This topic is lockedHello Naat,
AOL is working OK, I have been using all of the time, I never used the AOL toolbar.
Cheers,
Ian 
Deleting ib.adnxs [Solved]
Started by
Geekimnot
, Sep 08 2014 05:03 AM
#17
Posted 11 September 2014 - 05:22 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Fix with Farbar Recovery Scan Tool
This fix was created for this user for use on that particular machine. Running it on another one may cause damage and render the system unstable.
Press the 
+ R on your keyboard at the same time. Type Notepad and click OK.
- Copy the entire content of the codebox below and paste into the Notepad document:
start closeprocesses: Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (No File) SearchScopes: HKCU - URL http://search.condui...archTerms}= SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.searc...ix={searchTerms} SearchScopes: HKCU - FFF9366C2DEB4E6B8AE77F135949B1E9 URL = http://search.speedb...&q={searchTerms} CHR NewTab: Default -> "chrome-extension://epikbiglahnndfidencpcjhnefnmooeg/spent.html" CHR DefaultSearchKeyword: Default -> search.conduit.com CHR DefaultSearchProvider: Default -> Conduit Search CHR DefaultSearchURL: Default -> http://search.condui...archTerms}= CHR DefaultSuggestURL: Default -> http://suggest.searc...ix={searchTerms} CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File Task: {AABFF369-F58C-4CAC-B387-20BF18BDBDFA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan No Task File <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:010ADD2C AlternateDataStreams: C:\ProgramData\TEMP:2B11E0DF AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:553CA6CA AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 AlternateDataStreams: C:\ProgramData\TEMP:D74B6CF5 HKU\S-1-5-21-3090621729-691808380-2464640456-1000\Software\Classes\.exe: exefile => <===== ATTENTION! emptytemp: end - Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
- Right-click on icon and select
Run as Administrator to start the tool.
> XP users click run after receipt of Windows Security Warning - Open File.
> 8 users will be prompted about Windows SmartScreen protection - click More information and Run. - Press the Fix button just once and wait.
- If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please include it in your reply.
What issues you are experiencing after the fix?
#18
Posted 12 September 2014 - 01:05 AM
Geekimnot
- Topic Starter
-
- Member
-
- 280 posts
Member
God morning Naat, 
I am sorry about the occasional delay in responding, but I run a small internet business on my PC and sometimes have to keep it running.
My AOL browser had a problem with the ib.adnxs yesterday. Somehow the blocking popups command altered to allow ib.adnxs. I have just checked again and it showed in the "allowed" sites this morning, I have once again removed it but this must be about the 10 th time I have done so.
Maybe over the weekend I will delete and then re-insatall AOL 9.7
Fixlog.txt
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-09-2014
Ran by Hightorque UK at 2014-09-11 17:24:17 Run:1
Running from C:\Users\Hightorque UK\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
closeprocesses:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (No File)
SearchScopes: HKCU - URL http://search.condui...archTerms}=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.searc...x={searchTerms}
SearchScopes: HKCU - FFF9366C2DEB4E6B8AE77F135949B1E9 URL = http://search.speedb...q={searchTerms}
CHR NewTab: Default -> "chrome-extension://epikbiglahnndfidencpcjhnefnmooeg/spent.html"
CHR DefaultSearchKeyword: Default -> search.conduit.com
CHR DefaultSearchProvider: Default -> Conduit Search
CHR DefaultSearchURL: Default -> http://search.condui...archTerms}=
CHR DefaultSuggestURL: Default -> http://suggest.searc...x={searchTerms}
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
Task: {AABFF369-F58C-4CAC-B387-20BF18BDBDFA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:010ADD2C
AlternateDataStreams: C:\ProgramData\TEMP:2B11E0DF
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:553CA6CA
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:D74B6CF5
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
emptytemp:
end
*****************
Processes closed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk => Moved successfully.
C:\Program Files\CrashPlan\CrashPlanTray.exe not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\FFF9366C2DEB4E6B8AE77F135949B1E9" => Key deleted successfully.
"HKCR\CLSID\FFF9366C2DEB4E6B8AE77F135949B1E9" => Key not found.
Chrome NewTab deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
CHR DefaultSearchProvider: Default -> Conduit Search ==> The Chrome "Settings" can be used to fix the entry.
Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AABFF369-F58C-4CAC-B387-20BF18BDBDFA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AABFF369-F58C-4CAC-B387-20BF18BDBDFA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" => Key deleted successfully.
C:\ProgramData\TEMP => ":010ADD2C" ADS removed successfully.
C:\ProgramData\TEMP => ":2B11E0DF" ADS removed successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\TEMP => ":553CA6CA" ADS removed successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.
C:\ProgramData\TEMP => ":D74B6CF5" ADS removed successfully.
"HKU\S-1-5-21-3090621729-691808380-2464640456-1000\Software\Classes\.exe" => Key deleted successfully.
EmptyTemp: => Removed 1.2 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
#19
Posted 12 September 2014 - 02:20 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Hi
A little refresher is always fine. However why don't you update your AOL soft to the newest possible version? Remember that staying updated is crucial. Older versions contain vulnerabilities/security risks.
Now I have to say that I will be absent till Monday (maybe Tuesday), but I've asked a friend to stick with you. After the fix please post me a fresh set of reports Scan with Farbar Recovery Scan Tool
Please re-run Farbar Recovery Scan Tool.
- Right-click on icon and select Run as Administrator to start the tool.
> XP users click run after receipt of Windows Security Warning - Open File.
> 8 users will be prompted about Windows SmartScreen protection - click More information and Run. - Make sure that Addition option is checked.
- Press Scan button and wait.
- The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
#20
Posted 12 September 2014 - 03:32 AM
Geekimnot
- Topic Starter
-
- Member
-
- 280 posts
Member
Hi Naat
Have a great weekend. Going somewhere nice ??
I cannot use AOL higher than 9.7.
FRST log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014
Ran by Hightorque UK (administrator) on HIGHTORQUEUK-PC on 12-09-2014 10:02:34
Running from C:\Users\Hightorque UK\Desktop
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\spool\drivers\w32x86\3\dldtserv.exe
( ) C:\Windows\System32\dldtcoms.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(AOL Inc.) C:\Program Files\Common Files\aol\1255507870\ee\aolsoftware.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AOL LLC) C:\Program Files\Common Files\aol\ACS\AOLacsd.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Virtual PC\Virtual PC.exe
(AOL Inc.) C:\Program Files\AOL Desktop 9.7f\waol.exe
(AOL Inc.) C:\Program Files\AOL Desktop 9.7f\shellmon.exe
(AOL Inc.) C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(AOL Inc.) C:\Program Files\AOL Desktop 9.7f\AOLBrowser\aolbrowser.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [HostManager] => C:\Program Files\Common Files\AOL\1255507870\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6265376 2008-08-19] (Realtek Semiconductor)
HKLM\...\Run: [OLP-Tray] => C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE [40960 2006-07-17] ()
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NBAgent] => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\realplayer\update\realsched.exe [274608 2011-01-02] (RealNetworks, Inc.)
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\safe2012int_nero.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\boie9_enus_bo0085_vis.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\tomtomhome2winlatest.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\is360setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\tomtomhome2winlatest_1.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\nero-11.2.00600.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\tuneuputilities2012-multilingual.exe <====== ATTENTION
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [DownloadAccelerator] => C:\Programs\DAP\DAP.EXE [3795160 2013-10-18] (Speedbit Ltd.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [DAP10] => C:\Programs\DAP\DAP.EXE [3795160 2013-10-18] (Speedbit Ltd.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [M-Downloader] => C:\Program Files\M-Downloader\Updater.exe
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [NBJ] => C:\Program Files\M-Downloader\Updater.exe SCFG.exe e" (the data entry has 824 more characters).
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [AOL Fast Start] => C:\Program Files\AOL Desktop 9.7f\AOL.EXE [72312 2012-10-15] (AOL Inc.)
HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-02] (Google Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x708AF6F795A3CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKLM - AOL Broadband Toolbar Search Class - {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
SearchScopes: HKLM - {D85A7553-65DA-46D1-9F05-EF978F1D951A} URL = http://search.aol.co..._it=clireset-ie
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {E9B128CC-8E8B-473D-A891-EE81222E58F9} URL = http://search.aol.co..._it=clireset-ie
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: AOL Broadband Toolbar Loader -> {776a9d06-e178-4aa0-aee4-b4de3a64ad28} -> C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Programs\DAP\LinkVerifier.dll (Speedbit Ltd.)
BHO: Download Accelerator Plus Integration -> {FF6C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Programs\DAP\DAPIEL~1.DLL (SpeedBit Ltd.)
Toolbar: HKLM - AOL Broadband Toolbar - {e6ed7f95-e571-4f81-8757-5eb11252703d} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - AOL Broadband Toolbar - {E6ED7F95-E571-4F81-8757-5EB11252703D} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.m...ash/swflash.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @real.com/nppl3260;version=12.0.1.609 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.609 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.609 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.609 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-11]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-01-02]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Programs\DAP\daplinkchecker
FF Extension: DAP Link Checker - C:\Programs\DAP\daplinkchecker [2013-10-18]
FF HKCU\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Programs\DAP\DAPFireFox
FF Extension: Download Accelerator Plus (DAP) extension - C:\Programs\DAP\DAPFireFox [2010-04-20]
Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=&SSPV=
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=&SSPV="
CHR DefaultSearchProvider: Default -> Conduit Search
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR CustomProfile: C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-22]
CHR Extension: (Google Drive) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-22]
CHR Extension: (DAP Link Checker) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh [2013-10-18]
CHR Extension: (Google Search) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-22]
CHR Extension: (Allin1Convert) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\epikbiglahnndfidencpcjhnefnmooeg [2014-04-24]
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2011-01-08]
CHR Extension: (Google Wallet) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-22]
CHR Extension: (Gmail) - C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-22]
CHR HKLM\...\Chrome\Extension: [bodfdknjhecmadheclfjkhhiofeagdbh] - C:\Programs\DAP\daplinkchecker.crx [2013-10-18]
CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Programs\DAP\DAPChrome\DAPChrome6.crx [2010-11-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [81920 2008-08-19] (Andrea Electronics Corporation)
R3 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
S3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R2 dldtCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldtserv.exe [99568 2008-08-15] ()
R2 dldt_device; C:\Windows\system32\dldtcoms.exe [595184 2008-02-25] ( )
S2 gupdate1ca533d60cc32d0; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-10-22] (Google Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [687400 2011-11-25] (Nero AG)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-07-31] (IBM Corp.)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [2462160 2014-07-21] (Paramount Software UK Ltd)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [79960 2008-08-19] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R0 pssnap; C:\Windows\System32\DRIVERS\pssnap.sys [16504 2013-06-28] (Macrium Software)
R1 RapportCerberus_80049; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80049.sys [433240 2014-09-01] ()
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [251928 2014-07-31] (IBM Corp.)
R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [206520 2014-07-31] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [332792 2014-07-31] (IBM Corp.)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1308304 2012-11-07] (Realtek Semiconductor Corporation )
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-08-19] (Windows ® Codename Longhorn DDK provider)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-11 23:13 - 2014-08-15 15:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 23:13 - 2014-08-15 15:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 23:13 - 2014-08-15 15:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 23:13 - 2014-08-15 15:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 23:13 - 2014-08-15 15:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 23:13 - 2014-08-15 15:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 23:13 - 2014-08-15 15:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 23:13 - 2014-08-15 15:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 23:13 - 2014-08-15 15:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 23:13 - 2014-08-15 15:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 23:13 - 2014-08-15 15:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 23:13 - 2014-08-15 15:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-11 23:13 - 2014-08-15 15:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 23:13 - 2014-08-15 15:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 23:13 - 2014-08-15 15:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 23:13 - 2014-08-15 15:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-11 23:13 - 2014-08-15 15:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 23:13 - 2014-08-15 15:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 23:13 - 2014-08-15 15:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 23:13 - 2014-08-15 15:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-11 23:13 - 2014-08-15 15:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-11 08:03 - 2014-09-12 10:03 - 00080802 _____ () C:\Users\Hightorque UK\Desktop\FRST3.txt
2014-09-11 08:01 - 2014-09-11 08:03 - 00047433 _____ () C:\Users\Hightorque UK\Desktop\Addition3.txt
2014-09-11 07:56 - 2014-09-11 08:01 - 00104728 _____ () C:\Users\Hightorque UK\Desktop\FRST2.txt
2014-09-10 16:03 - 2014-09-10 16:03 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-09-10 16:02 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-10 16:00 - 2014-09-10 18:46 - 00000000 ____D () C:\AdwCleaner
2014-09-10 15:16 - 2014-09-10 15:16 - 00005696 _____ () C:\Users\Hightorque UK\Desktop\JRT.txt
2014-09-10 14:44 - 2014-09-10 14:44 - 01370467 _____ () C:\Users\Hightorque UK\Desktop\AdwCleaner.exe
2014-09-10 14:43 - 2014-09-10 14:43 - 01016261 _____ (Thisisu) C:\Users\Hightorque UK\Desktop\JRT.exe
2014-09-10 14:10 - 2014-09-10 14:10 - 00042713 _____ () C:\Users\Hightorque UK\Documents\Favorite Places HT USA.pfc
2014-09-09 15:35 - 2014-09-09 15:35 - 00284133 _____ () C:\Users\Hightorque UK\Documents\Favorite Places HT copy.pfc
2014-09-09 15:31 - 2014-09-09 15:31 - 00284133 _____ () C:\Users\Hightorque UK\Documents\Favorite Places HT.pfc
2014-09-09 15:11 - 2014-09-09 15:22 - 00236381 _____ () C:\Users\Hightorque UK\Downloads\Favourite Places.pfc
2014-09-09 15:09 - 2014-09-09 15:09 - 00033308 _____ () C:\Users\Hightorque UK\Documents\Favorite Places MIA.pfc
2014-09-09 15:00 - 2014-09-09 15:00 - 00000323 _____ () C:\Users\Hightorque UK\Desktop\Reflect image - Shortcut.lnk
2014-09-09 13:39 - 2014-09-09 13:43 - 00051984 _____ () C:\Users\Hightorque UK\Desktop\Addition1.txt
2014-09-09 13:36 - 2014-09-11 07:56 - 00104532 _____ () C:\Users\Hightorque UK\Desktop\FRST1.txt
2014-09-09 13:35 - 2014-09-09 13:35 - 01097728 _____ (Farbar) C:\Users\Hightorque UK\Desktop\FRST.exe
2014-09-09 12:24 - 2014-09-09 12:24 - 00000473 _____ () C:\Users\Hightorque UK\Desktop\Backups - Shortcut.lnk
2014-09-09 10:16 - 2014-09-09 10:16 - 00000513 _____ () C:\Users\Hightorque UK\Desktop\Shared Folder Hightorque Vista - Shortcut.lnk
2014-09-07 08:34 - 2014-09-07 08:34 - 00000656 _____ () C:\Users\Hightorque UK\Desktop\Calibre Library - Shortcut.lnk
2014-09-05 15:21 - 2014-09-11 12:44 - 00002065 _____ () C:\Users\Hightorque UK\Desktop\Betting Assistant.lnk
2014-09-05 15:21 - 2014-09-05 15:21 - 00001916 _____ () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betting Assistant.lnk
2014-09-02 15:24 - 2014-09-02 15:25 - 00000000 ___HD () C:\Program Files\Temp
2014-09-02 15:19 - 2014-09-02 15:20 - 111172669 _____ (Realtek Semiconductor Corp.) C:\Users\Hightorque UK\Downloads\32bit_Win7_Win8_Win81_R275.exe
2014-09-02 13:22 - 2014-09-02 14:11 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IV140811HDE
2014-09-02 13:22 - 2014-09-02 13:22 - 00007503 _____ () C:\Users\Hightorque UK\Documents\IV140811HDE.zip
2014-09-02 10:47 - 2014-09-02 10:47 - 00131108 _____ () C:\Users\Hightorque UK\Documents\CausemannInv140814.zip
2014-09-02 10:47 - 2014-09-02 10:47 - 00000000 ____D () C:\Users\Hightorque UK\Documents\CausemannInv140814
2014-09-01 11:10 - 2014-09-09 12:14 - 00000000 ____D () C:\Users\Hightorque UK\Calibre Library
2014-09-01 11:02 - 2014-09-01 11:02 - 00000285 _____ () C:\Users\Hightorque UK\Desktop\New Volume (N) - Shortcut.lnk
2014-09-01 11:02 - 2014-09-01 11:02 - 00000186 _____ () C:\Users\Hightorque UK\Desktop\HD-PCU2 (M) - Shortcut.lnk
2014-09-01 10:10 - 2014-09-01 10:10 - 00000285 _____ () C:\Users\Hightorque UK\Desktop\New Volume (K) - Shortcut.lnk
2014-08-31 13:06 - 2014-08-31 13:06 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Gruss Software Ltd
2014-08-31 12:56 - 2014-08-31 12:56 - 00001668 _____ () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\The Staking Machine V5.0.lnk
2014-08-31 12:56 - 2014-08-31 12:56 - 00001644 _____ () C:\Users\Hightorque UK\Desktop\The Staking Machine V5.0.lnk
2014-08-31 12:56 - 2014-08-31 12:56 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Staking Machine V5.0
2014-08-28 15:03 - 2014-08-28 15:03 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-28 09:58 - 2014-09-11 17:24 - 00000432 _____ () C:\Windows\Tasks\Disc C Image xml.job
2014-08-28 09:36 - 2014-08-28 09:36 - 00000000 ____D () C:\Sage Line 50 Backups
2014-08-28 09:24 - 2014-08-28 09:23 - 00002685 _____ () C:\Users\Hightorque UK\Desktop\Labels undelivered 65 labels per sheet - Shortcut.lnk
2014-08-28 09:22 - 2014-08-28 09:21 - 00002544 _____ () C:\Users\Hightorque UK\Desktop\14 labels per sheet - Shortcut.lnk
2014-08-28 09:02 - 2014-08-28 09:02 - 00205562 _____ () C:\Users\Hightorque UK\Documents\TheConfessionsofLadyBeatrice.zip
2014-08-28 08:26 - 2012-11-07 08:34 - 01308304 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTWlanU.sys
2014-08-28 07:22 - 2014-08-28 07:23 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Reflect
2014-08-27 20:29 - 2014-06-26 23:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-27 20:29 - 2014-06-26 23:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-27 20:29 - 2014-06-26 23:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-27 20:26 - 2014-06-06 05:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-27 19:31 - 2014-08-23 02:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 19:31 - 2014-08-23 00:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 18:54 - 2014-06-02 11:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-27 18:54 - 2014-06-02 11:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-27 18:54 - 2014-06-02 11:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-27 18:54 - 2014-06-02 11:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-27 18:54 - 2014-06-02 09:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-27 18:54 - 2014-04-26 17:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-27 18:53 - 2014-07-08 01:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-27 18:53 - 2014-06-14 01:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-27 18:53 - 2014-06-14 01:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-27 18:53 - 2014-06-06 09:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-27 18:53 - 2014-04-05 04:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-27 18:53 - 2014-04-05 02:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-08-27 18:52 - 2014-05-30 07:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-27 18:52 - 2014-03-10 02:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-27 18:52 - 2014-03-10 02:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-27 17:33 - 2014-08-27 17:33 - 02016040 _____ (Driver Manager) C:\Users\Hightorque UK\Downloads\DriverManager.exe
2014-08-27 17:32 - 2014-08-27 17:32 - 00000000 ____D () C:\ProgramData\Driver Support
2014-08-27 17:31 - 2014-08-27 17:31 - 02002024 _____ (PC Drivers Headquarters, LP) C:\Users\Hightorque UK\Downloads\DriverSupport.exe
2014-08-27 16:11 - 2014-08-27 16:11 - 00000868 _____ () C:\Users\Hightorque UK\Desktop\Reflect - Shortcut.lnk
2014-08-27 16:06 - 2014-08-27 16:06 - 00001868 _____ () C:\Users\Public\Desktop\Reflect.lnk
2014-08-27 16:06 - 2014-08-27 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2014-08-27 16:06 - 2014-08-27 16:06 - 00000000 ____D () C:\Program Files\Macrium
2014-08-27 16:03 - 2014-08-27 16:07 - 00830084 _____ () C:\Reflect_Install.log
2014-08-27 16:01 - 2014-08-27 16:02 - 49549264 _____ (Paramount Software UK Ltd) C:\Users\Hightorque UK\Downloads\reflect_setup_free_x86.exe
2014-08-27 13:43 - 2014-08-27 13:43 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-12 10:03 - 2014-09-11 08:03 - 00080802 _____ () C:\Users\Hightorque UK\Desktop\FRST3.txt
2014-09-12 10:02 - 2014-05-20 14:03 - 00000000 ____D () C:\FRST
2014-09-12 10:02 - 2009-12-14 17:28 - 00000422 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1187167D-694A-4D97-9748-C1A6B331311F}.job
2014-09-12 09:56 - 2014-04-11 07:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-12 09:37 - 2009-10-23 07:42 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-12 09:34 - 2009-10-20 13:11 - 00000000 ____D () C:\Shared Folder Hightorque Vista
2014-09-12 09:34 - 2009-10-14 10:14 - 00000000 ____D () C:\ProgramData\Dl_cats
2014-09-12 09:29 - 2009-10-08 19:25 - 01130814 _____ () C:\Windows\WindowsUpdate.log
2014-09-12 08:33 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-12 08:33 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-12 07:18 - 2014-05-18 22:30 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 07:09 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-12 06:36 - 2009-10-13 14:57 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-12 06:34 - 2009-10-23 07:42 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-12 06:33 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-11 23:14 - 2006-11-02 14:01 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-11 23:13 - 2009-10-13 11:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 23:10 - 2013-07-29 22:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 22:53 - 2014-02-18 11:17 - 00001788 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-11 22:53 - 2014-02-18 11:11 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-11 22:53 - 2006-11-02 11:24 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-11 22:52 - 2014-02-18 11:16 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-11 22:45 - 2006-11-02 11:33 - 00745788 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 22:39 - 2006-11-02 13:52 - 01079289 _____ () C:\Windows\setupact.log
2014-09-11 19:26 - 2006-11-02 14:00 - 07842292 _____ () C:\Windows\PFRO.log
2014-09-11 17:24 - 2014-08-28 09:58 - 00000432 _____ () C:\Windows\Tasks\Disc C Image xml.job
2014-09-11 14:52 - 2010-07-26 13:46 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\vlc
2014-09-11 14:24 - 2014-06-04 11:21 - 00000000 ____D () C:\Users\Hightorque UK\.FBReader
2014-09-11 12:44 - 2014-09-05 15:21 - 00002065 _____ () C:\Users\Hightorque UK\Desktop\Betting Assistant.lnk
2014-09-11 08:03 - 2014-09-11 08:01 - 00047433 _____ () C:\Users\Hightorque UK\Desktop\Addition3.txt
2014-09-11 08:01 - 2014-09-11 07:56 - 00104728 _____ () C:\Users\Hightorque UK\Desktop\FRST2.txt
2014-09-11 07:56 - 2014-09-09 13:36 - 00104532 _____ () C:\Users\Hightorque UK\Desktop\FRST1.txt
2014-09-10 18:46 - 2014-09-10 16:00 - 00000000 ____D () C:\AdwCleaner
2014-09-10 16:03 - 2014-09-10 16:03 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-09-10 16:03 - 2009-10-13 11:03 - 00000000 ____D () C:\Users\Hightorque UK
2014-09-10 15:16 - 2014-09-10 15:16 - 00005696 _____ () C:\Users\Hightorque UK\Desktop\JRT.txt
2014-09-10 14:44 - 2014-09-10 14:44 - 01370467 _____ () C:\Users\Hightorque UK\Desktop\AdwCleaner.exe
2014-09-10 14:43 - 2014-09-10 14:43 - 01016261 _____ (Thisisu) C:\Users\Hightorque UK\Desktop\JRT.exe
2014-09-10 14:10 - 2014-09-10 14:10 - 00042713 _____ () C:\Users\Hightorque UK\Documents\Favorite Places HT USA.pfc
2014-09-10 13:56 - 2014-04-11 07:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 13:56 - 2014-04-11 07:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-09 15:35 - 2014-09-09 15:35 - 00284133 _____ () C:\Users\Hightorque UK\Documents\Favorite Places HT copy.pfc
2014-09-09 15:31 - 2014-09-09 15:31 - 00284133 _____ () C:\Users\Hightorque UK\Documents\Favorite Places HT.pfc
2014-09-09 15:22 - 2014-09-09 15:11 - 00236381 _____ () C:\Users\Hightorque UK\Downloads\Favourite Places.pfc
2014-09-09 15:09 - 2014-09-09 15:09 - 00033308 _____ () C:\Users\Hightorque UK\Documents\Favorite Places MIA.pfc
2014-09-09 15:00 - 2014-09-09 15:00 - 00000323 _____ () C:\Users\Hightorque UK\Desktop\Reflect image - Shortcut.lnk
2014-09-09 13:43 - 2014-09-09 13:39 - 00051984 _____ () C:\Users\Hightorque UK\Desktop\Addition1.txt
2014-09-09 13:35 - 2014-09-09 13:35 - 01097728 _____ (Farbar) C:\Users\Hightorque UK\Desktop\FRST.exe
2014-09-09 12:24 - 2014-09-09 12:24 - 00000473 _____ () C:\Users\Hightorque UK\Desktop\Backups - Shortcut.lnk
2014-09-09 12:14 - 2014-09-01 11:10 - 00000000 ____D () C:\Users\Hightorque UK\Calibre Library
2014-09-09 10:16 - 2014-09-09 10:16 - 00000513 _____ () C:\Users\Hightorque UK\Desktop\Shared Folder Hightorque Vista - Shortcut.lnk
2014-09-07 08:34 - 2014-09-07 08:34 - 00000656 _____ () C:\Users\Hightorque UK\Desktop\Calibre Library - Shortcut.lnk
2014-09-05 16:51 - 2009-10-13 14:50 - 00057344 _____ () C:\Users\Hightorque UK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-05 16:44 - 2011-02-09 09:04 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\CrashDumps
2014-09-05 15:21 - 2014-09-05 15:21 - 00001916 _____ () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betting Assistant.lnk
2014-09-04 06:45 - 2009-10-13 14:05 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Local\Adobe
2014-09-03 07:52 - 2014-02-22 12:59 - 00001933 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-02 15:25 - 2014-09-02 15:24 - 00000000 ___HD () C:\Program Files\Temp
2014-09-02 15:20 - 2014-09-02 15:19 - 111172669 _____ (Realtek Semiconductor Corp.) C:\Users\Hightorque UK\Downloads\32bit_Win7_Win8_Win81_R275.exe
2014-09-02 14:11 - 2014-09-02 13:22 - 00000000 ____D () C:\Users\Hightorque UK\Documents\IV140811HDE
2014-09-02 14:11 - 2011-04-30 09:39 - 00000000 ____D () C:\Users\Hightorque UK\Desktop\XL files
2014-09-02 13:22 - 2014-09-02 13:22 - 00007503 _____ () C:\Users\Hightorque UK\Documents\IV140811HDE.zip
2014-09-02 10:47 - 2014-09-02 10:47 - 00131108 _____ () C:\Users\Hightorque UK\Documents\CausemannInv140814.zip
2014-09-02 10:47 - 2014-09-02 10:47 - 00000000 ____D () C:\Users\Hightorque UK\Documents\CausemannInv140814
2014-09-01 17:36 - 2013-03-17 08:11 - 00000000 ____D () C:\Program Files\TSMV5
2014-09-01 11:02 - 2014-09-01 11:02 - 00000285 _____ () C:\Users\Hightorque UK\Desktop\New Volume (N) - Shortcut.lnk
2014-09-01 11:02 - 2014-09-01 11:02 - 00000186 _____ () C:\Users\Hightorque UK\Desktop\HD-PCU2 (M) - Shortcut.lnk
2014-09-01 11:02 - 2011-02-21 12:21 - 00000285 _____ () C:\Users\Hightorque UK\Desktop\New Volume (L) - Shortcut.lnk
2014-09-01 10:10 - 2014-09-01 10:10 - 00000285 _____ () C:\Users\Hightorque UK\Desktop\New Volume (K) - Shortcut.lnk
2014-09-01 09:59 - 2014-02-17 15:05 - 00000000 ____D () C:\Users\Hightorque UK\Documents\My Kindle Content
2014-09-01 06:36 - 2013-08-20 07:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-08-31 13:06 - 2014-08-31 13:06 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Gruss Software Ltd
2014-08-31 12:56 - 2014-08-31 12:56 - 00001668 _____ () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\The Staking Machine V5.0.lnk
2014-08-31 12:56 - 2014-08-31 12:56 - 00001644 _____ () C:\Users\Hightorque UK\Desktop\The Staking Machine V5.0.lnk
2014-08-31 12:56 - 2014-08-31 12:56 - 00000000 ____D () C:\Users\Hightorque UK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Staking Machine V5.0
2014-08-30 10:06 - 2009-10-25 10:06 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Turbo Lister Backup
2014-08-29 08:24 - 2009-10-13 11:03 - 00201680 _____ () C:\Users\Hightorque UK\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-29 08:19 - 2006-11-02 13:47 - 00786792 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 15:03 - 2014-08-28 15:03 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-28 14:39 - 2014-04-15 13:00 - 00000000 ____D () C:\Program Files\M-Downloader
2014-08-28 13:36 - 2009-10-08 19:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-28 12:20 - 2009-10-27 11:44 - 00000000 ____D () C:\Old Backup File
2014-08-28 09:36 - 2014-08-28 09:36 - 00000000 ____D () C:\Sage Line 50 Backups
2014-08-28 09:23 - 2014-08-28 09:24 - 00002685 _____ () C:\Users\Hightorque UK\Desktop\Labels undelivered 65 labels per sheet - Shortcut.lnk
2014-08-28 09:21 - 2014-08-28 09:22 - 00002544 _____ () C:\Users\Hightorque UK\Desktop\14 labels per sheet - Shortcut.lnk
2014-08-28 09:12 - 2011-03-31 13:00 - 00000000 ____D () C:\ProgramData\CrashPlan
2014-08-28 09:02 - 2014-08-28 09:02 - 00205562 _____ () C:\Users\Hightorque UK\Documents\TheConfessionsofLadyBeatrice.zip
2014-08-28 07:23 - 2014-08-28 07:22 - 00000000 ____D () C:\Users\Hightorque UK\Documents\Reflect
2014-08-28 07:19 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-08-28 06:59 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-27 17:33 - 2014-08-27 17:33 - 02016040 _____ (Driver Manager) C:\Users\Hightorque UK\Downloads\DriverManager.exe
2014-08-27 17:32 - 2014-08-27 17:32 - 00000000 ____D () C:\ProgramData\Driver Support
2014-08-27 17:31 - 2014-08-27 17:31 - 02002024 _____ (PC Drivers Headquarters, LP) C:\Users\Hightorque UK\Downloads\DriverSupport.exe
2014-08-27 16:45 - 2009-10-08 19:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-27 16:33 - 2010-06-07 07:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-27 16:11 - 2014-08-27 16:11 - 00000868 _____ () C:\Users\Hightorque UK\Desktop\Reflect - Shortcut.lnk
2014-08-27 16:07 - 2014-08-27 16:03 - 00830084 _____ () C:\Reflect_Install.log
2014-08-27 16:06 - 2014-08-27 16:06 - 00001868 _____ () C:\Users\Public\Desktop\Reflect.lnk
2014-08-27 16:06 - 2014-08-27 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2014-08-27 16:06 - 2014-08-27 16:06 - 00000000 ____D () C:\Program Files\Macrium
2014-08-27 16:02 - 2014-08-27 16:01 - 49549264 _____ (Paramount Software UK Ltd) C:\Users\Hightorque UK\Downloads\reflect_setup_free_x86.exe
2014-08-27 14:42 - 2009-10-21 09:58 - 00000000 ____D () C:\Logos & Flags
2014-08-27 13:43 - 2014-08-27 13:43 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-08-27 13:24 - 2009-10-08 21:21 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-08-27 13:15 - 2009-10-14 10:24 - 00001356 _____ () C:\Users\Hightorque UK\AppData\Local\d3d9caps.dat
2014-08-23 02:03 - 2014-08-27 19:31 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 00:26 - 2014-08-27 19:31 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-15 15:51 - 2014-09-11 23:13 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 15:42 - 2014-09-11 23:13 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 15:42 - 2014-09-11 23:13 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 15:37 - 2014-09-11 23:13 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 15:37 - 2014-09-11 23:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 15:36 - 2014-09-11 23:13 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 15:35 - 2014-09-11 23:13 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 15:35 - 2014-09-11 23:13 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-15 15:35 - 2014-09-11 23:13 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 15:35 - 2014-09-11 23:13 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 15:35 - 2014-09-11 23:13 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 15:35 - 2014-09-11 23:13 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-15 15:35 - 2014-09-11 23:13 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 15:35 - 2014-09-11 23:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 15:35 - 2014-09-11 23:13 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 15:35 - 2014-09-11 23:13 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-15 15:34 - 2014-09-11 23:13 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 15:34 - 2014-09-11 23:13 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 15:34 - 2014-09-11 23:13 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 15:34 - 2014-09-11 23:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-15 15:34 - 2014-09-11 23:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
Files to move or delete:
====================
C:\Users\Hightorque UK\BOIE9_ENUS_BO0085_VIS.EXE
C:\Users\Hightorque UK\CTX.DAT
C:\Users\Hightorque UK\is360setup.exe
C:\Users\Hightorque UK\Nero-11.2.00600.exe
C:\Users\Hightorque UK\safe2012int_nero.exe
C:\Users\Hightorque UK\TomTomHOME2winlatest.exe
C:\Users\Hightorque UK\TomTomHOME2winlatest_1.exe
C:\Users\Hightorque UK\TuneUpUtilities2012-multilingual.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
and Additions
Error: (09/11/2014 10:39:55 PM) (Source: Microsoft-Windows-DriverFrameworks-UserMode) (EventID: 10101) (User: NT AUTHORITY)
Description: 3758096899
Error: (09/11/2014 07:28:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
Error: (09/11/2014 05:24:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Software Licensing11200001Restart the service
Error: (09/11/2014 05:24:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restart the service
Error: (09/11/2014 05:24:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Media Player Network Sharing Service1300001Restart the service
Error: (09/11/2014 05:24:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: AOL Connectivity Service1
Error: (09/11/2014 05:24:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Intel® Matrix Storage Event Monitor1
Error: (09/11/2014 05:24:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Live ID Sign-in Assistant1100001Restart the service
Error: (09/11/2014 05:24:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: TomTomHOMEService1
Microsoft Office Sessions:
=========================
Error: (03/24/2014 10:05:01 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/25/2013 08:47:05 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2382 seconds with 900 seconds of active time. This session ended with a crash.
Error: (04/01/2012 11:15:00 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4386 seconds with 540 seconds of active time. This session ended with a crash.
Error: (02/13/2012 03:06:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 16733 seconds with 720 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-09-12 10:03:49.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-12 10:03:48.777
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-12 10:03:46.992
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-12 10:03:45.893
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-12 10:03:44.890
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-12 10:03:43.925
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-12 10:03:15.438
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-12 10:03:14.436
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-12 10:03:13.832
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-09-12 10:03:13.213
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 68%
Total physical RAM: 3036.26 MB
Available physical RAM: 951.33 MB
Total Pagefile: 6280.65 MB
Available Pagefile: 3585.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1929.89 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:288.01 GB) (Free:140.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.49 GB) NTFS
Drive k: (New Volume) (Fixed) (Total:298.09 GB) (Free:167.04 GB) NTFS
Drive l: (New Volume) (Fixed) (Total:111.79 GB) (Free:37.2 GB) NTFS
Drive m: (HD-PCU2) (Fixed) (Total:931.28 GB) (Free:646.34 GB) FAT32
Drive n: (New Volume) (Fixed) (Total:298.09 GB) (Free:204.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 08000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=288 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: F63BD740)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: F908A936)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (Size: 111.8 GB) (Disk ID: 5B6AC646)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: A319272F)
Partition 1: (Active) - (Size=931.5 GB) - (Type=0B)
==================== End Of Log ============================
Cheers
Ian 
#21
Posted 12 September 2014 - 03:43 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Please paste the addition logfile once more, it looks like slashed
Cheers,
Naat
#22
Posted 12 September 2014 - 04:01 AM
Geekimnot
- Topic Starter
-
- Member
-
- 280 posts
Member
It looks like the file was interrupted, should I run it again?
I have two Additions files
Here is the other
Cheers
Ian
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-09-2014
Ran by Hightorque UK at 2014-09-12 10:04:39
Running from C:\Users\Hightorque UK\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
001 Joiner (HKLM\...\001Joiner_is1) (Version: 1.0.2 - Silvermaine 2000)
7-Zip 4.57 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AOL Broadband Toolbar (HKLM\...\AOL Broadband Toolbar) (Version: - )
AOL Registration (HKLM\...\AOL Regclient) (Version: - )
AOL Toolbar (HKCU\...\AOL Toolbar) (Version: - )
AOL Toolbar (HKLM\...\AOL Toolbar) (Version: - AOL Inc.)
AOL Toolbar for Firefox (HKLM\...\AOL Toolbar for Firefox) (Version: 5.13.6.2 - AOL LLC)
AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - AOL Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian FLV Player (HKLM\...\Applian FLV Player2.0.24) (Version: 2.0.24 - Applian Technologies Inc.)
Betting Assistant (HKLM\...\{BC86ABDF-8148-44B3-8105-4AE9DDBFDCB6}) (Version: 1.0.64 - Gruss Software Ltd)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
calibre (HKLM\...\{39509A2F-C63C-404E-A4DC-7E6D4FCB6D66}) (Version: 1.39.0 - Kovid Goyal)
CleanUp! (HKLM\...\CleanUp!) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CryptoPrevent v4.3.2 (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{1A6D9B5E-9BAB-4141-85BA-2C6552FA7913}) (Version: 1.0.1 - Dell, Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.1.08060 - Dell)
Dell V305 (HKLM\...\Dell V305) (Version: - Dell, Inc.)
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diagnostics32 (HKLM\...\{36EEFD4F-E34C-4491-B04A-DB8F85C3A021}) (Version: 1.0.0 - Dell, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10043 (Build 2489) - Speedbit Ltd.)
EMCO MoveOnBoot 2.3 (HKLM\...\{52AF109C-08DC-460D-AA8C-74A71EEEA2BE}) (Version: 2.3.4.3509 - EMCO Software)
Everything 1.2.1.371 (HKLM\...\Everything) (Version: - )
FBReader for Windows (HKLM\...\FBReader for Windows) (Version: - )
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
High-Definition Video Playback (Version: 11.1.11100.4.196 - Nero AG) Hidden
Inkjet Toolbox (Version: 1.0.0 - Dell, Inc.) Hidden
Install (Version: 1.0.0 - Dell, Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.3.7149 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MEO Encryption Software (HKLM\...\Meo) (Version: 2.17 - NCH Software)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (HKLM\...\{61BEA823-ECAF-49F1-8378-A59B3B8AD247}) (Version: 2.1.54.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Publishing Wizard 1.5 (HKLM\...\WebPost) (Version: - )
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 11 (HKLM\...\{810B7362-6B05-4714-AF6A-EF3A20CCD634}) (Version: 11.2.00600 - Nero AG)
Nero 11 Cliparts (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Disc Menus Basic (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Effects Basic (Version: 11.0.11400.14.0 - Nero AG) Hidden
Nero 11 Image Samples (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 PiP Effects Basic (Version: 11.0.11400.14.0 - Nero AG) Hidden
Nero 11 Video Samples (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp 11 (Version: 6.2.18400.2.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG)
Nero Burning ROM 11 (Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (Version: 11.0.12700.0.27 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (Version: 11.0.16300.1.23 - Nero AG) Hidden
Nero CoverDesigner 11 (Version: 6.0.11000.13.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero Express 11 (Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Express 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero Kwik Media (Version: 1.10.24800.146.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (Version: 11.0.10200 - Nero AG) Hidden
Nero Recode 11 (Version: 5.2.10900.0.0 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (Version: 11.0.10600 - Nero AG) Hidden
Nero RescueAgent 11 (Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.11500.1.5 - Nero AG) Hidden
Nero SoundTrax 11 (Version: 5.0.10700.6.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
Nero Update (Version: 11.0.11500.28.0 - Nero AG) Hidden
Nero Video 11 (Version: 8.2.15700.3.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero WaveEditor 11 (Version: 6.2.11300.0.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (Version: 11.0.10400 - Nero AG) Hidden
nero.prerequisites.msi (Version: 11.0.20010 - Nero AG) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PCL-W300 Capture (HKLM\...\PCL-W300 Capture) (Version: - )
Pubs (Version: 1.0.0 - Dell, Inc.) Hidden
Rapport (Version: 3.5.1403.67 - Trusteer) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
Realtek Ethernet Network Card Diagnostic tool for Windows Vista (HKLM\...\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}) (Version: 1.00 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RTC Client API v1.2 (HKLM\...\{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)
Sage Line 50 6.0 (HKLM\...\Sage Line 50 6.0) (Version: - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Serif PagePlus 5.0 (HKLM\...\Serif PagePlus 5.0) (Version: - )
Serif WebPlus 9.0 (HKLM\...\{4493E86C-1408-4AF6-8455-0744D25CD355}) (Version: 9.00 - Serif)
Serif WebPlus 9.0 Resource CD-ROM (HKLM\...\{80BFAC4A-59FA-4E3D-8FD7-CFA8F5B227CB}) (Version: 9.0 - Serif)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartStamp (HKLM\...\InstallShield_{DF0102B1-4E96-4953-8625-E73CEBC491E9}) (Version: 1.0.0 - Royal Mail Group plc)
SmartStamp (Version: 1.0.0 - Royal Mail Group plc) Hidden
SoftwareWatcher bundle (HKLM\...\SoftwareWatcher bundle) (Version: 2.0.0.3 - SoftwareWatcher)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Striata Reader (HKLM\...\{13d868cf-47e9-4b3d-9366-a0c60f82e5aa}) (Version: 2.9-1 - Striata Communication Solutions)
The Staking Machine V3.0 (HKLM\...\The Staking Machine V3.0) (Version: 3.0.0.0 - 1Million Ltd)
The Staking Machine V4.0 (HKLM\...\The Staking Machine V4.0) (Version: 5.0.0.0 - 1Million Ltd)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1403.67 - Trusteer)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
VLC media player 1.0.2 (HKLM\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
Welcome App (Start-up experience) (Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Internet Explorer Platform Preview (HKLM\...\{38700C90-0536-4240-8B08-3F83E2CD8AAD}) (Version: 1.9.7916.6000 - Microsoft Corporation)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinTopo (HKLM\...\WinTopo) (Version: - )
Wireless Setup Utility 32 (Version: 1.0.0 - Dell, Inc.) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{1780ADA5-3A29-3585-A9FF-40C8186BE344}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{19EABA9F-F6A6-3819-823A-2686E2A9312D}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{2A0C2A39-A9EF-3DBE-911A-6D0B4DF94D04}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{38952F1E-F6A7-3306-9326-E7DB4C2E9568}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{3AF2C83F-13AF-3F62-AC52-A975EB2B88FC}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 -> C:\Program Files\Microsoft Office\Office12\msohevi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{51B41EFD-4425-3B34-9ED9-4400FAB105BD}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{57719D6B-9FE2-397B-8AC1-D3EE59883165}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{73200952-7BF0-35A6-BA4C-AED65FC453D5}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7f\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{85454798-8737-3287-B75D-3B31DC32572C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{9851A417-A10E-3AE3-B75D-1B1041881EE3}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{D8993B26-50F0-3ADC-9C55-010001146949}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3090621729-691808380-2464640456-1000_Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 -> C:\Windows\system32\ieframe.dll (Microsoft Corporation)
==================== Restore Points =========================
01-09-2014 21:43:52 Windows Update
02-09-2014 13:42:25 Windows Update
03-09-2014 06:29:53 Scheduled Checkpoint
04-09-2014 06:32:07 Scheduled Checkpoint
04-09-2014 18:53:49 Windows Update
05-09-2014 05:26:42 Removed Betting Assistant
05-09-2014 05:29:38 Installed Betting Assistant
05-09-2014 14:01:11 Removed Betting Assistant
05-09-2014 14:21:00 Installed Betting Assistant
06-09-2014 06:17:15 Scheduled Checkpoint
07-09-2014 19:23:40 Windows Update
09-09-2014 06:27:51 Scheduled Checkpoint
09-09-2014 18:25:13 Windows Update
11-09-2014 06:27:59 Scheduled Checkpoint
11-09-2014 19:15:52 Scheduled Checkpoint
11-09-2014 21:42:48 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2014-09-09 13:04 - 00003556 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 capitalimonline.com
127.0.0.1 www.verifi-infonet.com
127.0.0.1 www.forsil-srl.com
127.0.0.1 trustedppiclaims.co.uk
127.0.0.1 ftp.signara.org
127.0.0.1 buy-fifa-ultimateteam-coins.com
127.0.0.1 pay.pal-schutz.com
127.0.0.1 swqk3xftx38.h149.pp39dk.com
127.0.0.1 robertoleal.es
127.0.0.1 verifi-infonet.com
127.0.0.1 ssl.paypal.secure.your.billing.information.mytrickworld.com
127.0.0.1 lastminute-ibiza.net
127.0.0.1 myaccount.aol.com.onlineaccounts.upgrade.online.billing.account.update.alcaldiadearaure.gob.ve
127.0.0.1 www.rhnp.org
127.0.0.1 bit.ly
127.0.0.1 www.axisengneering.com
127.0.0.1 www.positive-eft.com
127.0.0.1 hw0vrcfmu0fpd.com
127.0.0.1 www.art3c.com.tw
127.0.0.1 www.kielkoppfest.harzwinter.net
127.0.0.1 www.battle.net-account.asxp.cn.com
127.0.0.1 mgstrategiesstudio.com
127.0.0.1 www.paypal.com.p2jdb5zb17llxg1i.0243cn71m8gjun1.com
127.0.0.1 paypal.com.update.account.toughbook.cl
127.0.0.1 www.lappen-123.no
127.0.0.1 www.paypal-update.visitasgratis.info
127.0.0.1 stromarket.ru
127.0.0.1 www.ocevap.com
There are 61 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {2F2D2C54-F7EC-46C6-A67F-2D3F28C6E296} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-22] (Google Inc.)
Task: {47D18EE0-35CF-4570-BC8F-3373D403048E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4A50572A-CF8D-4E9A-95D6-CAC84D6E8380} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {59FC5BC9-3E1F-4980-A5CB-C4C00F5C9D3C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3090621729-691808380-2464640456-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
Task: {68962189-0BB9-4891-84B5-E2978177D350} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3090621729-691808380-2464640456-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
Task: {71EC043D-342F-4ED2-862D-1CD13E3BDFE5} - System32\Tasks\Hightorque UK NBAgent 6 0 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2012-01-13] (Nero AG)
Task: {75269E49-1E15-475A-81F3-2FF63FF9E4DE} - System32\Tasks\{E2EF4816-8766-4D84-94AA-416C4AF9467C} => Iexplore.exe http://ui.skype.com/...temlevelpresent
Task: {87230141-9D3B-438E-9836-B220607B931C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-22] (Google Inc.)
Task: {8C55CE7E-CE12-484D-9B8C-F1D35FBD3DCA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {9326BFB9-42D9-4193-B36F-9F792DA680A3} - System32\Tasks\Hightorque UK => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2012-01-13] (Nero AG)
Task: {9C9962E2-C803-4F09-8961-0C9403E56DA1} - System32\Tasks\Disc C Image xml => C:\Program Files\Macrium\Reflect\Reflect.exe [2014-08-17] (Paramount Software UK Ltd)
Task: {CE3F09F2-2C80-44CD-8238-426EC6C09CF0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {CE74F5AD-C0B4-4853-B780-398845DCE3A5} - System32\Tasks\{549C7F20-1C4B-47E5-BA35-546CE02E9B97} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {E48A54D6-82A1-4A42-AFE9-883AC5D3BB6C} - System32\Tasks\RtlNICDiagVistaStart => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe [2008-08-19] (Realtek)
Task: {ED8BFA87-27DB-4C65-9591-569E1CCB4780} - System32\Tasks\Hightorque UK Nero LIVEBackup Merge 6 0 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2012-01-13] (Nero AG)
Task: {F8BB0221-6BA4-4869-9BD6-C37CD074EF8C} - System32\Tasks\Hightorque UK Nero LIVEBackup 6 0 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2012-01-13] (Nero AG)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Disc C Image xml.job => C:\Program Files\Macrium\Reflect\Reflect.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{1187167D-694A-4D97-9748-C1A6B331311F}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
#23
Posted 12 September 2014 - 04:03 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
OK, let's continue the hunting 
Scan with ZOEK
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
- Right-click on icon and select Run as Administrator to start the tool.
- Wait patiently until the main console will appear, it may take a minute or two.
- In the main box please paste in the following script:
createsrpoint; [HKU\S-1-5-21-3090621729-691808380-2464640456-1000\Software\Microsoft\Windows\CurrentVersion\Run];e scfg.exe;z C:\Program Files\M-Downloader;v
- Make sure that Scan All Users option is checked.
- Push Run Script and wait patiently. The scan may take a couple of minutes.
- When the scan completes, a zoek-results logfile should open in notepad.
- If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!
#24
Posted 12 September 2014 - 04:27 AM
Geekimnot
- Topic Starter
-
- Member
-
- 280 posts
Member
Hi Naat,
ZOEK log
Computer did not reboot
Cheers
Ian
Zoek.exe v5.0.0.0 Updated 10-September-2014
Tool run by Hightorque UK on 12/09/2014 at 11:12:57.08.
Microsoft® Windows Vista™ Business 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Hightorque UK\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
12/09/2014 11:17:08 Zoek.exe System Restore Point Created Succesfully.
==== Folders Found ======================
==== Files Found ======================
--- C:\Program Files\Windows Media Player\wmpnscfg.exe ---
Company: Microsoft Corporation
File Description: Windows Media Player Network Sharing Service Configuration Application
File Version: 11.0.6000.6324 (vista_rtm.061101-2205)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: WMPNSCFG.EXE.MUI
File type: ----a-w-
File size: 202240
Created time: 2008-01-21 02:25:56
Modified time: 2008-01-21 02:25:56
MD5: 35937EAD711207544E219C2A19A78A7D
SHA1: D1E77BEE2B86F4FC9E144CFE5DEB84C918E2F15B
--- C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui ---
Company: Microsoft Corporation
File Description: Windows Media Player Network Sharing Service Configuration Application
File Version: 11.0.6000.6324 (vista_rtm.061101-2205)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: WMPNSCFG.EXE.MUI
File type: ----a-w-
File size: 3584
Created time: 2006-11-02 12:41:42
Modified time: 2006-11-02 12:41:42
MD5: F057E0F949D24575F72EB17E32B9F3ED
SHA1: CB858C8A550F5FE247C8B93937F24FD3DDE9A1AC
--- C:\Windows\winsxs\x86_microsoft-windows-wmpnss-ux.resources_31bf3856ad364e35_6.0.6000.16386_en-us_be767832283a6a7f\wmpnscfg.exe.mui ---
Company: Microsoft Corporation
File Description: Windows Media Player Network Sharing Service Configuration Application
File Version: 11.0.6000.6324 (vista_rtm.061101-2205)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: WMPNSCFG.EXE.MUI
File type: ----a-w-
File size: 3584
Created time: 2006-11-02 12:41:42
Modified time: 2006-11-02 12:41:42
MD5: F057E0F949D24575F72EB17E32B9F3ED
SHA1: CB858C8A550F5FE247C8B93937F24FD3DDE9A1AC
--- C:\Windows\winsxs\x86_microsoft-windows-wmpnss-ux_31bf3856ad364e35_6.0.6001.18000_none_b7c4c310b976a07a\wmpnscfg.exe ---
Company: Microsoft Corporation
File Description: Windows Media Player Network Sharing Service Configuration Application
File Version: 11.0.6000.6324 (vista_rtm.061101-2205)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: WMPNSCFG.EXE.MUI
File type: ----a-w-
File size: 202240
Created time: 2008-01-21 02:25:56
Modified time: 2008-01-21 02:25:56
MD5: 35937EAD711207544E219C2A19A78A7D
SHA1: D1E77BEE2B86F4FC9E144CFE5DEB84C918E2F15B
==== Folders Found In C:\Program Files\M-Downloader ======================
2014-04-15 12:01:17 d-----w- C:\Program Files\M-Downloader\chrome.pak
2014-04-15 12:01:22 d-----w- C:\Program Files\M-Downloader\Cookies
==== Registry Exports ======================
Registry Key HKU\S-1-5-21-3090621729-691808380-2464640456-1000\Software\Microsoft\Windows\CurrentVersion\Run not found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2511 folders=286 752581073 bytes)
==== EOF on 12/09/2014 at 11:22:40.03 ======================
#25
Posted 12 September 2014 - 04:34 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Scan with ZOEKTemporary disable your AntiVirus and AntiSpyware protection - instructions here.
- Right-click on icon and select Run as Administrator to start the tool.
- Wait patiently until the main console will appear, it may take a minute or two.
- In the main box please paste in the following script:
startupall; C:\Program Files\M-Downloader;vs dir /s /a "C:\Program Files\M-Downloader" >>"%temp%\log.txt";b
- Make sure that Scan All Users option is checked.
- Push Run Script and wait patiently. The scan may take a couple of minutes.
- When the scan completes, a zoek-results logfile should open in notepad.
- If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Don't forget to re-enable your switched-off protection software!
#26
Posted 12 September 2014 - 05:02 AM
Geekimnot
- Topic Starter
-
- Member
-
- 280 posts
Member
Hi,
Zoek results
Computer did not reboot.
I will have to do some work this afternoon, if there are any other programs to run, it will probably be tomorrow.
Cheers
Ian
Zoek.exe v5.0.0.0 Updated 10-September-2014
Tool run by Hightorque UK on 12/09/2014 at 11:46:45.14.
Microsoft® Windows Vista™ Business 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Hightorque UK\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-09-12-102240.log 3586 bytes
==== Batch Command(s) Run By Tool======================
Volume in drive C is OS
Volume Serial Number is C854-A80F
Directory of C:\Program Files\M-Downloader
28/08/2014 14:39 <DIR> .
28/08/2014 14:39 <DIR> ..
15/04/2014 13:01 <DIR> chrome.pak
15/04/2014 13:01 <DIR> Cookies
0 File(s) 0 bytes
Directory of C:\Program Files\M-Downloader\chrome.pak
15/04/2014 13:01 <DIR> .
15/04/2014 13:01 <DIR> ..
0 File(s) 0 bytes
Directory of C:\Program Files\M-Downloader\Cookies
15/04/2014 13:01 <DIR> .
15/04/2014 13:01 <DIR> ..
15/04/2014 13:01 <DIR> User1
0 File(s) 0 bytes
Directory of C:\Program Files\M-Downloader\Cookies\User1
15/04/2014 13:01 <DIR> .
15/04/2014 13:01 <DIR> ..
15/04/2014 13:01 7,168 Cookies
1 File(s) 7,168 bytes
Total Files Listed:
1 File(s) 7,168 bytes
11 Dir(s) 149,167,054,848 bytes free
==== Folders Found In C:\Program Files\M-Downloader ======================
2014-04-15 12:01:17 d-----w- C:\Program Files\M-Downloader\chrome.pak
2014-04-15 12:01:22 d-----w- C:\Program Files\M-Downloader\Cookies
2014-04-15 12:01:22 d-----w- C:\Program Files\M-Downloader\Cookies\User1
==== Files Found In C:\Program Files\M-Downloader ======================
2014-04-15 12:01:59 7168 ----a-w- 81D086FE8203BA50360291E7BE7C9D26 C:\Program Files\M-Downloader\Cookies\User1\Cookies
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
[HKEY_USERS\S-1-5-21-3090621729-691808380-2464640456-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"DownloadAccelerator"="C:\Programs\DAP\DAP.EXE /STARTUP"
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
"DAP10"="C:\Programs\DAP\DAP.EXE /STARTUP"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
"M-Downloader"="C:\Program Files\M-Downloader\Updater.exe"
"AOL Fast Start"="C:\Program Files\AOL Desktop 9.7f\AOL.EXE -b"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"HostManager"="C:\Program Files\Common Files\AOL\1255507870\ee\AOLSoftware.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"OLP-Tray"="C:\PROGRA~1\ROYALM~1\SMARTS~1\BINARY\STRAY.EXE"
"RIMBBLaunchAgent.exe"="C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"NBAgent"="C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe /WinStart"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="C:\Program Files\Real\realplayer\update\realsched.exe -osboot"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"DownloadAccelerator"="C:\Programs\DAP\DAP.EXE /STARTUP"
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
"DAP10"="C:\Programs\DAP\DAP.EXE /STARTUP"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
"M-Downloader"="C:\Program Files\M-Downloader\Updater.exe"
"AOL Fast Start"="C:\Program Files\AOL Desktop 9.7f\AOL.EXE -b"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\dldtamon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dldtamon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Dell V305\\dldtamon.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\dldtmon.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dldtmon.exe"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Dell V305\\dldtmon.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\dscactivate]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dscactivate"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Dell Support Center\\gs_agent\\custom\\dsca.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Everything]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Everything"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Everything\\Everything.exe\" -startup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HotKeysCmds"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\hkcmd.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Persistence"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxpers.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TkBellExe"
"hkey"="HKLM"
"command"="\"c:\\program files\\real\\realplayer\\Update\\realsched.exe\" -osboot"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WMPNSCFG]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WMPNSCFG"
"hkey"="HKCU"
"command"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [10/09/2014 13:56]
C:\Windows\tasks\Disc C Image xml.job --a------ C:\Program Files\Macrium\Reflect\Reflect.exe [17/08/2014 16:55]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22/10/2009 18:30]
C:\Windows\tasks\User_Feed_Synchronization-{1187167D-694A-4D97-9748-C1A6B331311F}.job --ah----- C:\Windows\system32\msfeedssync.exe [15/08/2014 15:34]
==== Other Scheduled Tasks ======================
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\Disc C Image xml" [C:\Program Files\Macrium\Reflect\Reflect.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\Hightorque UK" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe]
"C:\Windows\system32\tasks\Hightorque UK NBAgent 6 0" ["C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe"]
"C:\Windows\system32\tasks\Hightorque UK Nero LIVEBackup 6 0" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe]
"C:\Windows\system32\tasks\Hightorque UK Nero LIVEBackup Merge 6 0" ["C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe"]
"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-3090621729-691808380-2464640456-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-3090621729-691808380-2464640456-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RtlNICDiagVistaStart" [C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{1187167D-694A-4D97-9748-C1A6B331311F}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{9638DF7E-FD6C-4EAC-9E15-0B3D8A44F25F}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\{549C7F20-1C4B-47E5-BA35-546CE02E9B97}" [C:\Program Files\Skype\Phone\Skype.exe]
"C:\Windows\system32\tasks\{E2EF4816-8766-4D84-94AA-416C4AF9467C}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/...temlevelpresent]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2511 folders=286 752581073 bytes)
==== EOF on 12/09/2014 at 11:53:06.60 ======================
#27
Posted 12 September 2014 - 06:40 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Fix with Farbar Recovery Scan Tool
This fix was created for this user for use on that particular machine. Running it on another one may cause damage and render the system unstable.
Press the + R on your keyboard at the same time. Type Notepad and click OK.
- Copy the entire content of the codebox below and paste into the Notepad document:
start Folder: C:\Program Files\M-Downloader end
- Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
- Right-click on icon and select Run as Administrator to start the tool.
> XP users click run after receipt of Windows Security Warning - Open File.
> 8 users will be prompted about Windows SmartScreen protection - click More information and Run. - Press the Fix button just once and wait.
- If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please include it in your reply.
#28
Posted 16 September 2014 - 01:07 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
#29
Posted 16 September 2014 - 01:53 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Re-opened per request. Let's continue
#30
Posted 16 September 2014 - 01:57 AM
Geekimnot
- Topic Starter
-
- Member
-
- 280 posts
Member
OK,
Here is the fixlist log
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-09-2014
Ran by Hightorque UK at 2014-09-16 08:36:31 Run:2
Running from C:\Users\Hightorque UK\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
Folder: C:\Program Files\M-Downloader
end
*****************
========================= Folder: C:\Program Files\M-Downloader ========================
2014-04-15 13:01 - 2014-04-15 13:01 - 0000000 ____D () C:\Program Files\M-Downloader\chrome.pak
2014-04-15 13:01 - 2014-04-15 13:01 - 0000000 ____D () C:\Program Files\M-Downloader\Cookies
2014-04-15 13:01 - 2014-04-15 13:01 - 0000000 ____D () C:\Program Files\M-Downloader\Cookies\User1
2014-04-15 13:01 - 2014-04-15 13:01 - 0007168 _____ () C:\Program Files\M-Downloader\Cookies\User1\Cookies
====== End of Folder: ======
==== End of Fixlog ====
Cheers
Ian
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
