Hello Naat,
Thank you for making time to help with my problem>
Here s the FRST log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014
Ran by Hightorque UK (administrator) on HIGHTORQUEUK-PC on 09-09-2014 13:36:28
Running from C:\Users\Hightorque UK\Desktop
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\spool\drivers\w32x86\3\dldtserv.exe
( ) C:\Windows\System32\dldtcoms.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(AOL Inc.) C:\Program Files\Common Files\aol\1255507870\ee\aolsoftware.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(AOL Inc.) C:\Program Files\AOL Desktop 9.7f\waol.exe
(AOL LLC) C:\Program Files\Common Files\aol\ACS\AOLacsd.exe
(AOL Inc.) C:\Program Files\AOL Desktop 9.7f\shellmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Virtual PC\Virtual PC.exe
(1Million Ltd) C:\Program Files\TSMV5\TheStakingMachine.exe
(Gruss Software Ltd) M:\Betting Assistant.exe
(AOL Inc.) C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
(AOL Inc.) C:\Program Files\AOL Desktop 9.7f\AOLBrowser\aolbrowser.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [HostManager] => C:\Program Files\Common Files\AOL\1255507870\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6265376 2008-08-19] (Realtek Semiconductor)
HKLM\...\Run: [OLP-Tray] => C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE [40960 2006-07-17] ()
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [NBAgent] => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\realplayer\update\realsched.exe [274608 2011-01-02] (RealNetworks, Inc.)
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\safe2012int_nero.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\boie9_enus_bo0085_vis.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\tomtomhome2winlatest.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\is360setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\tomtomhome2winlatest_1.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\nero-11.2.00600.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\tuneuputilities2012-multilingual.exe <====== ATTENTION
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [DownloadAccelerator] => C:\Programs\DAP\DAP.EXE [3795160 2013-10-18] (Speedbit Ltd.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-02] (Google Inc.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [DAP10] => C:\Programs\DAP\DAP.EXE [3795160 2013-10-18] (Speedbit Ltd.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [M-Downloader] => C:\Program Files\M-Downloader\Updater.exe
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [NBJ] => C:\Program Files\M-Downloader\Updater.exe SCFG.exe e" oolbarNotifier.exe" (the data entry has 824 more characters).
HKU\S-1-5-21-3090621729-691808380-2464640456-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [DownloadAccelerator] => C:\Programs\DAP\DAP.EXE [3795160 2013-10-18] (Speedbit Ltd.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [SpeedBitVideoAccelerator] => C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
HKU\S-1-5-21-3090621729-691808380-2464640456-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3090621729-691808380-2464640456-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-02] (Google Inc.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-3090621729-691808380-2464640456-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [DAP10] => C:\Programs\DAP\DAP.EXE [3795160 2013-10-18] (Speedbit Ltd.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [M-Downloader] => C:\Program Files\M-Downloader\Updater.exe
HKU\S-1-5-21-3090621729-691808380-2464640456-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NBJ] => C:\Program Files\M-Downloader\Updater.exe Runner.exe" oolbarNotifier.exe" (the data entry has 824 more characters).
HKU\S-1-5-21-3090621729-691808380-2464640456-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [AOL Fast Start] => C:\Program Files\AOL Desktop 9.7f\AOL.EXE [72312 2012-10-15] (AOL Inc.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\Explorer: [NoSetActiveDesktop] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (No File)
Startup: C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x708AF6F795A3CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKLM - AOL Broadband Toolbar Search Class - {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {D85A7553-65DA-46D1-9F05-EF978F1D951A} URL = http://search.aol.co..._it=clireset-ie
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...&rlz=1I7GGIE_en
SearchScopes: HKCU - URL http://search.condui...archTerms}=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.searc...ix={searchTerms}
SearchScopes: HKCU - FFF9366C2DEB4E6B8AE77F135949B1E9 URL = http://search.speedb...&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...&rlz=1I7GGIE_en
SearchScopes: HKCU - {E9B128CC-8E8B-473D-A891-EE81222E58F9} URL = http://search.aol.co..._it=clireset-ie
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: AOL Broadband Toolbar Loader -> {776a9d06-e178-4aa0-aee4-b4de3a64ad28} -> C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Programs\DAP\LinkVerifier.dll (Speedbit Ltd.)
BHO: Download Accelerator Plus Integration -> {FF6C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Programs\DAP\DAPIEL~1.DLL (SpeedBit Ltd.)
Toolbar: HKLM - AOL Broadband Toolbar - {e6ed7f95-e571-4f81-8757-5eb11252703d} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - AOL Broadband Toolbar - {E6ED7F95-E571-4F81-8757-5EB11252703D} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.m...ash/swflash.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @real.com/nppl3260;version=12.0.1.609 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.609 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.609 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.609 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-11]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-01-02]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Programs\DAP\daplinkchecker
FF Extension: DAP Link Checker - C:\Programs\DAP\daplinkchecker [2013-10-18]
FF HKCU\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Programs\DAP\DAPFireFox
FF Extension: Download Accelerator Plus (DAP) extension - C:\Programs\DAP\DAPFireFox [2010-04-20]
Chrome:
=======
CHR HomePage: Default -> F0176AA0B691C91964C9ECFEB7443863C85B509386AAC78E246D1D5EDE895832
CHR NewTab: Default -> "chrome-extension://epikbiglahnndfidencpcjhnefnmooeg/spent.html"
CHR DefaultSearchKeyword: Default -> search.conduit.com
CHR DefaultSearchProvider: Default -> Conduit Search
CHR DefaultSearchURL: Default -> http://search.condui...archTerms}=
CHR DefaultSuggestURL: Default -> http://suggest.searc...ix={searchTerms}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR CustomProfile: C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-22]
CHR Extension: (Google Drive) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-22]
CHR Extension: (DAP Link Checker) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh [2013-10-18]
CHR Extension: (Google Search) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-22]
CHR Extension: (Allin1Convert) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\epikbiglahnndfidencpcjhnefnmooeg [2014-04-24]
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2011-01-08]
CHR Extension: (Google Wallet) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-22]
CHR Extension: (Gmail) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-22]
CHR HKLM\...\Chrome\Extension: [bodfdknjhecmadheclfjkhhiofeagdbh] - C:\Programs\DAP\daplinkchecker.crx [2013-10-18]
CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Programs\DAP\DAPChrome\DAPChrome6.crx [2010-11-26]
CHR HKLM\...\Chrome\Extension: [gkcbebbklfkjeocpmoamnopdllfekind] - C:\Users\Hightorque UK\AppData\Roaming\M-Downloader\Extensions\gdchrome.crx [2010-11-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\...\Chrome\Extension: [pcidejejpblipcjpnkfkddlkmgndblch] - C:\Users\Hightorque UK\AppData\Roaming\M-Downloader\Extensions\GenCrawler.crx [2013-05-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [81920 2008-08-19] (Andrea Electronics Corporation)
R3 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
S3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R2 dldtCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldtserv.exe [99568 2008-08-15] ()
R2 dldt_device; C:\Windows\system32\dldtcoms.exe [595184 2008-02-25] ( )
S2 gupdate1ca533d60cc32d0; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-10-22] (Google Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [687400 2011-11-25] (Nero AG)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-07-31] (IBM Corp.)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [2462160 2014-07-21] (Paramount Software UK Ltd)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [79960 2008-08-19] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R0 pssnap; C:\Windows\System32\DRIVERS\pssnap.sys [16504 2013-06-28] (Macrium Software)
R1 RapportCerberus_80049; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80049.sys [433240 2014-09-01] ()
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [251928 2014-07-31] (IBM Corp.)
R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [206520 2014-07-31] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [332792 2014-07-31] (IBM Corp.)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1308304 2012-11-07] (Realtek Semiconductor Corporation )
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-08-19] (Windows ® Codename Longhorn DDK provider)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
R1 MpKsl2e6c08d4; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AD3578D7-902E-41F5-9E47-F740000040A2}\MpKsl2e6c08d4.sys [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-09 13:36 - 2014-09-09 13:38 - 00085080 _____ () C:\Users\Hightorque UK\Desktop\FRST.txt
2014-09-09 13:35 - 2014-09-09 13:35 - 01097728 _____ (Farbar) C:\Users\Hightorque UK\Desktop\FRST.exe
2014-09-09 12:24 - 2014-09-09 12:24 - 00000473 _____ () C:\Users\Hightorque UK\Desktop\Backups - Shortcut.lnk
2014-09-09 10:16 - 2014-09-09 10:16 - 00000513 _____ () C:\Users\Hightorque UK\Desktop\Shared Folder Hightorque Vista - Shortcut.lnk
2014-09-07 08:34 - 2014-09-07 08:34 - 00000656 _____ () C:\Users\Hightorque UK\Desktop\Calibre Library - Shortcut.lnk
2014-09-05 15:21 - 2014-09-09 12:26 - 00002065 _____ () C:\Users\Hightorque UK\Desktop\Betting Assistant.lnk
2014-09-05 15:21 - 2014-09-05 15:21 - 00001916 _____ () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betting Assistant.lnk
2014-09-02 15:24 - 2014-09-02 15:25 - 00000000 ___HD () C:\Program Files\Temp
2014-09-02 15:19 - 2014-09-02 15:20 - 111172669 _____ (Realtek Semiconductor Corp.) C:\Users\Hightorque UK\Downloads\32bit_Win7_Win8_Win81_R275.exe
2014-09-02 13:22 - 2014-09-02 14:11 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IV140811HDE
2014-09-02 13:22 - 2014-09-02 13:22 - 00007503 _____ () C:\Users\Hightorque UK\Documents\IV140811HDE.zip
2014-09-02 10:47 - 2014-09-02 10:47 - 00131108 _____ () C:\Users\Hightorque UK\Documents\CausemannInv140814.zip
2014-09-02 10:47 - 2014-09-02 10:47 - 00000000 ____D () C:\Users\Hightorque UK\Documents\CausemannInv140814
2014-09-01 11:10 - 2014-09-09 12:14 - 00000000 ____D () C:\Users\Hightorque UK\Calibre Library
2014-09-01 11:02 - 2014-09-01 11:02 - 00000285 _____ () C:\Users\Hightorque UK\Desktop\New Volume (N) - Shortcut.lnk
2014-09-01 11:02 - 2014-09-01 11:02 - 00000186 _____ () C:\Users\Hightorque UK\Desktop\HD-PCU2 (M) - Shortcut.lnk
2014-09-01 10:10 - 2014-09-01 10:10 - 00000285 _____ () C:\Users\Hightorque UK\Desktop\New Volume (K) - Shortcut.lnk
2014-08-31 13:06 - 2014-08-31 13:06 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Gruss Software Ltd
2014-08-31 12:56 - 2014-08-31 12:56 - 00001668 _____ () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\The Staking Machine V5.0.lnk
2014-08-31 12:56 - 2014-08-31 12:56 - 00001644 _____ () C:\Users\Hightorque UK\Desktop\The Staking Machine V5.0.lnk
2014-08-31 12:56 - 2014-08-31 12:56 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Staking Machine V5.0
2014-08-28 15:04 - 2014-08-28 15:04 - 00000000 ____D () C:\Program Files\AVG Security Toolbar
2014-08-28 15:03 - 2014-08-28 15:03 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-28 09:58 - 2014-09-08 18:08 - 00000432 _____ () C:\Windows\Tasks\Disc C Image xml.job
2014-08-28 09:36 - 2014-08-28 09:36 - 00000000 ____D () C:\Sage Line 50 Backups
2014-08-28 09:24 - 2014-08-28 09:23 - 00002685 _____ () C:\Users\Hightorque UK\Desktop\Labels undelivered 65 labels per sheet - Shortcut.lnk
2014-08-28 09:22 - 2014-08-28 09:21 - 00002544 _____ () C:\Users\Hightorque UK\Desktop\14 labels per sheet - Shortcut.lnk
2014-08-28 09:02 - 2014-08-28 09:02 - 00205562 _____ () C:\Users\Hightorque UK\Documents\TheConfessionsofLadyBeatrice.zip
2014-08-28 08:26 - 2012-11-07 08:34 - 01308304 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTWlanU.sys
2014-08-28 07:22 - 2014-08-28 07:23 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Reflect
2014-08-27 20:29 - 2014-06-26 23:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-27 20:29 - 2014-06-26 23:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-27 20:29 - 2014-06-26 23:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-27 20:26 - 2014-06-06 05:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-27 19:31 - 2014-08-23 02:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 19:31 - 2014-08-23 00:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 18:54 - 2014-06-02 11:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-27 18:54 - 2014-06-02 11:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-27 18:54 - 2014-06-02 11:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-27 18:54 - 2014-06-02 11:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-27 18:54 - 2014-06-02 09:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-27 18:54 - 2014-04-26 17:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-27 18:53 - 2014-07-08 01:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-27 18:53 - 2014-06-14 01:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-27 18:53 - 2014-06-14 01:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-27 18:53 - 2014-06-06 09:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-27 18:53 - 2014-04-05 04:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-27 18:53 - 2014-04-05 02:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-08-27 18:52 - 2014-07-24 19:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-27 18:52 - 2014-07-24 18:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-27 18:52 - 2014-07-24 18:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-27 18:52 - 2014-07-24 18:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-27 18:52 - 2014-07-24 18:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-27 18:52 - 2014-07-24 18:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-27 18:52 - 2014-07-24 18:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-27 18:52 - 2014-07-24 18:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-27 18:52 - 2014-07-24 18:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-27 18:52 - 2014-07-24 18:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-27 18:52 - 2014-07-24 18:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-27 18:52 - 2014-07-24 18:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-27 18:52 - 2014-07-24 18:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-27 18:52 - 2014-05-30 07:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-27 18:52 - 2014-03-10 02:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-27 18:52 - 2014-03-10 02:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-27 18:51 - 2014-07-24 18:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-27 18:51 - 2014-07-24 18:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-27 18:51 - 2014-07-24 18:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-27 18:51 - 2014-07-24 18:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-27 18:51 - 2014-07-24 18:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-27 18:51 - 2014-07-24 18:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-27 18:51 - 2014-07-24 18:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-27 18:51 - 2014-07-24 18:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-27 17:33 - 2014-08-27 17:33 - 02016040 _____ (Driver Manager) C:\Users\Hightorque UK\Downloads\DriverManager.exe
2014-08-27 17:32 - 2014-08-27 17:32 - 00000000 ____D () C:\ProgramData\Driver Support
2014-08-27 17:31 - 2014-08-27 17:31 - 02002024 _____ (PC Drivers Headquarters, LP) C:\Users\Hightorque UK\Downloads\DriverSupport.exe
2014-08-27 16:11 - 2014-08-27 16:11 - 00000868 _____ () C:\Users\Hightorque UK\Desktop\Reflect - Shortcut.lnk
2014-08-27 16:06 - 2014-08-27 16:06 - 00001868 _____ () C:\Users\Public\Desktop\Reflect.lnk
2014-08-27 16:06 - 2014-08-27 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2014-08-27 16:06 - 2014-08-27 16:06 - 00000000 ____D () C:\Program Files\Macrium
2014-08-27 16:03 - 2014-08-27 16:07 - 00830084 _____ () C:\Reflect_Install.log
2014-08-27 16:01 - 2014-08-27 16:02 - 49549264 _____ (Paramount Software UK Ltd) C:\Users\Hightorque UK\Downloads\reflect_setup_free_x86.exe
2014-08-27 13:43 - 2014-08-27 13:43 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-09 13:38 - 2014-09-09 13:36 - 00085080 _____ () C:\Users\Hightorque UK\Desktop\FRST.txt
2014-09-09 13:37 - 2009-12-14 17:28 - 00000422 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1187167D-694A-4D97-9748-C1A6B331311F}.job
2014-09-09 13:37 - 2009-10-23 07:42 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-09 13:36 - 2014-05-20 14:03 - 00000000 ____D () C:\FRST
2014-09-09 13:35 - 2014-09-09 13:35 - 01097728 _____ (Farbar) C:\Users\Hightorque UK\Desktop\FRST.exe
2014-09-09 13:13 - 2009-10-08 19:25 - 01092768 _____ () C:\Windows\WindowsUpdate.log
2014-09-09 12:56 - 2014-04-11 07:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-09 12:42 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-09 12:42 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-09 12:26 - 2014-09-05 15:21 - 00002065 _____ () C:\Users\Hightorque UK\Desktop\Betting Assistant.lnk
2014-09-09 12:24 - 2014-09-09 12:24 - 00000473 _____ () C:\Users\Hightorque UK\Desktop\Backups - Shortcut.lnk
2014-09-09 12:23 - 2014-06-04 11:21 - 00000000 ____D () C:\Users\Hightorque UK\.FBReader
2014-09-09 12:14 - 2014-09-01 11:10 - 00000000 ____D () C:\Users\Hightorque UK\Calibre Library
2014-09-09 11:56 - 2009-10-14 10:14 - 00000000 ____D () C:\ProgramData\Dl_cats
2014-09-09 10:21 - 2010-07-26 13:46 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\vlc
2014-09-09 10:16 - 2014-09-09 10:16 - 00000513 _____ () C:\Users\Hightorque UK\Desktop\Shared Folder Hightorque Vista - Shortcut.lnk
2014-09-09 10:06 - 2009-10-20 13:11 - 00000000 ____D () C:\Shared Folder Hightorque Vista
2014-09-09 06:49 - 2009-10-23 07:42 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-08 18:08 - 2014-08-28 09:58 - 00000432 _____ () C:\Windows\Tasks\Disc C Image xml.job
2014-09-08 11:06 - 2014-05-18 22:30 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-08 09:11 - 2006-11-02 11:33 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-08 06:50 - 2009-10-13 14:57 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-08 06:47 - 2006-11-02 13:52 - 01069963 _____ () C:\Windows\setupact.log
2014-09-08 06:45 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-07 20:25 - 2006-11-02 14:01 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-07 08:34 - 2014-09-07 08:34 - 00000656 _____ () C:\Users\Hightorque UK\Desktop\Calibre Library - Shortcut.lnk
2014-09-07 08:34 - 2009-10-13 11:03 - 00000000 ____D () C:\Users\Hightorque UK
2014-09-05 16:51 - 2009-10-13 14:50 - 00057344 _____ () C:\Users\Hightorque UK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-05 16:44 - 2011-02-09 09:04 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\CrashDumps
2014-09-05 15:21 - 2014-09-05 15:21 - 00001916 _____ () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betting Assistant.lnk
2014-09-04 06:45 - 2014-04-11 07:54 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-04 06:45 - 2014-04-11 07:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-04 06:45 - 2009-10-13 14:05 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\Adobe
2014-09-03 07:52 - 2014-02-22 12:59 - 00001933 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-02 15:25 - 2014-09-02 15:24 - 00000000 ___HD () C:\Program Files\Temp
2014-09-02 15:20 - 2014-09-02 15:19 - 111172669 _____ (Realtek Semiconductor Corp.) C:\Users\Hightorque UK\Downloads\32bit_Win7_Win8_Win81_R275.exe
2014-09-02 14:11 - 2014-09-02 13:22 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IV140811HDE
2014-09-02 14:11 - 2011-04-30 09:39 - 00000000 ____D () C:\Users\Hightorque UK\Desktop\XL files
2014-09-02 13:22 - 2014-09-02 13:22 - 00007503 _____ () C:\Users\Hightorque UK\Documents\IV140811HDE.zip
2014-09-02 10:47 - 2014-09-02 10:47 - 00131108 _____ () C:\Users\Hightorque UK\Documents\CausemannInv140814.zip
2014-09-02 10:47 - 2014-09-02 10:47 - 00000000 ____D () C:\Users\Hightorque UK\Documents\CausemannInv140814
2014-09-01 17:36 - 2013-03-17 08:11 - 00000000 ____D () C:\Program Files\TSMV5
2014-09-01 11:02 - 2014-09-01 11:02 - 00000285 _____ () C:\Users\Hightorque UK\Desktop\New Volume (N) - Shortcut.lnk
2014-09-01 11:02 - 2014-09-01 11:02 - 00000186 _____ () C:\Users\Hightorque UK\Desktop\HD-PCU2 (M) - Shortcut.lnk
2014-09-01 11:02 - 2011-02-21 12:21 - 00000285 _____ () C:\Users\Hightorque UK\Desktop\New Volume (L) - Shortcut.lnk
2014-09-01 10:10 - 2014-09-01 10:10 - 00000285 _____ () C:\Users\Hightorque UK\Desktop\New Volume (K) - Shortcut.lnk
2014-09-01 09:59 - 2014-02-17 15:05 - 00000000 ____D () C:\Users\Hightorque UK\Documents\My Kindle Content
2014-09-01 06:36 - 2013-08-20 07:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-08-31 13:06 - 2014-08-31 13:06 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Gruss Software Ltd
2014-08-31 12:56 - 2014-08-31 12:56 - 00001668 _____ () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\The Staking Machine V5.0.lnk
2014-08-31 12:56 - 2014-08-31 12:56 - 00001644 _____ () C:\Users\Hightorque UK\Desktop\The Staking Machine V5.0.lnk
2014-08-31 12:56 - 2014-08-31 12:56 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Staking Machine V5.0
2014-08-30 10:06 - 2009-10-25 10:06 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Turbo Lister Backup
2014-08-29 14:45 - 2014-04-20 07:07 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\webinternetsecurity
2014-08-29 08:24 - 2009-10-13 11:03 - 00201680 _____ () C:\Users\Hightorque UK\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-29 08:19 - 2006-11-02 13:47 - 00786792 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 15:04 - 2014-08-28 15:04 - 00000000 ____D () C:\Program Files\AVG Security Toolbar
2014-08-28 15:03 - 2014-08-28 15:03 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-28 14:39 - 2014-04-15 13:00 - 00000000 ____D () C:\Program Files\M-Downloader
2014-08-28 13:36 - 2009-10-08 19:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-28 12:20 - 2009-10-27 11:44 - 00000000 ____D () C:\Old Backup File
2014-08-28 09:36 - 2014-08-28 09:36 - 00000000 ____D () C:\Sage Line 50 Backups
2014-08-28 09:23 - 2014-08-28 09:24 - 00002685 _____ () C:\Users\Hightorque UK\Desktop\Labels undelivered 65 labels per sheet - Shortcut.lnk
2014-08-28 09:21 - 2014-08-28 09:22 - 00002544 _____ () C:\Users\Hightorque UK\Desktop\14 labels per sheet - Shortcut.lnk
2014-08-28 09:12 - 2011-03-31 13:00 - 00000000 ____D () C:\ProgramData\CrashPlan
2014-08-28 09:09 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-28 09:02 - 2014-08-28 09:02 - 00205562 _____ () C:\Users\Hightorque UK\Documents\TheConfessionsofLadyBeatrice.zip
2014-08-28 07:23 - 2014-08-28 07:22 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Reflect
2014-08-28 07:19 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-08-28 06:59 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-27 20:47 - 2009-10-13 11:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-27 20:45 - 2013-07-29 22:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-27 17:33 - 2014-08-27 17:33 - 02016040 _____ (Driver Manager) C:\Users\Hightorque UK\Downloads\DriverManager.exe
2014-08-27 17:32 - 2014-08-27 17:32 - 00000000 ____D () C:\ProgramData\Driver Support
2014-08-27 17:31 - 2014-08-27 17:31 - 02002024 _____ (PC Drivers Headquarters, LP) C:\Users\Hightorque UK\Downloads\DriverSupport.exe
2014-08-27 16:45 - 2009-10-08 19:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-27 16:33 - 2010-06-07 07:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-27 16:11 - 2014-08-27 16:11 - 00000868 _____ () C:\Users\Hightorque UK\Desktop\Reflect - Shortcut.lnk
2014-08-27 16:07 - 2014-08-27 16:03 - 00830084 _____ () C:\Reflect_Install.log
2014-08-27 16:06 - 2014-08-27 16:06 - 00001868 _____ () C:\Users\Public\Desktop\Reflect.lnk
2014-08-27 16:06 - 2014-08-27 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2014-08-27 16:06 - 2014-08-27 16:06 - 00000000 ____D () C:\Program Files\Macrium
2014-08-27 16:02 - 2014-08-27 16:01 - 49549264 _____ (Paramount Software UK Ltd) C:\Users\Hightorque UK\Downloads\reflect_setup_free_x86.exe
2014-08-27 14:42 - 2009-10-21 09:58 - 00000000 ____D () C:\Logos & Flags
2014-08-27 13:43 - 2014-08-27 13:43 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-08-27 13:24 - 2009-10-08 21:21 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-08-27 13:15 - 2009-10-14 10:24 - 00001356 _____ () C:\Users\Hightorque UK\AppData\Local\d3d9caps.dat
2014-08-23 02:03 - 2014-08-27 19:31 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 00:26 - 2014-08-27 19:31 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
Files to move or delete:
====================
C:\Users\Hightorque UK\BOIE9_ENUS_BO0085_VIS.EXE
C:\Users\Hightorque UK\CTX.DAT
C:\Users\Hightorque UK\is360setup.exe
C:\Users\Hightorque UK\Nero-11.2.00600.exe
C:\Users\Hightorque UK\safe2012int_nero.exe
C:\Users\Hightorque UK\TomTomHOME2winlatest.exe
C:\Users\Hightorque UK\TomTomHOME2winlatest_1.exe
C:\Users\Hightorque UK\TuneUpUtilities2012-multilingual.exe
Some content of TEMP:
====================
C:\Users\Hightorque UK\AppData\Local\Temp\AcsInstall.dll
C:\Users\Hightorque UK\AppData\Local\Temp\oi_{33D53119-3FD9-4342-AB58-DD54D39B0A2C}.exe
C:\Users\Hightorque UK\AppData\Local\Temp\reflectPatch.exe
C:\Users\Hightorque UK\AppData\Local\Temp\safeguard.exe
C:\Users\Hightorque UK\AppData\Local\Temp\setup.exe
C:\Users\Hightorque UK\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\Hightorque UK\AppData\Local\Temp\uninst.dll
C:\Users\Hightorque UK\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Hightorque UK\AppData\Local\Temp\your_file_download.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-08 06:51
==================== End Of Log ============================
and the Addition log.
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-09-2014
Ran by Hightorque UK at 2014-09-09 13:39:56
Running from C:\Users\Hightorque UK\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
001 Joiner (HKLM\...\001Joiner_is1) (Version: 1.0.2 - Silvermaine 2000)
7-Zip 4.57 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AOL Broadband Toolbar (HKLM\...\AOL Broadband Toolbar) (Version: - )
AOL Registration (HKLM\...\AOL Regclient) (Version: - )
AOL Toolbar (HKCU\...\AOL Toolbar) (Version: - )
AOL Toolbar (HKLM\...\AOL Toolbar) (Version: - AOL Inc.)
AOL Toolbar for Firefox (HKLM\...\AOL Toolbar for Firefox) (Version: 5.13.6.2 - AOL LLC)
AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - AOL Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian FLV Player (HKLM\...\Applian FLV Player2.0.24) (Version: 2.0.24 - Applian Technologies Inc.)
Betting Assistant (HKLM\...\{BC86ABDF-8148-44B3-8105-4AE9DDBFDCB6}) (Version: 1.0.64 - Gruss Software Ltd)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
calibre (HKLM\...\{39509A2F-C63C-404E-A4DC-7E6D4FCB6D66}) (Version: 1.39.0 - Kovid Goyal)
CleanUp! (HKLM\...\CleanUp!) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CryptoPrevent v4.3.2 (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{1A6D9B5E-9BAB-4141-85BA-2C6552FA7913}) (Version: 1.0.1 - Dell, Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.1.08060 - Dell)
Dell V305 (HKLM\...\Dell V305) (Version: - Dell, Inc.)
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diagnostics32 (HKLM\...\{36EEFD4F-E34C-4491-B04A-DB8F85C3A021}) (Version: 1.0.0 - Dell, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10043 (Build 2489) - Speedbit Ltd.)
EMCO MoveOnBoot 2.3 (HKLM\...\{52AF109C-08DC-460D-AA8C-74A71EEEA2BE}) (Version: 2.3.4.3509 - EMCO Software)
Everything 1.2.1.371 (HKLM\...\Everything) (Version: - )
FBReader for Windows (HKLM\...\FBReader for Windows) (Version: - )
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
FileParade bundle uninstaller (HKLM\...\FileParade bundle uninstaller) (Version: 2.0.0.3 - FileParade) <==== ATTENTION
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
High-Definition Video Playback (Version: 11.1.11100.4.196 - Nero AG) Hidden
Inkjet Toolbox (Version: 1.0.0 - Dell, Inc.) Hidden
Install (Version: 1.0.0 - Dell, Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.3.7149 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MEO Encryption Software (HKLM\...\Meo) (Version: 2.17 - NCH Software)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (HKLM\...\{61BEA823-ECAF-49F1-8378-A59B3B8AD247}) (Version: 2.1.54.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Publishing Wizard 1.5 (HKLM\...\WebPost) (Version: - )
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 11 (HKLM\...\{810B7362-6B05-4714-AF6A-EF3A20CCD634}) (Version: 11.2.00600 - Nero AG)
Nero 11 Cliparts (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Disc Menus Basic (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Effects Basic (Version: 11.0.11400.14.0 - Nero AG) Hidden
Nero 11 Image Samples (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 PiP Effects Basic (Version: 11.0.11400.14.0 - Nero AG) Hidden
Nero 11 Video Samples (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp 11 (Version: 6.2.18400.2.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG)
Nero Burning ROM 11 (Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (Version: 11.0.12700.0.27 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (Version: 11.0.16300.1.23 - Nero AG) Hidden
Nero CoverDesigner 11 (Version: 6.0.11000.13.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero Express 11 (Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Express 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero Kwik Media (Version: 1.10.24800.146.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (Version: 11.0.10200 - Nero AG) Hidden
Nero Recode 11 (Version: 5.2.10900.0.0 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (Version: 11.0.10600 - Nero AG) Hidden
Nero RescueAgent 11 (Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.11500.1.5 - Nero AG) Hidden
Nero SoundTrax 11 (Version: 5.0.10700.6.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
Nero Update (Version: 11.0.11500.28.0 - Nero AG) Hidden
Nero Video 11 (Version: 8.2.15700.3.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero WaveEditor 11 (Version: 6.2.11300.0.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
nero.prerequisites.msi (Version: 11.0.20010 - Nero AG) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PCL-W300 Capture (HKLM\...\PCL-W300 Capture) (Version: - )
Pubs (Version: 1.0.0 - Dell, Inc.) Hidden
Rapport (Version: 3.5.1403.67 - Trusteer) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
Realtek Ethernet Network Card Diagnostic tool for Windows Vista (HKLM\...\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}) (Version: 1.00 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RTC Client API v1.2 (HKLM\...\{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)
Sage Line 50 6.0 (HKLM\...\Sage Line 50 6.0) (Version: - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Serif PagePlus 5.0 (HKLM\...\Serif PagePlus 5.0) (Version: - )
Serif WebPlus 9.0 (HKLM\...\{4493E86C-1408-4AF6-8455-0744D25CD355}) (Version: 9.00 - Serif)
Serif WebPlus 9.0 Resource CD-ROM (HKLM\...\{80BFAC4A-59FA-4E3D-8FD7-CFA8F5B227CB}) (Version: 9.0 - Serif)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartStamp (HKLM\...\InstallShield_{DF0102B1-4E96-4953-8625-E73CEBC491E9}) (Version: 1.0.0 - Royal Mail Group plc)
SmartStamp (Version: 1.0.0 - Royal Mail Group plc) Hidden
SoftwareWatcher bundle (HKLM\...\SoftwareWatcher bundle) (Version: 2.0.0.3 - SoftwareWatcher)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Striata Reader (HKLM\...\{13d868cf-47e9-4b3d-9366-a0c60f82e5aa}) (Version: 2.9-1 - Striata Communication Solutions)
The Staking Machine V3.0 (HKLM\...\The Staking Machine V3.0) (Version: 3.0.0.0 - 1Million Ltd)
The Staking Machine V4.0 (HKLM\...\The Staking Machine V4.0) (Version: 5.0.0.0 - 1Million Ltd)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1403.67 - Trusteer)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version: - )
VLC media player 1.0.2 (HKLM\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
Welcome App (Start-up experience) (Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Internet Explorer Platform Preview (HKLM\...\{38700C90-0536-4240-8B08-3F83E2CD8AAD}) (Version: 1.9.7916.6000 - Microsoft Corporation)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinTopo (HKLM\...\WinTopo) (Version: - )
Wireless Setup Utility 32 (Version: 1.0.0 - Dell, Inc.) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{1780ADA5-3A29-3585-A9FF-40C8186BE344}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{19EABA9F-F6A6-3819-823A-2686E2A9312D}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{2A0C2A39-A9EF-3DBE-911A-6D0B4DF94D04}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{38952F1E-F6A7-3306-9326-E7DB4C2E9568}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{3AF2C83F-13AF-3F62-AC52-A975EB2B88FC}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 -> C:\Program Files\Microsoft Office\Office12\msohevi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{51B41EFD-4425-3B34-9ED9-4400FAB105BD}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{57719D6B-9FE2-397B-8AC1-D3EE59883165}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{73200952-7BF0-35A6-BA4C-AED65FC453D5}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7f\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{85454798-8737-3287-B75D-3B31DC32572C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{9851A417-A10E-3AE3-B75D-1B1041881EE3}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{D8993B26-50F0-3ADC-9C55-010001146949}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 -> C:\Windows\system32\ieframe.dll (Microsoft Corporation)
==================== Restore Points =========================
29-08-2014 09:56:06 Scheduled Checkpoint
29-08-2014 14:00:56 Removed Betting Assistant
29-08-2014 14:02:37 Installed Betting Assistant
30-08-2014 08:22:01 Scheduled Checkpoint
31-08-2014 08:01:32 Scheduled Checkpoint
31-08-2014 12:03:34 Removed Betting Assistant
31-08-2014 12:05:05 Installed Betting Assistant
01-09-2014 05:34:20 Installed Rapport
01-09-2014 05:44:29 Windows Update
01-09-2014 21:43:52 Windows Update
02-09-2014 13:42:25 Windows Update
03-09-2014 06:29:53 Scheduled Checkpoint
04-09-2014 06:32:07 Scheduled Checkpoint
04-09-2014 18:53:49 Windows Update
05-09-2014 05:26:42 Removed Betting Assistant
05-09-2014 05:29:38 Installed Betting Assistant
05-09-2014 14:01:11 Removed Betting Assistant
05-09-2014 14:21:00 Installed Betting Assistant
06-09-2014 06:17:15 Scheduled Checkpoint
07-09-2014 19:23:40 Windows Update
09-09-2014 06:27:51 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2014-09-09 13:04 - 00003556 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 capitalimonline.com
127.0.0.1 www.verifi-infonet.com
127.0.0.1 www.forsil-srl.com
127.0.0.1 trustedppiclaims.co.uk
127.0.0.1 ftp.signara.org
127.0.0.1 buy-fifa-ultimateteam-coins.com
127.0.0.1 pay.pal-schutz.com
127.0.0.1 swqk3xftx38.h149.pp39dk.com
127.0.0.1 robertoleal.es
127.0.0.1 verifi-infonet.com
127.0.0.1 ssl.paypal.secure.your.billing.information.mytrickworld.com
127.0.0.1 lastminute-ibiza.net
127.0.0.1 myaccount.aol.com.onlineaccounts.upgrade.online.billing.account.update.alcaldiadearaure.gob.ve
127.0.0.1 www.rhnp.org
127.0.0.1 bit.ly
127.0.0.1 www.axisengneering.com
127.0.0.1 www.positive-eft.com
127.0.0.1 hw0vrcfmu0fpd.com
127.0.0.1 www.art3c.com.tw
127.0.0.1 www.kielkoppfest.harzwinter.net
127.0.0.1 www.battle.net-account.asxp.cn.com
127.0.0.1 mgstrategiesstudio.com
127.0.0.1 www.paypal.com.p2jdb5zb17llxg1i.0243cn71m8gjun1.com
127.0.0.1 paypal.com.update.account.toughbook.cl
127.0.0.1 www.lappen-123.no
127.0.0.1 www.paypal-update.visitasgratis.info
127.0.0.1 stromarket.ru
127.0.0.1 www.ocevap.com
There are 61 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {2F2D2C54-F7EC-46C6-A67F-2D3F28C6E296} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-22] (Google Inc.)
Task: {47D18EE0-35CF-4570-BC8F-3373D403048E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4A50572A-CF8D-4E9A-95D6-CAC84D6E8380} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {59FC5BC9-3E1F-4980-A5CB-C4C00F5C9D3C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3090621729-691808380-2464640456-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
Task: {68962189-0BB9-4891-84B5-E2978177D350} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3090621729-691808380-2464640456-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
Task: {71EC043D-342F-4ED2-862D-1CD13E3BDFE5} - System32\Tasks\Hightorque UK NBAgent 6 0 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2012-01-13] (Nero AG)
Task: {75269E49-1E15-475A-81F3-2FF63FF9E4DE} - System32\Tasks\{E2EF4816-8766-4D84-94AA-416C4AF9467C} => Iexplore.exe http://ui.skype.com/...temlevelpresent
Task: {87230141-9D3B-438E-9836-B220607B931C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-22] (Google Inc.)
Task: {8C55CE7E-CE12-484D-9B8C-F1D35FBD3DCA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {9326BFB9-42D9-4193-B36F-9F792DA680A3} - System32\Tasks\Hightorque UK => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2012-01-13] (Nero AG)
Task: {9C9962E2-C803-4F09-8961-0C9403E56DA1} - System32\Tasks\Disc C Image xml => C:\Program Files\Macrium\Reflect\Reflect.exe [2014-08-17] (Paramount Software UK Ltd)
Task: {AABFF369-F58C-4CAC-B387-20BF18BDBDFA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan No Task File <==== ATTENTION
Task: {CE3F09F2-2C80-44CD-8238-426EC6C09CF0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-04] (Adobe Systems Incorporated)
Task: {CE74F5AD-C0B4-4853-B780-398845DCE3A5} - System32\Tasks\{549C7F20-1C4B-47E5-BA35-546CE02E9B97} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {E48A54D6-82A1-4A42-AFE9-883AC5D3BB6C} - System32\Tasks\RtlNICDiagVistaStart => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe [2008-08-19] (Realtek)
Task: {ED8BFA87-27DB-4C65-9591-569E1CCB4780} - System32\Tasks\Hightorque UK Nero LIVEBackup Merge 6 0 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2012-01-13] (Nero AG)
Task: {F8BB0221-6BA4-4869-9BD6-C37CD074EF8C} - System32\Tasks\Hightorque UK Nero LIVEBackup 6 0 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2012-01-13] (Nero AG)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Disc C Image xml.job => C:\Program Files\Macrium\Reflect\Reflect.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{1187167D-694A-4D97-9748-C1A6B331311F}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2009-10-14 10:14 - 2008-08-15 17:53 - 00115200 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\dldtdrpp.dll
2008-01-21 21:05 - 2008-08-15 17:52 - 00077906 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtCFG.dll
2009-10-09 05:09 - 2008-08-15 17:53 - 00811008 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtptpc.dll
2009-10-09 05:09 - 2008-08-15 17:53 - 00148992 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtdrui.dll
2009-10-09 05:09 - 2008-08-15 17:54 - 00147456 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtPRPR.DLL
2009-10-09 05:09 - 2008-08-15 17:53 - 00195072 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtdr.dll
2009-10-09 05:09 - 2008-08-15 17:53 - 01339392 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtHPEC.DLL
2009-10-09 05:09 - 2008-08-15 17:53 - 00589824 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtdatr.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-10-09 05:09 - 2008-08-15 17:53 - 00099568 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtserv.exe
2009-10-09 05:09 - 2008-08-15 17:50 - 00782336 _____ () C:\Windows\system32\dldtdrs.dll
2008-01-21 21:05 - 2008-01-21 21:05 - 00077906 _____ () C:\Windows\system32\dldtcfg.dll
2009-10-09 05:09 - 2008-08-15 17:50 - 00081920 _____ () C:\Windows\system32\dldtcaps.dll
2009-10-09 05:09 - 2008-08-15 17:50 - 00069632 _____ () C:\Windows\system32\dldtcnv4.dll
2009-11-17 15:09 - 2012-11-09 06:02 - 01752576 _____ () C:\Program Files\File Shredder\fsshell.dll
2014-01-21 13:53 - 2014-01-21 13:53 - 00076800 _____ () C:\Program Files\NCH Software\Meo\meodll.dll
2006-07-17 17:45 - 2006-07-17 17:45 - 00040960 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE
2006-07-17 17:56 - 2006-07-17 17:56 - 00024576 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSERROR.DLL
2006-07-17 17:56 - 2006-07-17 17:56 - 00077824 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSEVENT.DLL
2006-07-17 17:43 - 2011-11-25 09:15 - 00057344 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSLOG.DLL
2006-07-17 17:40 - 2006-07-17 17:40 - 00016384 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\SMSG.DLL
2006-07-17 17:44 - 2006-07-17 17:44 - 00053248 _____ () C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSREG.DLL
2012-10-15 17:45 - 2012-10-15 17:45 - 00048640 _____ () C:\Program Files\AOL Desktop 9.7f\zlib.dll
2012-10-15 17:45 - 2012-10-15 17:45 - 00094208 _____ () C:\Program Files\AOL Desktop 9.7f\Components\Tier2Svc.dll
2012-10-15 17:45 - 2012-10-15 17:45 - 00060928 _____ () C:\Program Files\AOL Desktop 9.7f\Components\DataSvcs.dll
2013-03-17 08:11 - 2007-08-12 09:20 - 00307200 _____ () C:\Program Files\TSMV5\ZedGraph.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:010ADD2C
AlternateDataStreams: C:\ProgramData\TEMP:2B11E0DF
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:553CA6CA
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:D74B6CF5
AlternateDataStreams: C:\Users\Hightorque UK\Documents\Ricevutadeltuopagamentoahightorqueuk@aol_com.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: dldtamon => "C:\Program Files\Dell V305\dldtamon.exe"
MSCONFIG\startupreg: dldtmon.exe => "C:\Program Files\Dell V305\dldtmon.exe"
MSCONFIG\startupreg: dscactivate => "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
MSCONFIG\startupreg: Everything => "C:\Program Files\Everything\Everything.exe" -startup
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
==================== Faulty Device Manager Devices =============
Name: isatap.cable.virginmedia.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: isatap.{2C1BC9D2-671D-4B5E-ABE6-F7869D0225B9}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Windows Mobile-based device
Description: Windows Mobile-based device
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: (Standard Windows Mobile devices)
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (09/09/2014 00:19:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HIGHTORQUE UK\.FBREADER\NETWORK.DB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/09/2014 00:19:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HIGHTORQUE UK\.FBREADER\BOOKS.DB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/09/2014 00:02:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HIGHTORQUE UK\.FBREADER\NETWORK.DB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/09/2014 00:02:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HIGHTORQUE UK\.FBREADER\NETWORK.DB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/09/2014 00:02:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HIGHTORQUE UK\.FBREADER\BOOKS.DB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/09/2014 10:41:07 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HIGHTORQUE UK\CALIBRE LIBRARY\METADATA.DB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/09/2014 10:41:00 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HIGHTORQUE UK\CALIBRE LIBRARY\METADATA.DB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/09/2014 10:41:00 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HIGHTORQUE UK\CALIBRE LIBRARY\METADATA.DB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/09/2014 10:41:00 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HIGHTORQUE UK\CALIBRE LIBRARY\METADATA.DB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/09/2014 10:40:59 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HIGHTORQUE UK\CALIBRE LIBRARY\METADATA.DB-JOURNAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (09/08/2014 04:33:21 PM) (Source: iaStor) (EventID: 9) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
Error: (09/08/2014 06:55:36 AM) (Source: volsnap) (EventID: 20) (User: )
Description: The shadow copies of volume L: were aborted because of a failed free space computation.
Error: (09/08/2014 06:55:29 AM) (Source: volsnap) (EventID: 20) (User: )
Description: The shadow copies of volume D: were aborted because of a failed free space computation.
Error: (09/08/2014 06:46:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000MBAMService
Error: (09/08/2014 06:46:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
netfilter
Error: (09/06/2014 06:42:38 AM) (Source: Microsoft-Windows-DriverFrameworks-UserMode) (EventID: 10101) (User: NT AUTHORITY)
Description: 3758096899
Error: (09/06/2014 06:36:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
netfilter
Error: (09/05/2014 06:14:33 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
netfilter
Error: (09/04/2014 06:37:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
netfilter
Error: (09/03/2014 07:59:25 AM) (Source: Microsoft-Windows-DriverFrameworks-UserMode) (EventID: 10101) (User: NT AUTHORITY)
Description: 3758096899
Microsoft Office Sessions:
=========================
Error: (03/24/2014 10:05:01 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/25/2013 08:47:05 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2382 seconds with 900 seconds of active time. This session ended with a crash.
Error: (04/01/2012 11:15:00 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4386 seconds with 540 seconds of active time. This session ended with a crash.
Error: (02/13/2012 03:06:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 16733 seconds with 720 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-09-09 13:38:00.527
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-09 13:37:59.551
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-09 13:37:58.590
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-09 13:37:57.701
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-09 13:37:56.634
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-09 13:37:55.739
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-09 13:37:54.894
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-09 13:37:54.028
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-09 13:37:52.825
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80049.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-09 13:37:51.603
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80049.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 74%
Total physical RAM: 3036.26 MB
Available physical RAM: 783.3 MB
Total Pagefile: 6276.66 MB
Available Pagefile: 3112.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1910.94 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:288.01 GB) (Free:137.82 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.64 GB) NTFS
Drive k: (New Volume) (Fixed) (Total:298.09 GB) (Free:167.04 GB) NTFS
Drive l: (New Volume) (Fixed) (Total:111.79 GB) (Free:37.51 GB) NTFS
Drive m: (HD-PCU2) (Fixed) (Total:931.28 GB) (Free:443.55 GB) FAT32
Drive n: (New Volume) (Fixed) (Total:298.09 GB) (Free:204.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 08000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=288 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: F63BD740)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: F908A936)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (Size: 111.8 GB) (Disk ID: 5B6AC646)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: A319272F)
Partition 1: (Active) - (Size=931.5 GB) - (Type=0B)
==================== End Of Log ============================
Good hunting !!!
Regards
Ian