened with Search Predict and Coupon Printer.
2. The aswMBR log
3. The AdwCleaner[R0].txt log
4. The new FRST.txt log
  • 0

#28
Geekimnot
Posted 13 March 2014 - 10:12 AM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
SearchPredict contains an empty file called Chrome

CouponPrinter unilstall ran.

AswMbr ran twice, first time I got a BLUE crash screen, an had to reboot manually, I ran it again this time it ran much longer but then got a BLUE screen that was only up for a few seconds then the computer re - started.
  • 0

#29
godawgs
Posted 13 March 2014 - 10:59 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Try running aswMBR again. But before you click the Scan button, look to the left of the Scan button. There will be a check mark in a box beside Trace disk IO calls.
Click the box to remove the check mark and then click the Scan button.
  • 0

#30
Geekimnot
Posted 13 March 2014 - 12:34 PM

Geekimnot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Did what you requested tried twice, got BLUE screens both times, so tried in Safe Mode, ran until Temporary Internet Files and hung there for an hour.

Should I delete the The Temp files and try again??
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP