Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

1kb Shortcut within folder [Solved]


  • This topic is locked This topic is locked

#1
xxmaxixx

xxmaxixx

    Member

  • Member
  • PipPipPip
  • 108 posts
My internal and external drives are affected. Not sure if it is a virus or malware. Reappearing despite deleting. Did full scan on malwarebytes but with no infections. Please advice.

Edited by xxmaxixx, 28 January 2014 - 12:01 AM.

  • 0

Advertisements


#2
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hi
:welcome: . I'm Michael and I'm going to help you fix your computer :)

Note: Before we start the process you should:
  • POST your logs, don't attach them, as it makes it harder to read. Also please don't edit any log in any case
  • Disable ANY programs that offer real-time protection features while executing my instructions. That includes your antivirus, antispyware, windows defender or any other program that offers protection. When you're clean or waiting for my next set of instructions, re-enable them .If you need any help disabling them, ask.
  • Topics that are idle for 4 days after I post instructions will be closed, unless I'm notified of the delay.
  • Last, as most of the tools we use here need administrative rights in order to function properly, I expect that you will be running them from an administrator account.

What's the name of the shortcut?

Posted Image OTL Custom Scan
  • Download OTL to your Desktop
  • Double click on the Posted Image icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top, make sure Stadard output is selected.
  • Select Scan all users
  • Under Extra Registry select Use Safelist
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scans/Fixes box copy and paste this in:

    netsvcs
    %SYSTEMDRIVE%\*.exe
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    services.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    HKCU\software\classes\clsid|{} /rs
    HKLM\software\classes\clsid|{} /rs
    HKCR\CLSID\{} /rs
    C:\{}. /s
    CREATERESTOREPOINT

  • Click the Posted Image button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt and Extras.txt in Notepad windows.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them with your next reply.



Next:

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

Also in Desktop there should be a file called MBR.dat after that, zip it and then attach it here :thumbsup:
  • 0

#3
xxmaxixx

xxmaxixx

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
What's the name of the shortcut?
Downloads, Hot, Movies, My Games, My Pictures and My Videos.
OTL logfile created on: 2/5/2014 7:57:52 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ulysses\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 12.44 Gb Available Physical Memory | 77.95% Memory free
31.90 Gb Paging File | 28.16 Gb Available in Paging File | 88.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.37 Gb Total Space | 39.67 Gb Free Space | 16.64% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 4.66 Gb Free Space | 0.50% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 69.61 Gb Free Space | 7.47% Space Free | Partition Type: NTFS
Drive Z: | 465.76 Gb Total Space | 125.76 Gb Free Space | 27.00% Space Free | Partition Type: NTFS

Computer Name: ULYSSES-PC | User Name: Ulysses | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/05 07:57:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ulysses\Downloads\Programs\OTL.exe
PRC - [2014/01/21 10:56:25 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/01/21 10:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/12/20 16:45:32 | 000,807,696 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013/12/20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2013/12/20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2013/12/20 16:43:44 | 000,367,376 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2013/12/20 16:43:34 | 000,261,392 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2013/12/20 16:43:30 | 000,377,616 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2013/12/20 13:10:08 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/13 18:00:19 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/11/28 19:12:40 | 004,580,256 | ---- | M] (Samsung Electronics.) -- C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
PRC - [2013/11/16 19:27:16 | 000,900,440 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ulysses\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/08/14 07:59:52 | 005,537,136 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2013/07/10 14:23:10 | 001,694,080 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
PRC - [2013/06/20 17:56:56 | 003,604,048 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2013/05/30 11:40:32 | 000,122,984 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2013/05/30 11:36:38 | 000,016,000 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
PRC - [2012/12/12 21:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2012/10/10 13:32:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/10/10 13:31:28 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/10/10 13:31:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/10/10 13:31:27 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2012/09/27 16:08:08 | 000,989,352 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012/09/27 16:04:44 | 001,087,648 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012/09/27 16:02:40 | 001,279,120 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2012/08/20 13:43:20 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2012/08/08 18:17:52 | 003,101,056 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
PRC - [2012/08/07 13:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/08/01 16:39:04 | 001,112,064 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/07/23 16:34:28 | 001,190,400 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
PRC - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/01 17:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/06/01 17:42:18 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2012/05/25 12:12:57 | 001,475,744 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
PRC - [2012/05/21 00:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/05/03 12:17:36 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2012/04/13 12:19:00 | 000,138,032 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2012/04/13 12:18:58 | 001,645,360 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Acer Display\eDisplay Management\dthtml.exe
PRC - [2012/04/13 11:32:10 | 000,113,456 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/02/02 15:20:32 | 000,889,984 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
PRC - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/02/01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2010/11/21 11:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
PRC - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
PRC - [2010/04/12 16:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE


========== Modules (No Company Name) ==========

MOD - [2014/01/19 21:17:36 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\61cc4898fcd0b96a990e2751cbfdfa38\HD-Agent.ni.exe
MOD - [2014/01/19 21:17:30 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\6228b782a5fd3efaccdb2af0f7f1183e\JSON.ni.dll
MOD - [2013/12/20 13:10:08 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/11/28 19:00:00 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SMINI.dll
MOD - [2013/11/28 18:59:54 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SATA.dll
MOD - [2013/11/28 18:59:50 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAT.dll
MOD - [2013/11/28 18:59:24 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAS.dll
MOD - [2013/11/28 18:59:20 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\PAL.dll
MOD - [2013/11/28 12:14:32 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll
MOD - [2013/10/11 09:20:51 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\10ef07233e429503b5bc942aa6194fe8\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/10/11 09:20:51 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\46863d4abf7db3e009962abc8710c945\System.Runtime.Remoting.ni.dll
MOD - [2013/10/11 09:20:50 | 002,659,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
MOD - [2013/10/11 09:20:46 | 001,837,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ce9a2e0e508484f2ccc43194945cfae4\Microsoft.VisualBasic.ni.dll
MOD - [2013/10/11 08:58:26 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/11 08:58:17 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/11 08:58:15 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/10 17:42:02 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll
MOD - [2013/10/10 17:41:55 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll
MOD - [2013/10/10 17:41:53 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll
MOD - [2013/10/10 17:41:52 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2013/10/10 17:41:50 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll
MOD - [2013/10/10 17:41:49 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013/09/13 08:09:42 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiagnostics.ni.dll
MOD - [2013/09/13 08:09:31 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/09/13 08:08:02 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\45581138b36fd338c87813390775b65f\IAStorCommon.ni.dll
MOD - [2013/09/13 08:07:55 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013/09/13 08:07:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013/09/13 08:07:50 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\591b99d5681c59ed6c5e9544d7def0ea\IAStorUtil.ni.dll
MOD - [2013/09/13 08:07:46 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/09/13 08:07:37 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/09/13 08:07:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/09/13 08:07:32 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/09/12 23:33:45 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/09/12 23:33:45 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll
MOD - [2013/09/12 23:32:52 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/09/12 23:32:45 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/09/12 23:32:42 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2012/08/08 16:45:52 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
MOD - [2012/07/31 15:21:32 | 000,152,064 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
MOD - [2012/07/25 09:56:42 | 001,124,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2012/07/05 12:05:48 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2012/06/19 12:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/05/28 21:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012/05/25 10:33:10 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/05/17 18:57:12 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2012/04/13 12:18:54 | 000,121,648 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2012/04/13 11:56:12 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2012/03/21 12:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/02/10 11:29:44 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/08/23 10:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
MOD - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/21 10:55:35 | 016,939,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/05/27 13:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/09 02:30:42 | 000,359,664 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/01/25 16:59:31 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/21 10:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/12/20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013/12/20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013/12/20 13:10:08 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/05/30 11:36:38 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/10/10 13:32:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/10/10 13:31:34 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/10/10 13:31:29 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012/10/10 13:31:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/10/10 13:31:27 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/01 17:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/06/01 17:42:18 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2012/05/25 12:12:57 | 001,475,744 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/04/13 12:19:00 | 000,138,032 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2012/04/13 11:32:10 | 000,113,456 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/28 02:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/28 21:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/05/25 23:00:14 | 000,168,288 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2013/01/03 16:17:48 | 000,043,400 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2013/01/03 16:17:38 | 000,077,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/01/03 16:17:38 | 000,061,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/10/10 14:05:29 | 000,140,936 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avfwot.sys -- (avfwot)
DRV:64bit: - [2012/10/10 14:05:29 | 000,114,168 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avfwim.sys -- (avfwim)
DRV:64bit: - [2012/09/27 13:59:38 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/09/27 13:59:38 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/09/27 13:59:38 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/08/23 22:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 22:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 22:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/20 10:38:12 | 000,416,072 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2012/08/20 10:38:12 | 000,138,568 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 07:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/12 22:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/05/31 11:06:14 | 000,032,400 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012/05/21 00:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/05/21 00:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/05/21 00:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/05/17 18:57:06 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2012/04/13 11:31:32 | 000,020,784 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2012/03/25 17:55:22 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/16 15:12:58 | 000,032,360 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/12 16:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/12/20 16:44:10 | 000,114,448 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=16/12/2013
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/?...ocid=iehp&tc=36
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 11 58 11 39 8C 1A CF 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {1473C9E8-686A-404A-96C9-670502D1B994}
IE - HKCU\..\SearchScopes\{1473C9E8-686A-404A-96C9-670502D1B994}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: DoesAmazonShipTo%40usefulhelper.com:3.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/05/18 16:29:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/12/13 18:00:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/12/13 18:00:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/20 13:10:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Ulysses\AppData\Roaming\IDM\idmmzcc5 [2013/06/24 00:15:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/20 13:10:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Ulysses\AppData\Roaming\IDM\idmmzcc5 [2013/06/24 00:15:10 | 000,000,000 | ---D | M]

[2013/05/13 12:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ulysses\AppData\Roaming\Mozilla\Extensions
[2014/01/12 00:27:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ulysses\AppData\Roaming\Mozilla\Firefox\Profiles\8r4i89sv.default-1389331983214\extensions
[2014/01/12 00:27:06 | 000,005,097 | ---- | M] () (No name found) -- C:\Users\Ulysses\AppData\Roaming\Mozilla\Firefox\Profiles\8r4i89sv.default-1389331983214\extensions\[email protected]
[2013/12/20 13:10:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/20 13:10:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Logitech SetPoint = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0\
CHR - Extension: RealDownloader = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: IDM Integration = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.16.3_0\
CHR - Extension: Google Wallet = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/11 05:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [DT ACR] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe (Portrait Displays, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [googleupdate] "C:\Google\googleupdate.vbs" File not found
O4 - HKCU..\Run: [googleupdate.exe] "C:\Google\googleupdate.vbs" File not found
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log File not found
O4 - HKCU..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O4 - HKCU..\Run: [uTorrent] C:\Users\Ulysses\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://myoffice.smr...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70728077-7349-4EF2-BD1A-0402E611A4FB}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (c:\windows\syswow64\appinit_dll.dll) - c:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/04/06 13:34:25 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2860cd86-25c0-11e3-823d-60a44c6197d9}\Shell - "" = AutoRun
O33 - MountPoints2\{2860cd86-25c0-11e3-823d-60a44c6197d9}\Shell\AutoRun\command - "" = K:\AutoRun.exe
O33 - MountPoints2\{2bbaf712-25bb-11e3-8ddf-60a44c6197d9}\Shell - "" = AutoRun
O33 - MountPoints2\{2bbaf712-25bb-11e3-8ddf-60a44c6197d9}\Shell\AutoRun\command - "" = L:\AutoRun.exe
O33 - MountPoints2\{2bbaf71d-25bb-11e3-8ddf-60a44c6197d9}\Shell - "" = AutoRun
O33 - MountPoints2\{2bbaf71d-25bb-11e3-8ddf-60a44c6197d9}\Shell\AutoRun\command - "" = L:\AutoRun.exe
O33 - MountPoints2\{52bf90ca-ba12-11e2-a17f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{52bf90ca-ba12-11e2-a17f-806e6f6e6963}\Shell\AutoRun\command - "" = D:\DVD-WRITER.exe
O33 - MountPoints2\{8102dbce-b6cc-11e2-8473-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8102dbce-b6cc-11e2-8473-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\OriginInstaller.exe
O34 - HKLM BootExecute: (autocheck autochk /k:C *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/24 13:33:40 | 030,372,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/01/24 13:33:40 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/01/24 13:33:40 | 022,960,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/01/24 13:33:40 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/01/24 13:33:40 | 015,877,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/01/24 13:33:40 | 011,605,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/01/24 13:33:40 | 011,554,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/01/24 13:33:40 | 009,700,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/01/24 13:33:40 | 009,657,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/01/24 13:33:40 | 003,132,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/01/24 13:33:40 | 003,125,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014/01/24 13:33:40 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/01/24 13:33:40 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014/01/24 13:33:40 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433221.dll
[2014/01/24 13:33:40 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2014/01/24 13:33:40 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433221.dll
[2014/01/24 13:33:40 | 001,242,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014/01/24 13:33:40 | 000,882,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/01/24 13:33:40 | 000,879,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/01/24 13:33:40 | 000,852,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/01/24 13:33:40 | 000,847,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/01/24 13:33:40 | 000,479,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014/01/24 13:33:40 | 000,405,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014/01/24 13:33:40 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014/01/24 13:33:40 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014/01/24 13:33:40 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2014/01/24 13:33:40 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014/01/24 13:33:40 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014/01/24 13:33:40 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2014/01/24 12:17:54 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014/01/24 12:17:54 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014/01/19 21:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/01/19 21:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/01/18 09:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/17 16:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2014/01/15 21:28:02 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/15 21:28:02 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/12 23:07:57 | 000,000,000 | ---D | C] -- C:\Users\Ulysses\AppData\Roaming\Malwarebytes
[2014/01/12 23:07:51 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/01/12 23:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/12 23:07:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/12 23:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

========== Files - Modified Within 30 Days ==========

[2014/02/05 07:54:53 | 000,000,606 | ---- | M] () -- C:\Windows\tasks\MATLAB R2013a Startup Accelerator.job
[2014/02/05 07:54:46 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/05 07:54:39 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/02/05 07:54:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/05 07:54:36 | 4257,320,958 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/05 07:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/05 06:51:08 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/05 06:51:08 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/05 06:49:53 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/05 06:49:53 | 000,660,296 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/05 06:49:53 | 000,121,224 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/04 21:22:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/27 21:47:33 | 000,000,810 | ---- | M] () -- C:\ProgramData\ProgramData.lnk
[2014/01/25 16:59:31 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/25 16:59:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/21 10:53:40 | 001,048,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/01/21 10:53:29 | 001,179,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014/01/19 21:19:06 | 000,000,149 | ---- | M] () -- C:\Users\Ulysses\Desktop\ebay.com.sg.URL
[2014/01/19 21:13:21 | 000,001,820 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
[2014/01/19 21:13:20 | 000,001,767 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/01/18 16:21:23 | 000,000,164 | ---- | M] () -- C:\Users\Ulysses\Desktop\myUniSA Home Page.URL
[2014/01/18 09:17:07 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/01/16 00:02:23 | 000,419,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/12 23:07:51 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/12 20:17:04 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2014/01/12 20:11:37 | 000,000,579 | ---- | M] () -- C:\Users\Ulysses\World of Our Own.pls

========== Files Created - No Company Name ==========

[2014/01/24 13:33:40 | 000,357,152 | ---- | C] () -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014/01/24 13:33:40 | 000,314,656 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014/01/19 21:13:21 | 000,001,820 | ---- | C] () -- C:\Users\Public\Desktop\Apps.lnk
[2014/01/19 21:13:20 | 000,001,767 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/01/18 15:56:08 | 000,000,164 | ---- | C] () -- C:\Users\Ulysses\Desktop\myUniSA Home Page.URL
[2014/01/18 15:47:31 | 000,000,149 | ---- | C] () -- C:\Users\Ulysses\Desktop\ebay.com.sg.URL
[2014/01/12 23:07:51 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/12 20:11:37 | 000,000,579 | ---- | C] () -- C:\Users\Ulysses\World of Our Own.pls
[2013/12/24 21:50:58 | 000,000,810 | ---- | C] () -- C:\ProgramData\ProgramData.lnk
[2013/10/15 12:02:57 | 000,001,971 | ---- | C] () -- C:\Users\Ulysses\Wali - 3 in 1 (2012).pls
[2013/10/12 13:44:44 | 000,001,467 | ---- | C] () -- C:\Users\Ulysses\Ada Band - Masa Demi Masa (2013).pls
[2013/10/12 13:44:24 | 000,001,072 | ---- | C] () -- C:\Users\Ulysses\Zivilia - Trilogy (2013).pls
[2013/09/27 14:46:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2013/09/27 14:33:40 | 000,000,017 | ---- | C] () -- C:\Users\Ulysses\AppData\Local\resmon.resmoncfg
[2013/09/12 21:17:52 | 000,000,417 | ---- | C] () -- C:\Users\Ulysses\A to Z.pls
[2013/08/04 19:33:40 | 000,773,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/24 12:19:37 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/05/11 16:40:33 | 000,007,432 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys
[2013/05/11 16:17:34 | 000,015,232 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/05/11 16:17:33 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/05/11 15:56:08 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/05/11 15:56:04 | 000,045,558 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/04/20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 10:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 09:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 11:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >


aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-02-05 08:04:53
-----------------------------
08:04:53.947 OS Version: Windows x64 6.1.7601 Service Pack 1
08:04:53.947 Number of processors: 4 586 0x3A09
08:04:53.947 ComputerName: ULYSSES-PC UserName: Ulysses
08:04:54.134 Initialize success
08:05:01.094 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:05:01.094 Disk 0 Vendor: ST310003 SD15 Size: 953868MB BusType: 3
08:05:01.094 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
08:05:01.094 Disk 1 Vendor: Samsung_ DXM0 Size: 244198MB BusType: 3
08:05:01.094 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-3
08:05:01.109 Disk 2 Vendor: ST310005 CC46 Size: 953868MB BusType: 3
08:05:01.109 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IAAStorageDevice-4
08:05:01.109 Disk 3 Vendor: Hitachi_ MS1O Size: 476938MB BusType: 3
08:05:01.125 Disk 1 MBR read successfully
08:05:01.125 Disk 1 MBR scan
08:05:01.125 Disk 1 Windows 7 default MBR code
08:05:01.125 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:05:01.125 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 244096 MB offset 206848
08:05:01.140 Disk 1 scanning C:\Windows\system32\drivers
08:05:01.733 Service scanning
08:05:03.434 Modules scanning
08:05:03.434 Disk 1 trace - called modules:
08:05:03.434 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
08:05:03.449 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800f1fd060]
08:05:03.449 3 CLASSPNP.SYS[fffff88001cfc43f] -> nt!IofCallDriver -> [0xfffffa800e010be0]
08:05:03.449 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0xfffffa800e00f050]
08:05:03.465 Scan finished successfully
08:05:08.129 Disk 1 MBR has been saved successfully to "C:\Users\Ulysses\AppData\Roaming\IDM\MBR.dat"
08:05:08.145 The log file has been saved successfully to "C:\Users\Ulysses\AppData\Roaming\IDM\aswMBR.txt"

Attached Files


Edited by michaelg9, 06 February 2014 - 10:52 AM.

  • 0

#4
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey,

Please post the log named Extras.txt which is in the same directory with otl.txt


Next:


Are the shortcuts pointing to a folder or a file? Please right click on a shortcut and post the target listed in Target field, under Shortcut tab

Posted Image
  • 0

#5
xxmaxixx

xxmaxixx

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
OTL Extras logfile created on: 2/5/2014 7:57:52 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ulysses\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 12.44 Gb Available Physical Memory | 77.95% Memory free
31.90 Gb Paging File | 28.16 Gb Available in Paging File | 88.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.37 Gb Total Space | 39.67 Gb Free Space | 16.64% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 4.66 Gb Free Space | 0.50% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 69.61 Gb Free Space | 7.47% Space Free | Partition Type: NTFS
Drive Z: | 465.76 Gb Total Space | 125.76 Gb Free Space | 27.00% Space Free | Partition Type: NTFS

Computer Name: ULYSSES-PC | User Name: Ulysses | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~2.EXE" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05B5AE98-A302-42F2-93F0-D898658A7769}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{09A4009D-A48C-4717-924A-E97F6DD31897}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{1CA77823-239F-4BC5-9699-0556785423F0}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1D76226F-F512-4AC6-A828-A2FDCEF31A8C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{1DA7B8D5-AD48-4593-9D01-0B80C52608E1}" = rport=445 | protocol=6 | dir=out | app=system |
"{1E938944-F70F-4044-AD82-B66E9DBA185B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{32350832-BB0C-4129-A954-BBAD169EAE4B}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{33306756-33DF-4960-9133-4F84E0931195}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{38327976-C415-4EA6-8CE9-AD7310EE6148}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3E865F28-1134-4771-942C-62594EF60326}" = lport=137 | protocol=17 | dir=in | app=system |
"{412E8C62-1073-4E34-8A5D-D5FB7A2970F0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{438F0065-67C5-4CC3-9241-32EDB198EC4F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{45CD183A-4F43-4606-98FB-C6D0EB826DD4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{516AEDEE-E62A-4DC8-9E1E-83D3426600D3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{53634F16-B293-4DB6-90E5-71AF15FBF353}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{53B03589-AE4E-4E2D-9776-D67E2403A0C4}" = lport=138 | protocol=17 | dir=in | app=system |
"{55FDDE98-5632-465D-8648-17FCADFEA4AB}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{5BA525CF-4BAA-4815-8B94-4EA03F773302}" = rport=10243 | protocol=6 | dir=out | app=system |
"{60F62B88-86FD-4B77-ADF2-53B0A3F36140}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{656FD3BF-5FE8-4AC5-BB67-F07E135E0B22}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{67DEF9C8-1C75-471F-AF5E-8F952B924A8A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6B2CA0E8-7597-4293-9E44-693C0FE372AE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6CA8F334-A4E2-4DC1-9ADE-C274F5BEE0E7}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{6F56EDA0-57B0-4E44-B86D-8D250C94A9EF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{74C7DD18-4D9A-4F2F-8FD4-77C3F3CE8927}" = lport=139 | protocol=6 | dir=in | app=system |
"{7745554A-0346-4EAD-92E5-71A46C1A50D6}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{85FF6175-D7C1-41D0-9321-CABFC3E951AE}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8A6B53C0-ACEF-4DBE-BDF0-9C97FA93F98E}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{94FB536B-3D50-4786-9ED7-ECD3E6DF4F95}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{954BC81E-0D0C-4969-B172-4BB4AD2F53C8}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{98D4EB25-83A1-4530-A8B3-CBF0F2E163D3}" = rport=139 | protocol=6 | dir=out | app=system |
"{A17A149B-195D-4B9D-9077-C71D5E0AE660}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{ABD5B54A-DA28-4CD7-A144-6B73D0D09146}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{ACC9CBE0-F715-4442-8BA1-DB6F693A2C92}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{AE5D5273-282D-43B1-B47E-0BA87D033626}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B0B41A03-DE1C-4AB2-A009-24BAC16C01DB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B88B2E54-A32A-430E-BE8E-FE806D0CA885}" = rport=137 | protocol=17 | dir=out | app=system |
"{C31AF2E4-713D-410D-A34A-F21E21CB6E72}" = rport=138 | protocol=17 | dir=out | app=system |
"{C67EEFE6-716B-4AD5-83E7-5962516044A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C70CEB7C-7A8D-4C60-8F8C-8332BDB938A8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DA3F6C3C-1EAA-4AC2-98E3-C52F8F59F632}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E1F2A3CF-38A5-49FA-8E96-1DE20595F691}" = lport=445 | protocol=6 | dir=in | app=system |
"{E9661FE0-7D3D-48B8-B1E8-69E6942DCD70}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EB1ACB9D-DAA2-4453-8F6F-7934169930A8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F0D17249-0AD0-49A2-8C9B-00BA4A8332E3}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{FBD52C67-F353-4B3D-B929-64886D7C19C2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{058D532B-1906-47C3-9988-4AAF9C774A05}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{06BA000E-083E-4819-A7E3-3FE54CDF2B7F}" = protocol=17 | dir=in | app=c:\users\ulysses\appdata\roaming\utorrent\utorrent.exe |
"{0853302B-F2E0-40BC-99FE-19A58C945302}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0D93791F-81B5-4F0D-ACD4-DD635BA55552}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{16D40680-48D4-4D30-B751-D0380585BEBD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F37D459-4D33-41A2-8881-BE8139EAE576}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{47F255BD-6723-4BBD-807D-28D5815B6723}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{49608135-6B3D-4D8C-97F0-CE4816CF7626}" = protocol=58 | dir=out | [email protected],-28546 |
"{524FF312-FF05-474C-9EF4-ED400743E726}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{66A671BC-6188-4B1C-9832-0AE5EAA26A80}" = protocol=58 | dir=in | [email protected],-28545 |
"{66F77FB6-3C23-4224-B869-CD2E5263F815}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{693B0D2E-391B-42F1-AC07-5A85B19BD096}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6CF78C97-9B39-47BC-8674-6A03164A65EC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{764840C3-DDA1-49B2-BABB-80E369B254CC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88F54F6C-CD53-449B-8CB6-A12B9106262E}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{8CD14F26-45CD-4F21-A859-51AACB033B6C}" = protocol=6 | dir=out | app=system |
"{903A10CD-FCC0-44C9-BF4C-BD87D609BB7B}" = protocol=1 | dir=out | [email protected],-28544 |
"{99549F65-48E0-4B0B-AA95-C5B61786C134}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AC5E753A-7BD5-4AEA-8A3D-4038C25D2168}" = protocol=1 | dir=in | [email protected],-28543 |
"{AF79B10B-729B-445A-925A-C5CC69D4DEAB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B019E419-A989-46DE-A108-E934DB09C3F3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BE9D5BFA-D7B7-49C9-AEB1-4A95E1767E69}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{C8B985A4-6FEF-4AA1-B86F-282ECC3F06DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E0D6A650-093A-44B4-9525-E27885EB878C}" = protocol=6 | dir=in | app=c:\users\ulysses\appdata\roaming\utorrent\utorrent.exe |
"{ED5FB83C-3011-4EB0-B981-AA53E8553FCF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{EEDF9E59-D095-4B0C-A3E5-F0E8BA4105CE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F044C405-096D-4BC1-A2DA-0ED6D1F4DF6F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA24C2E4-BDB6-4C93-9703-38FCEC859479}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX390_series" = Canon MX390 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A7C403DA-B8D9-4CA0-93D9-6C7F00772240}" = WD SmartWare
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"sp6" = Logitech SetPoint 6.52
"VIRTU MVP_is1" = VIRTU MVP 2.1.112

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Pro Plugin
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{1E32181B-7C4D-45A3-B57A-1D012EFD1C91}" = BlueStacks App Player
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung Magician
"{2B58AB2C-D980-47FD-8633-E360314BA662}" = WD Security
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{43C423D9-E6D6-4607-ADC9-EBB54F690C57}" = Seagate Dashboard 2.0
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49BE9B8A-E858-4533-A74A-64306C13DB59}" = ASUS Product Register Program
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{507B1304-194A-4204-A9D9-9BAAF51EF760}" = WD Quick View
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.24
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A586DC50-B18D-48FB-B7CC-A598200457C2}" = Acer eDisplay Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.9) MUI
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{ba99df5b-3e46-419e-81e2-544352772fda}" = WD SmartWare Installer
"{C093AD5D-29E9-4777-AAAC-28C02FCC2A51}" = WD Drive Utilities
"{C1CC26DF-148A-4F68-BE42-EE5214686A71}" = LucidWizard
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{D4DE3DB4-7734-47E5-8D92-B80146311406}" = Samsung Data Migration
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E786AE85-8A30-4CF2-BF70-57404A5CD684}" = Windows Phone app for desktop
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Avira AntiVir Desktop" = Avira Internet Security 2012
"BlueStacks App Player" = BlueStacks App Player
"Canon MX390 series On-screen Manual" = Canon MX390 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"Internet Download Manager" = Internet Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.9.5 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Matlab SV R2013a" = MATLAB R2013a Student Version (32-bit)
"MediaMonkey_is1" = MediaMonkey 4.0
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Playlist Creator 3.6.2" = Playlist Creator 3.6.2
"PowerISO" = PowerISO
"RealPlayer 16.0" = RealPlayer
"Speed Dial Utility" = Canon Speed Dial Utility
"SpywareBlaster_is1" = SpywareBlaster 5.0
"Tag&Rename_is1" = Tag&Rename 3.4.6
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/2/2014 11:41:51 AM | Computer Name = Ulysses-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/2/2014 7:15:26 PM | Computer Name = Ulysses-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/2/2014 10:03:46 PM | Computer Name = Ulysses-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 1/3/2014 4:19:13 AM | Computer Name = Ulysses-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/3/2014 6:05:51 AM | Computer Name = Ulysses-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/3/2014 8:11:36 AM | Computer Name = Ulysses-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/3/2014 11:41:21 AM | Computer Name = Ulysses-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/3/2014 8:30:29 PM | Computer Name = Ulysses-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/4/2014 1:21:42 AM | Computer Name = Ulysses-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/4/2014 2:19:22 AM | Computer Name = Ulysses-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2/3/2014 6:29:52 AM | Computer Name = Ulysses-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk8\DR8.

Error - 2/3/2014 12:05:37 PM | Computer Name = Ulysses-PC | Source = Service Control Manager | ID = 7024
Description = The Avira Mail Protection service terminated with service-specific
error %%1.

Error - 2/3/2014 1:18:32 PM | Computer Name = Ulysses-PC | Source = Service Control Manager | ID = 7024
Description = The Avira Mail Protection service terminated with service-specific
error %%1.

Error - 2/3/2014 9:08:47 PM | Computer Name = Ulysses-PC | Source = Service Control Manager | ID = 7024
Description = The Avira Mail Protection service terminated with service-specific
error %%1.

Error - 2/4/2014 12:16:42 AM | Computer Name = Ulysses-PC | Source = Service Control Manager | ID = 7023
Description = The Server service terminated with the following error: %%14

Error - 2/4/2014 12:16:48 AM | Computer Name = Ulysses-PC | Source = Service Control Manager | ID = 7024
Description = The Avira Mail Protection service terminated with service-specific
error %%1.

Error - 2/4/2014 4:53:49 AM | Computer Name = Ulysses-PC | Source = Service Control Manager | ID = 7024
Description = The Avira Mail Protection service terminated with service-specific
error %%1.

Error - 2/4/2014 6:08:20 AM | Computer Name = Ulysses-PC | Source = Service Control Manager | ID = 7024
Description = The Avira Mail Protection service terminated with service-specific
error %%1.

Error - 2/4/2014 6:44:05 PM | Computer Name = Ulysses-PC | Source = Service Control Manager | ID = 7024
Description = The Avira Mail Protection service terminated with service-specific
error %%1.

Error - 2/4/2014 7:54:44 PM | Computer Name = Ulysses-PC | Source = Service Control Manager | ID = 7024
Description = The Avira Mail Protection service terminated with service-specific
error %%1.


< End of report >

Are the shortcuts pointing to a folder or a file?
C:\Windows\system32\cmd.exe /c start Skypee\googleupdate.vbs explorer "%CD%" & exit
Minimised at run.

Edited by xxmaxixx, 06 February 2014 - 08:34 PM.

  • 0

#6
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey

Download MCShield to your desktop and install
It will initially run a scan and show the result as a toaster by the system clock
Then in the control centre select scanner and tick unhide items on flash drives
Posted Image
Plug in all the external drives you own and McShield will start a scan

Then get the log which will be here :

Start > all programs > MCShield > logs > all scans

And post that


Next:

Please download Anti-VBSVBE and save it to your desktop.

Note: There are two versions, 32bit and 64bit. You need to run the version compatible with your system.

  • Double click to run the tool and wait until it finishes.
  • It will make a log named Anti-VBSVBE.txt. Please post it to your reply.

Next:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :processes
    killallprocesses

    :OTL
    IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=16/12/2013
    O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
    O4 - HKCU..\Run: [googleupdate] "C:\Google\googleupdate.vbs" File not found
    O4 - HKCU..\Run: [googleupdate.exe] "C:\Google\googleupdate.vbs" File not found
    O33 - MountPoints2\{2860cd86-25c0-11e3-823d-60a44c6197d9}\Shell - "" = AutoRun
    O33 - MountPoints2\{2860cd86-25c0-11e3-823d-60a44c6197d9}\Shell\AutoRun\command - "" = K:\AutoRun.exe
    O33 - MountPoints2\{2bbaf712-25bb-11e3-8ddf-60a44c6197d9}\Shell - "" = AutoRun
    O33 - MountPoints2\{2bbaf712-25bb-11e3-8ddf-60a44c6197d9}\Shell\AutoRun\command - "" = L:\AutoRun.exe
    O33 - MountPoints2\{2bbaf71d-25bb-11e3-8ddf-60a44c6197d9}\Shell - "" = AutoRun
    O33 - MountPoints2\{2bbaf71d-25bb-11e3-8ddf-60a44c6197d9}\Shell\AutoRun\command - "" = L:\AutoRun.exe
    O33 - MountPoints2\{52bf90ca-ba12-11e2-a17f-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{52bf90ca-ba12-11e2-a17f-806e6f6e6963}\Shell\AutoRun\command - "" = D:\DVD-WRITER.exe
    O33 - MountPoints2\{8102dbce-b6cc-11e2-8473-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{8102dbce-b6cc-11e2-8473-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\OriginInstaller.exe
    [2014/01/27 21:47:33 | 000,000,810 | ---- | M] () -- C:\ProgramData\ProgramData.lnk

    :Services

    :Reg

    :Files
    C:\Google\googleupdate.vbs

    :Commands
    [purity]
    [EMPTYFLASH]
    [EMPTYJAVA]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered.
  • OTL may ask to reboot the machine. Please do so if asked.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
  • Open OTL again.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    C:\*.
    C:\Google\*.* /s
    C:\googleupdate.vbs /s
    C:\*.lnk /s

  • Click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#7
xxmaxixx

xxmaxixx

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
>>> MCShield AllScans.txt <<<

-----------------------------




MCShield ::Anti-Malware Tool:: http://www.mcshield.net/

>>> v 3.0.4.27 / DB: 2014.2.9.1 / Windows 7 <<<


2/11/2014 2:04:12 PM > Drive L: - scan started (My Passport ~931 GB, NTFS HDD )...


>>> L:\RECYCLER\RECYCLER.lnk - Malware > Deleted. (14.02.11. 14.04 RECYCLER.lnk.517376; MD5: 9a8aabade909906c50f851345235f3e7)


=> Malicious files : 1/1 deleted.

____________________________________________

::::: Scan duration: 1sec ::::::::::::::::::
____________________________________________

----------------------------------
Running fix at 2/11/2014 2:05:57 PM

> Found: HKU\Ulysses\Software\Microsoft\Windows\CurrentVersion\Run\googleupdate.exe - deleted.

> Found: HKU\Ulysses\Software\Microsoft\Windows\CurrentVersion\Run\googleupdate - deleted.

> Found: HKU\Share\Software\Microsoft\Windows\CurrentVersion\Run\googleupdate.exe - deleted.

> Found: HKU\Share\Software\Microsoft\Windows\CurrentVersion\Run\googleupdate - deleted.

Fix finished at 2/11/2014 2:05:59 PM

Anti-VBS/VBE, build 9
http://www.mcshield....ls/Anti-VBSVBE/

========== PROCESSES ==========
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}\ deleted successfully.
C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\googleupdate not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\googleupdate.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2860cd86-25c0-11e3-823d-60a44c6197d9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2860cd86-25c0-11e3-823d-60a44c6197d9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2860cd86-25c0-11e3-823d-60a44c6197d9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2860cd86-25c0-11e3-823d-60a44c6197d9}\ not found.
File K:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bbaf712-25bb-11e3-8ddf-60a44c6197d9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2bbaf712-25bb-11e3-8ddf-60a44c6197d9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bbaf712-25bb-11e3-8ddf-60a44c6197d9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2bbaf712-25bb-11e3-8ddf-60a44c6197d9}\ not found.
File L:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bbaf71d-25bb-11e3-8ddf-60a44c6197d9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2bbaf71d-25bb-11e3-8ddf-60a44c6197d9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bbaf71d-25bb-11e3-8ddf-60a44c6197d9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2bbaf71d-25bb-11e3-8ddf-60a44c6197d9}\ not found.
File L:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52bf90ca-ba12-11e2-a17f-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52bf90ca-ba12-11e2-a17f-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52bf90ca-ba12-11e2-a17f-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52bf90ca-ba12-11e2-a17f-806e6f6e6963}\ not found.
File D:\DVD-WRITER.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8102dbce-b6cc-11e2-8473-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8102dbce-b6cc-11e2-8473-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8102dbce-b6cc-11e2-8473-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8102dbce-b6cc-11e2-8473-806e6f6e6963}\ not found.
File D:\Bin\ASSETUP.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ not found.
File J:\OriginInstaller.exe not found.
C:\ProgramData\ProgramData.lnk moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File\Folder C:\Google\googleupdate.vbs not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Share
->Flash cache emptied: 30339 bytes

User: Ulysses
->Flash cache emptied: 71341 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Share
->Java cache emptied: 31580 bytes

User: Ulysses
->Java cache emptied: 1777287 bytes

Total Java Files Cleaned = 2.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02112014_140723

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL logfile created on: 2/11/2014 2:11:54 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ulysses\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 13.13 Gb Available Physical Memory | 82.29% Memory free
31.90 Gb Paging File | 28.66 Gb Available in Paging File | 89.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.37 Gb Total Space | 68.18 Gb Free Space | 28.60% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 4.66 Gb Free Space | 0.50% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 69.61 Gb Free Space | 7.47% Space Free | Partition Type: NTFS
Drive L: | 931.48 Gb Total Space | 372.45 Gb Free Space | 39.98% Space Free | Partition Type: NTFS
Drive Z: | 465.76 Gb Total Space | 123.73 Gb Free Space | 26.57% Space Free | Partition Type: NTFS

Computer Name: ULYSSES-PC | User Name: Ulysses | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/05 09:26:57 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/02/05 07:57:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ulysses\Downloads\Programs\OTL.exe
PRC - [2014/02/02 08:15:32 | 000,650,816 | ---- | M] (MyCity) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe
PRC - [2014/01/21 10:56:25 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/01/21 10:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/12/20 16:45:32 | 000,807,696 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013/12/20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2013/12/20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2013/12/20 16:43:44 | 000,367,376 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2013/12/20 16:43:34 | 000,261,392 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2013/12/20 16:43:30 | 000,377,616 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/13 18:00:19 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/11/28 19:12:40 | 004,580,256 | ---- | M] (Samsung Electronics.) -- C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
PRC - [2013/11/16 19:27:16 | 000,900,440 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ulysses\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/08/14 07:59:52 | 005,537,136 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2013/07/10 14:23:10 | 001,694,080 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
PRC - [2013/06/20 17:56:56 | 003,604,048 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2013/05/30 11:40:32 | 000,122,984 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2013/05/30 11:36:38 | 000,016,000 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
PRC - [2012/12/12 21:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2012/10/10 13:32:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/10/10 13:31:28 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/10/10 13:31:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/10/10 13:31:27 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2012/09/27 16:08:08 | 000,989,352 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012/09/27 16:04:44 | 001,087,648 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012/09/27 16:02:40 | 001,279,120 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2012/08/20 13:43:20 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2012/08/08 18:17:52 | 003,101,056 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
PRC - [2012/08/07 13:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/08/01 16:39:04 | 001,112,064 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/07/23 16:34:28 | 001,190,400 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
PRC - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/01 17:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/06/01 17:42:18 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2012/05/25 12:12:57 | 001,475,744 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
PRC - [2012/05/21 00:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/05/03 12:17:36 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2012/04/13 12:19:00 | 000,138,032 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2012/04/13 12:18:58 | 001,645,360 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Acer Display\eDisplay Management\dthtml.exe
PRC - [2012/04/13 11:32:10 | 000,113,456 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/02/02 15:20:32 | 000,889,984 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
PRC - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/02/01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2010/11/21 11:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
PRC - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
PRC - [2010/04/12 16:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE


========== Modules (No Company Name) ==========

MOD - [2014/02/05 09:26:57 | 003,583,600 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/01/19 21:17:36 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\61cc4898fcd0b96a990e2751cbfdfa38\HD-Agent.ni.exe
MOD - [2014/01/19 21:17:30 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\6228b782a5fd3efaccdb2af0f7f1183e\JSON.ni.dll
MOD - [2013/11/28 19:00:00 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SMINI.dll
MOD - [2013/11/28 18:59:54 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SATA.dll
MOD - [2013/11/28 18:59:50 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAT.dll
MOD - [2013/11/28 18:59:24 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAS.dll
MOD - [2013/11/28 18:59:20 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\PAL.dll
MOD - [2013/11/28 12:14:32 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll
MOD - [2013/10/11 09:20:51 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\10ef07233e429503b5bc942aa6194fe8\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/10/11 09:20:51 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\46863d4abf7db3e009962abc8710c945\System.Runtime.Remoting.ni.dll
MOD - [2013/10/11 09:20:50 | 002,659,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
MOD - [2013/10/11 09:20:46 | 001,837,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ce9a2e0e508484f2ccc43194945cfae4\Microsoft.VisualBasic.ni.dll
MOD - [2013/10/11 08:58:26 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/11 08:58:17 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/11 08:58:15 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/10 17:42:02 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll
MOD - [2013/10/10 17:41:55 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll
MOD - [2013/10/10 17:41:53 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll
MOD - [2013/10/10 17:41:52 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2013/10/10 17:41:50 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll
MOD - [2013/10/10 17:41:49 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013/09/13 08:09:42 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiagnostics.ni.dll
MOD - [2013/09/13 08:09:31 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/09/13 08:08:02 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\45581138b36fd338c87813390775b65f\IAStorCommon.ni.dll
MOD - [2013/09/13 08:07:55 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013/09/13 08:07:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013/09/13 08:07:50 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\591b99d5681c59ed6c5e9544d7def0ea\IAStorUtil.ni.dll
MOD - [2013/09/13 08:07:46 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/09/13 08:07:37 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/09/13 08:07:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/09/13 08:07:32 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/09/12 23:33:45 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/09/12 23:33:45 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll
MOD - [2013/09/12 23:32:52 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/09/12 23:32:45 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/09/12 23:32:42 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2012/08/08 16:45:52 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
MOD - [2012/07/31 15:21:32 | 000,152,064 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
MOD - [2012/07/25 09:56:42 | 001,124,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2012/07/05 12:05:48 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2012/06/19 12:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/05/28 21:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012/05/25 10:33:10 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/05/17 18:57:12 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2012/04/13 12:18:54 | 000,121,648 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2012/04/13 11:56:12 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2012/03/21 12:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/02/10 11:29:44 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/08/23 10:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
MOD - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/21 10:55:35 | 016,939,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/05/27 13:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/09 02:30:42 | 000,359,664 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/02/05 19:08:30 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/05 09:26:57 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/01/21 10:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/12/20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013/12/20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/05/30 11:36:38 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/10/10 13:32:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/10/10 13:31:34 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/10/10 13:31:29 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012/10/10 13:31:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/10/10 13:31:27 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/01 17:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/06/01 17:42:18 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2012/05/25 12:12:57 | 001,475,744 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/04/13 12:19:00 | 000,138,032 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2012/04/13 11:32:10 | 000,113,456 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/28 02:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/28 21:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/05/25 23:00:14 | 000,168,288 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2013/01/03 16:17:48 | 000,043,400 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2013/01/03 16:17:38 | 000,077,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/01/03 16:17:38 | 000,061,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/10/10 14:05:29 | 000,140,936 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avfwot.sys -- (avfwot)
DRV:64bit: - [2012/10/10 14:05:29 | 000,114,168 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avfwim.sys -- (avfwim)
DRV:64bit: - [2012/09/27 13:59:38 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/09/27 13:59:38 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/09/27 13:59:38 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/08/23 22:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 22:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 22:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/20 10:38:12 | 000,416,072 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2012/08/20 10:38:12 | 000,138,568 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 07:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/12 22:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/05/31 11:06:14 | 000,032,400 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012/05/21 00:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/05/21 00:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/05/21 00:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/05/17 18:57:06 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2012/04/13 11:31:32 | 000,020,784 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2012/03/25 17:55:22 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/16 15:12:58 | 000,032,360 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/12 16:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/12/20 16:44:10 | 000,114,448 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6B E7 A7 C6 3F 22 CF 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {1473C9E8-686A-404A-96C9-670502D1B994}
IE - HKCU\..\SearchScopes\{1473C9E8-686A-404A-96C9-670502D1B994}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/05/18 16:29:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/12/13 18:00:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/12/13 18:00:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/02/05 09:26:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Ulysses\AppData\Roaming\IDM\idmmzcc5 [2013/06/24 00:15:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/02/05 09:26:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Ulysses\AppData\Roaming\IDM\idmmzcc5 [2013/06/24 00:15:10 | 000,000,000 | ---D | M]

[2013/05/13 12:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ulysses\AppData\Roaming\Mozilla\Extensions
[2014/02/05 09:26:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/05 09:26:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Logitech SetPoint = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0\
CHR - Extension: RealDownloader = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: IDM Integration = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.16.3_0\
CHR - Extension: Google Wallet = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/11 05:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [DT ACR] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe (Portrait Displays, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log File not found
O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKCU..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O4 - HKCU..\Run: [uTorrent] C:\Users\Ulysses\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://myoffice.smr...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70728077-7349-4EF2-BD1A-0402E611A4FB}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (c:\windows\syswow64\appinit_dll.dll) - c:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/04/06 13:34:25 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /k:C *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/11 14:07:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/02/11 13:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
[2014/02/11 13:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\MCShield
[2014/02/11 13:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MCShield
[2014/02/05 18:28:37 | 000,000,000 | ---D | C] -- C:\Users\Ulysses\Desktop\Old Firefox Data
[2014/02/05 09:26:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/01/19 21:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/01/19 21:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/01/18 09:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/17 16:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2014/01/12 23:07:57 | 000,000,000 | ---D | C] -- C:\Users\Ulysses\AppData\Roaming\Malwarebytes
[2014/01/12 23:07:51 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/01/12 23:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/12 23:07:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/12 23:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

========== Files - Modified Within 30 Days ==========

[2014/02/11 14:09:40 | 000,000,606 | ---- | M] () -- C:\Windows\tasks\MATLAB R2013a Startup Accelerator.job
[2014/02/11 14:09:34 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/11 14:08:42 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/02/11 14:08:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/11 14:08:37 | 4257,320,958 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/11 14:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/11 13:30:45 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/11 11:31:53 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/11 11:31:53 | 000,660,296 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/11 11:31:53 | 000,121,224 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/11 10:59:28 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/11 10:59:28 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/19 21:19:06 | 000,000,149 | ---- | M] () -- C:\Users\Ulysses\Desktop\ebay.com.sg.URL
[2014/01/19 21:13:21 | 000,001,820 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
[2014/01/19 21:13:20 | 000,001,767 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/01/18 16:21:23 | 000,000,164 | ---- | M] () -- C:\Users\Ulysses\Desktop\myUniSA Home Page.URL
[2014/01/18 09:17:07 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/01/16 00:02:23 | 000,419,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/12 23:07:51 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/12 20:11:37 | 000,000,579 | ---- | M] () -- C:\Users\Ulysses\World of Our Own.pls

========== Files Created - No Company Name ==========

[2014/01/24 13:33:40 | 000,357,152 | ---- | C] () -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014/01/24 13:33:40 | 000,314,656 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014/01/19 21:13:21 | 000,001,820 | ---- | C] () -- C:\Users\Public\Desktop\Apps.lnk
[2014/01/19 21:13:20 | 000,001,767 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/01/18 15:56:08 | 000,000,164 | ---- | C] () -- C:\Users\Ulysses\Desktop\myUniSA Home Page.URL
[2014/01/18 15:47:31 | 000,000,149 | ---- | C] () -- C:\Users\Ulysses\Desktop\ebay.com.sg.URL
[2014/01/12 23:07:51 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/12 20:11:37 | 000,000,579 | ---- | C] () -- C:\Users\Ulysses\World of Our Own.pls
[2013/10/15 12:02:57 | 000,001,971 | ---- | C] () -- C:\Users\Ulysses\Wali - 3 in 1 (2012).pls
[2013/10/12 13:44:44 | 000,001,467 | ---- | C] () -- C:\Users\Ulysses\Ada Band - Masa Demi Masa (2013).pls
[2013/10/12 13:44:24 | 000,001,072 | ---- | C] () -- C:\Users\Ulysses\Zivilia - Trilogy (2013).pls
[2013/09/27 14:46:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2013/09/27 14:33:40 | 000,000,017 | ---- | C] () -- C:\Users\Ulysses\AppData\Local\resmon.resmoncfg
[2013/09/12 21:17:52 | 000,000,417 | ---- | C] () -- C:\Users\Ulysses\A to Z.pls
[2013/08/04 19:33:40 | 000,773,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/24 12:19:37 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/05/11 16:40:33 | 000,007,432 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys
[2013/05/11 16:17:34 | 000,015,232 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/05/11 16:17:33 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/05/11 15:56:08 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/05/11 15:56:04 | 000,045,558 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/04/20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 10:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 09:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 11:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/21 17:58:13 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Canon
[2013/05/11 16:41:39 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\DisplayTune
[2014/02/11 13:58:15 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\DMCache
[2014/02/05 08:05:08 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\IDM
[2013/05/13 12:35:10 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Juniper Networks
[2013/05/18 16:29:40 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Leadertech
[2014/02/11 13:49:01 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\MediaMonkey
[2013/08/06 17:07:04 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\PDF Labs
[2013/09/27 13:21:22 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Seagate
[2013/06/23 13:00:43 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Sports Interactive
[2013/07/17 17:09:15 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Subversion
[2014/02/11 14:14:45 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< C:\*. >
[2014/01/18 16:13:43 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2013/12/24 21:50:57 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2014/01/02 21:58:59 | 000,000,000 | ---D | M] -- C:\BigFishCache
[2009/07/14 13:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2014/01/30 18:56:15 | 000,000,000 | RHSD | M] -- C:\Google
[2013/12/24 21:50:57 | 000,000,000 | ---D | M] -- C:\Intel
[2014/01/02 08:50:28 | 000,000,000 | ---D | M] -- C:\ITE
[2013/05/13 13:13:50 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2013/12/24 21:50:57 | 000,000,000 | ---D | M] -- C:\My Music
[2013/12/24 21:50:58 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009/07/14 11:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2014/01/18 15:33:26 | 000,000,000 | R--D | M] -- C:\Program Files
[2014/02/11 13:59:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2014/02/11 14:07:42 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013/05/06 21:22:59 | 000,000,000 | -HSD | M] -- C:\Recovery
[2014/01/30 17:42:49 | 000,000,000 | RHSD | M] -- C:\Skypee
[2014/02/07 18:37:46 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2014/01/24 13:34:04 | 000,000,000 | ---D | M] -- C:\Temp
[2013/12/16 16:45:45 | 000,000,000 | R--D | M] -- C:\Users
[2014/01/24 14:15:41 | 000,000,000 | ---D | M] -- C:\Windows
[2014/02/11 14:07:23 | 000,000,000 | ---D | M] -- C:\_OTL
[2009/07/14 13:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 13:08:49 | 000,032,604 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/05/13 12:06:20 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/05/13 12:07:45 | 000,000,896 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/05/13 12:07:45 | 000,000,900 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/07/17 17:00:39 | 000,000,606 | ---- | C] () -- C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job

< C:\Google\*.* /s >
[2012/01/29 23:34:20 | 000,750,320 | ---- | M] (AutoIt Team) -- C:\Google\AutoIt3.exe
[2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\Google\Google.lnk
[2014/01/30 18:56:15 | 001,294,336 | ---- | M] () -- C:\Google\googleupdate.a3x
[2014/01/28 06:24:55 | 000,000,854 | ---- | M] () -- C:\Google\Skypee.lnk

< C:\googleupdate.vbs /s >

< C:\*.lnk /s >
[2014/01/03 18:39:35 | 000,000,544 | ---- | M] () -- C:\$Recycle.Bin\S-1-5-21-3946774030-1862938079-1394353489-1004\$IH9YN7C.lnk
[2014/01/03 18:39:32 | 000,001,343 | ---- | M] () -- C:\$Recycle.Bin\S-1-5-21-3946774030-1862938079-1394353489-1004\$RH9YN7C.lnk
[2014/01/27 21:47:33 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02112014_140723\C_ProgramData\ProgramData.lnk
[2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\AdwCleaner\AdwCleaner.lnk
[2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\BigFishCache\BigFishCache.lnk
[2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\Google\Google.lnk
[2014/01/28 06:24:55 | 000,000,854 | ---- | M] () -- C:\Google\Skypee.lnk
[2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\Intel\Intel.lnk
[2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\ITE\ITE.lnk
[2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\My Music\My Music.lnk
[2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\NVIDIA\NVIDIA.lnk
[2013/12/13 18:00:19 | 000,001,090 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\.r1pclean.exe.lnk
[2013/12/13 18:00:19 | 000,001,118 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\accesspoints\desktop.lnk
[2013/12/13 18:00:19 | 000,001,118 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\accesspoints\entertainment.lnk
[2013/12/13 18:00:19 | 000,001,118 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\accesspoints\quicklaunch.lnk
[2013/12/13 18:00:19 | 000,001,118 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\accesspoints\startmenu.lnk
[2013/12/13 18:00:19 | 000,001,118 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\accesspoints\startmenuprograms.lnk
[2013/05/18 16:29:29 | 000,001,740 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Bluetooth Connection Assistant.lnk
[2013/05/18 16:29:29 | 000,001,762 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Mouse and Keyboard Settings.lnk
[2013/05/07 12:14:54 | 000,001,238 | ---- | M] () -- C:\Program Files\Microsoft Games\Chess\ChessMCE.lnk
[2009/07/14 12:55:00 | 000,001,268 | ---- | M] () -- C:\Program Files\Microsoft Games\FreeCell\FreeCellMCE.lnk
[2009/07/14 12:57:12 | 000,001,248 | ---- | M] () -- C:\Program Files\Microsoft Games\Hearts\HeartsMCE.lnk
[2013/05/07 12:14:54 | 000,001,258 | ---- | M] () -- C:\Program Files\Microsoft Games\Mahjong\MahjongMCE.lnk
[2009/07/14 12:57:12 | 000,001,302 | ---- | M] () -- C:\Program Files\Microsoft Games\Purble Place\PurblePlaceMCE.lnk
[2009/07/14 12:55:01 | 000,001,278 | ---- | M] () -- C:\Program Files\Microsoft Games\Solitaire\SolitaireMCE.lnk
[2009/07/14 12:57:12 | 000,001,338 | ---- | M] () -- C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaireMCE.lnk
[2014/01/19 21:17:48 | 000,002,112 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\1Mobile Market.lnk
[2014/01/19 21:13:31 | 000,001,952 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Appstore.lnk
[2014/01/19 21:13:23 | 000,002,000 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Bluestacks Spotlight.lnk
[2014/01/19 21:15:58 | 000,002,052 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Candy Crush Saga.lnk
[2014/01/19 21:13:31 | 000,001,842 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Facebook.lnk
[2014/01/19 21:16:59 | 000,001,860 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Gamepop-Home.lnk
[2014/01/19 21:13:25 | 000,001,842 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Help.lnk
[2014/01/19 21:16:59 | 000,001,850 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\home.lnk
[2014/01/19 21:16:51 | 000,001,960 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\International.lnk
[2014/02/11 11:38:20 | 000,001,964 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\s2p.lnk
[2014/02/09 19:53:05 | 000,002,068 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\TV Anywhere.lnk
[2014/01/19 21:13:31 | 000,001,984 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Twitter.lnk
[2014/01/19 21:13:31 | 000,001,892 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\WhatsApp.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\ProgramData\MCShield\Quarantine\14.02.11. 13.59 Recycled.754890\Recycled.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\ProgramData\MCShield\Quarantine\14.02.11. 14.10 Recycled.683376\Recycled.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\ProgramData\MCShield\Quarantine\14.02.11. 14.10 Recycled.847637\Recycled.lnk
[2009/07/14 13:01:14 | 000,001,282 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[2009/07/14 12:49:40 | 000,001,266 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
[2014/01/18 09:17:07 | 000,002,441 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/07/17 17:00:43 | 000,001,371 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2013a Student Version (32-bit).lnk
[2013/05/07 12:14:55 | 000,001,345 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/05/13 12:16:22 | 000,001,163 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2009/07/14 12:57:08 | 000,001,330 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2009/07/14 12:57:09 | 000,001,352 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2013/05/07 12:14:56 | 000,001,326 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2009/07/14 12:54:59 | 000,001,210 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2010/11/21 11:40:30 | 000,001,547 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2009/07/14 12:57:08 | 000,001,246 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2009/07/14 12:55:00 | 000,001,230 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk
[2009/07/14 12:54:23 | 000,001,266 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk
[2013/05/07 12:14:54 | 000,001,364 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk
[2013/05/07 12:14:54 | 000,001,238 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk
[2009/07/14 12:54:32 | 000,001,242 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk
[2013/05/12 12:23:20 | 000,001,620 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk
[2013/05/07 12:14:55 | 000,001,272 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk
[2009/07/14 12:57:08 | 000,001,330 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk
[2013/05/07 12:14:55 | 000,001,351 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk
[2009/07/14 12:54:58 | 000,001,254 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk
[2009/07/14 12:57:09 | 000,001,579 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk
[2009/07/14 12:54:58 | 000,001,322 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk
[2009/07/14 12:57:07 | 000,001,388 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk
[2009/07/14 12:55:00 | 000,001,248 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk
[2009/07/14 12:54:25 | 000,001,290 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk
[2009/07/14 12:54:58 | 000,001,252 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk
[2009/07/14 12:53:50 | 000,001,242 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk
[2009/07/14 12:53:33 | 000,001,250 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk
[2009/07/14 12:54:57 | 000,001,246 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk
[2009/07/14 12:54:29 | 000,001,268 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk
[2009/07/14 12:57:09 | 000,001,320 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk
[2009/07/14 12:57:09 | 000,001,316 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk
[2013/05/07 12:14:56 | 000,001,436 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk
[2013/05/07 12:14:55 | 000,001,386 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk
[2013/05/07 12:14:54 | 000,001,316 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk
[2009/07/14 13:32:31 | 000,001,989 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk
[2009/07/14 12:57:13 | 000,001,468 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk
[2009/07/14 12:57:13 | 000,001,468 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk
[2009/07/14 13:32:31 | 000,001,899 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk
[2013/05/11 16:49:23 | 000,002,063 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Acer eDisplay Management.lnk
[2013/05/11 16:49:23 | 000,002,196 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Diagnostics.lnk
[2013/05/11 16:49:23 | 000,002,539 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Uninstall Acer eDisplay Management.lnk
[2009/07/14 12:57:13 | 000,001,242 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk
[2009/07/14 12:54:21 | 000,001,294 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk
[2009/07/14 12:53:52 | 000,001,270 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk
[2009/07/14 12:54:29 | 000,001,298 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk
[2009/07/14 12:54:22 | 000,001,274 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk
[2009/07/14 12:53:33 | 000,001,268 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk
[2013/05/13 13:15:35 | 000,001,539 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 2.0 Configuration.lnk
[2009/07/14 12:53:50 | 000,001,232 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk
[2009/07/14 12:54:05 | 000,001,288 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 12:53:33 | 000,001,246 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk
[2009/07/14 12:54:29 | 000,001,262 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk
[2009/07/14 12:53:58 | 000,001,274 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk
[2009/07/14 13:32:31 | 000,002,741 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk
[2013/05/11 16:24:22 | 000,002,062 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite II\AI Suite II 2.01.01.lnk
[2013/05/11 16:24:22 | 000,001,661 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite II\AI Suite II uninstall.lnk
[2013/08/10 01:10:54 | 000,002,071 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Internet Security 2012 Help.lnk
[2013/08/10 01:10:54 | 000,002,087 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira on the Internet.lnk
[2013/08/10 01:10:54 | 000,001,204 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Display readme.lnk
[2013/08/10 01:10:54 | 000,002,094 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Start Avira Internet Security 2012.lnk
[2014/01/19 21:13:04 | 000,001,837 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk
[2013/06/25 00:08:38 | 000,002,358 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX390 series Manual\Canon MX390 series On-screen Manual.lnk
[2013/06/25 00:14:28 | 000,002,115 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk
[2013/06/25 00:10:29 | 000,002,101 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Image Garden\My Image Garden.lnk
[2013/06/25 00:09:04 | 000,001,828 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk
[2013/06/25 00:12:32 | 000,002,049 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Quick Menu\Quick Menu.lnk
[2013/06/25 00:09:25 | 000,002,105 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Speed Dial Utility\Speed Dial Utility.lnk
[2013/05/07 12:14:54 | 000,000,352 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk
[2009/07/14 12:55:00 | 000,000,364 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk
[2009/07/14 12:54:59 | 000,000,258 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk
[2009/07/14 12:57:12 | 000,000,356 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk
[2013/05/07 12:14:54 | 000,000,474 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk
[2013/05/07 12:14:54 | 000,000,470 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk
[2013/05/07 12:14:54 | 000,000,466 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk
[2013/05/07 12:14:54 | 000,000,360 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk
[2009/07/14 12:57:12 | 000,000,376 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk
[2009/07/14 12:57:12 | 000,000,370 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from Microsoft.lnk
[2009/07/14 12:57:12 | 000,000,378 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Purble Place.lnk
[2009/07/14 12:55:01 | 000,000,368 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk
[2009/07/14 12:57:12 | 000,000,392 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk
[2013/09/25 17:08:12 | 000,002,218 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[2013/05/11 16:10:34 | 000,001,490 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk
[2013/06/24 00:15:06 | 000,001,043 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk
[2013/06/24 00:15:06 | 000,001,043 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk
[2013/06/24 00:15:06 | 000,001,055 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk
[2014/01/18 09:38:20 | 000,001,953 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk
[2014/01/18 09:38:20 | 000,001,971 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk
[2014/01/18 09:38:20 | 000,001,929 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk
[2014/01/18 09:38:20 | 000,001,206 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk
[2014/01/18 09:38:20 | 000,001,114 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk
[2013/06/24 12:19:37 | 000,002,132 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk
[2013/06/24 12:19:37 | 000,001,295 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk
[2013/06/24 12:19:37 | 000,002,078 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk
[2013/06/24 12:19:37 | 000,002,122 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk
[2013/06/24 12:19:37 | 000,002,112 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk
[2013/06/24 12:19:37 | 000,002,104 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk
[2013/06/24 12:19:37 | 000,001,933 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk
[2013/06/24 12:19:37 | 000,001,945 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk
[2013/06/24 12:19:37 | 000,001,933 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk
[2013/06/24 12:19:37 | 000,002,213 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk
[2013/06/24 12:19:37 | 000,001,211 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk
[2013/06/24 12:19:37 | 000,001,284 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk
[2013/06/24 12:19:37 | 000,001,254 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk
[2013/06/24 12:19:37 | 000,002,138 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk
[2013/06/24 12:19:37 | 000,002,047 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk
[2013/05/18 16:29:29 | 000,001,762 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Mouse and Keyboard\Mouse and Keyboard Settings.lnk
[2013/05/18 16:29:38 | 000,001,126 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Unifying\Logitech Unifying Software.lnk
[2009/07/14 12:57:07 | 000,001,304 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk
[2009/07/14 12:57:07 | 000,001,248 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk
[2009/07/14 12:57:09 | 000,001,212 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk
[2014/01/12 23:07:51 | 000,001,091 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk
[2014/01/12 23:07:51 | 000,001,091 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk
[2014/01/12 23:07:51 | 000,001,115 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk
[2014/01/12 23:07:51 | 000,001,264 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk
[2013/07/17 17:00:43 | 000,001,313 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB\R2013a Student Version (32-bit)\Activate MATLAB R2013a.lnk
[2013/07/17 17:00:43 | 000,001,383 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB\R2013a Student Version (32-bit)\MATLAB R2013a Student Version (32-bit).lnk
[2014/02/11 13:59:31 | 000,001,119 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Control Center.lnk
[2014/02/11 13:59:31 | 000,001,058 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Real-Time Monitor.lnk
[2014/02/11 13:59:31 | 000,000,814 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\All scans.lnk
[2014/02/11 13:59:31 | 000,000,824 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Last scan.lnk
[2014/02/11 13:59:31 | 000,000,857 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Summary.lnk
[2014/02/11 13:59:31 | 000,001,187 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Tools\MCShield Translator.lnk
[2014/02/11 13:59:31 | 000,001,060 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Uninstall\Uninstall MCShield.lnk
[2013/06/24 12:15:42 | 000,000,846 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey on the Web.lnk
[2013/06/24 12:15:42 | 000,001,038 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey Read Me.lnk
[2013/06/24 12:15:42 | 000,001,065 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey.lnk
[2013/06/24 12:15:42 | 000,001,050 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\Uninstall MediaMonkey.lnk
[2013/05/18 16:28:21 | 000,002,687 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Connect Keyboard for Bluetooth.lnk
[2013/05/18 16:28:21 | 000,002,715 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Keyboard Healthy Computing Guide.lnk
[2013/05/18 16:28:21 | 000,002,847 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Keyboard Help.lnk
[2013/05/18 16:28:21 | 000,002,695 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Microsoft Keyboard.lnk
[2013/05/18 16:28:21 | 000,002,747 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Quality Settings.lnk
[2013/05/13 13:15:35 | 000,002,643 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk
[2013/09/14 08:18:36 | 000,002,655 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk
[2013/05/13 13:15:35 | 000,002,697 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk
[2013/05/13 13:15:35 | 000,002,687 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk
[2013/05/13 13:15:35 | 000,002,619 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk
[2013/05/13 13:15:35 | 000,002,693 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk
[2013/05/13 13:15:35 | 000,002,645 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk
[2013/05/13 13:15:35 | 000,002,611 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk
[2013/05/13 13:15:35 | 000,002,693 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk
[2013/05/13 13:15:35 | 000,002,647 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk
[2013/05/13 13:15:35 | 000,002,627 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk
[2013/05/13 13:15:35 | 000,002,527 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk
[2013/05/13 13:15:35 | 000,002,625 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk
[2013/05/13 13:15:35 | 000,002,605 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk
[2013/05/13 13:14:19 | 000,001,273 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005\Visual Studio Tools\Visual Studio 2005 Remote Debugger Configuration Wizard.lnk
[2014/01/24 12:18:00 | 000,001,329 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk
[2014/01/24 13:34:39 | 000,002,121 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk
[2014/01/24 13:34:39 | 000,002,133 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk
[2014/01/24 13:34:39 | 000,002,139 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk
[2014/01/24 13:34:39 | 000,002,137 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Help.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Virtual Drive Manager.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO.lnk
[2013/05/13 13:17:24 | 000,001,914 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\Uninstall PowerISO.lnk
[2013/05/18 16:18:46 | 000,002,441 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk
[2013/05/18 16:18:46 | 000,002,471 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk
[2013/05/18 16:18:46 | 000,002,441 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk
[2013/05/18 16:18:46 | 000,001,816 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk
[2013/12/13 18:00:28 | 000,002,563 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk
[2013/12/13 18:00:24 | 000,001,193 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk
[2013/12/13 18:00:22 | 000,001,135 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk
[2013/12/13 18:00:19 | 000,001,252 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk
[2013/05/11 16:15:33 | 000,001,120 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek\Realtek Ethernet Diagnostic Utility\Realtek Ethernet Diagnostic Utility.lnk
[2013/12/10 10:28:12 | 000,001,113 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician\Samsung Magician.lnk
[2013/12/10 10:28:12 | 000,002,003 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician\Uninstall Samsung Magician.lnk
[2013/05/12 12:35:15 | 000,002,111 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Data Migration\Data Migration.lnk
[2013/09/27 13:21:36 | 000,002,743 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0\Seagate Dashboard 2.0.lnk
[2013/09/27 13:07:09 | 000,002,477 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk
[2013/05/13 12:16:06 | 000,001,059 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster Help.lnk
[2013/05/13 12:16:06 | 000,001,101 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster.lnk
[2013/06/23 13:15:50 | 000,001,075 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Download Tag&Rename User Manual in pdf.lnk
[2013/06/23 13:15:50 | 000,000,975 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Tag&Rename help.lnk
[2013/06/23 13:15:50 | 000,001,045 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Tag&Rename.lnk
[2013/05/11 17:13:33 | 000,001,136 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIRTU MVP\VIRTU MVP Control Panel.lnk
[2013/05/11 17:13:33 | 000,001,093 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIRTU MVP\VIRTU MVP Uninstall.lnk
[2013/09/27 14:43:59 | 000,001,272 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Data Lifeguard Diagnostic for Windows.lnk
[2013/09/27 14:43:59 | 000,001,260 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Help Documentation.lnk
[2013/09/27 14:43:59 | 000,001,284 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Uninstall Data Lifeguard Diagnostic for Windows.lnk
[2013/12/10 20:54:07 | 000,001,213 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Unlocker.lnk
[2013/10/25 20:37:09 | 000,001,207 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Utilities.lnk
[2013/12/10 20:54:07 | 000,001,181 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Security.lnk
[2013/11/26 17:57:49 | 000,001,174 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD Quick View.lnk
[2013/11/26 17:57:44 | 000,001,168 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD SmartWare.lnk
[2013/08/04 19:36:11 | 000,002,020 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone\Windows Phone app for desktop.lnk
[2013/06/23 13:16:51 | 000,001,008 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk
[2013/06/23 13:16:51 | 000,001,027 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk
[2013/06/23 13:16:51 | 000,001,027 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
[2014/01/28 06:16:57 | 000,000,810 | ---- | M] () -- C:\Skypee\Google.lnk
[2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\Skypee\Skypee.lnk
[2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\Temp\Temp.lnk
[2014/01/19 21:17:48 | 000,002,112 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\1Mobile Market.lnk
[2014/01/19 21:13:31 | 000,001,952 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Appstore.lnk
[2014/01/19 21:13:23 | 000,002,000 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Bluestacks Spotlight.lnk
[2014/01/19 21:15:58 | 000,002,052 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Candy Crush Saga.lnk
[2014/01/19 21:13:31 | 000,001,842 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Facebook.lnk
[2014/01/19 21:16:59 | 000,001,860 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Gamepop-Home.lnk
[2014/01/19 21:13:25 | 000,001,842 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Help.lnk
[2014/01/19 21:16:59 | 000,001,850 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\home.lnk
[2014/01/19 21:16:51 | 000,001,960 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\International.lnk
[2014/02/11 11:38:20 | 000,001,964 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\s2p.lnk
[2014/02/09 19:53:05 | 000,002,068 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\TV Anywhere.lnk
[2014/01/19 21:13:31 | 000,001,984 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Twitter.lnk
[2014/01/19 21:13:31 | 000,001,892 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\WhatsApp.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\Users\All Users\MCShield\Quarantine\14.02.11. 13.59 Recycled.754890\Recycled.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\Users\All Users\MCShield\Quarantine\14.02.11. 14.10 Recycled.683376\Recycled.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\Users\All Users\MCShield\Quarantine\14.02.11. 14.10 Recycled.847637\Recycled.lnk
[2009/07/14 13:01:14 | 000,001,282 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Default Programs.lnk
[2009/07/14 12:49:40 | 000,001,266 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Windows Update.lnk
[2014/01/18 09:17:07 | 000,002,441 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/07/17 17:00:43 | 000,001,371 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MATLAB R2013a Student Version (32-bit).lnk
[2013/05/07 12:14:55 | 000,001,345 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/05/13 12:16:22 | 000,001,163 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2009/07/14 12:57:08 | 000,001,330 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2009/07/14 12:57:09 | 000,001,352 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2013/05/07 12:14:56 | 000,001,326 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2009/07/14 12:54:59 | 000,001,210 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2010/11/21 11:40:30 | 000,001,547 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2009/07/14 12:57:08 | 000,001,246 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2009/07/14 12:55:00 | 000,001,230 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk
[2009/07/14 12:54:23 | 000,001,266 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk
[2013/05/07 12:14:54 | 000,001,364 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk
[2013/05/07 12:14:54 | 000,001,238 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk
[2009/07/14 12:54:32 | 000,001,242 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk
[2013/05/12 12:23:20 | 000,001,620 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk
[2013/05/07 12:14:55 | 000,001,272 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk
[2009/07/14 12:57:08 | 000,001,330 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk
[2013/05/07 12:14:55 | 000,001,351 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk
[2009/07/14 12:54:58 | 000,001,254 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk
[2009/07/14 12:57:09 | 000,001,579 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk
[2009/07/14 12:54:58 | 000,001,322 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk
[2009/07/14 12:57:07 | 000,001,388 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk
[2009/07/14 12:55:00 | 000,001,248 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk
[2009/07/14 12:54:25 | 000,001,290 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk
[2009/07/14 12:54:58 | 000,001,252 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk
[2009/07/14 12:53:50 | 000,001,242 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk
[2009/07/14 12:53:33 | 000,001,250 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk
[2009/07/14 12:54:57 | 000,001,246 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk
[2009/07/14 12:54:29 | 000,001,268 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk
[2009/07/14 12:57:09 | 000,001,320 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk
[2009/07/14 12:57:09 | 000,001,316 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk
[2013/05/07 12:14:56 | 000,001,436 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk
[2013/05/07 12:14:55 | 000,001,386 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk
[2013/05/07 12:14:54 | 000,001,316 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk
[2009/07/14 13:32:31 | 000,001,989 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk
[2009/07/14 12:57:13 | 000,001,468 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk
[2009/07/14 12:57:13 | 000,001,468 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk
[2009/07/14 13:32:31 | 000,001,899 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk
[2013/05/11 16:49:23 | 000,002,063 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Acer eDisplay Management.lnk
[2013/05/11 16:49:23 | 000,002,196 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Diagnostics.lnk
[2013/05/11 16:49:23 | 000,002,539 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Uninstall Acer eDisplay Management.lnk
[2009/07/14 12:57:13 | 000,001,242 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk
[2009/07/14 12:54:21 | 000,001,294 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk
[2009/07/14 12:53:52 | 000,001,270 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk
[2009/07/14 12:54:29 | 000,001,298 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk
[2009/07/14 12:54:22 | 000,001,274 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk
[2009/07/14 12:53:33 | 000,001,268 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk
[2013/05/13 13:15:35 | 000,001,539 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 2.0 Configuration.lnk
[2009/07/14 12:53:50 | 000,001,232 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk
[2009/07/14 12:54:05 | 000,001,288 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 12:53:33 | 000,001,246 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk
[2009/07/14 12:54:29 | 000,001,262 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk
[2009/07/14 12:53:58 | 000,001,274 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk
[2009/07/14 13:32:31 | 000,002,741 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk
[2013/05/11 16:24:22 | 000,002,062 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite II\AI Suite II 2.01.01.lnk
[2013/05/11 16:24:22 | 000,001,661 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite II\AI Suite II uninstall.lnk
[2013/08/10 01:10:54 | 000,002,071 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Internet Security 2012 Help.lnk
[2013/08/10 01:10:54 | 000,002,087 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira on the Internet.lnk
[2013/08/10 01:10:54 | 000,001,204 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Display readme.lnk
[2013/08/10 01:10:54 | 000,002,094 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Start Avira Internet Security 2012.lnk
[2014/01/19 21:13:04 | 000,001,837 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk
[2013/06/25 00:08:38 | 000,002,358 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon MX390 series Manual\Canon MX390 series On-screen Manual.lnk
[2013/06/25 00:14:28 | 000,002,115 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk
[2013/06/25 00:10:29 | 000,002,101 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Image Garden\My Image Garden.lnk
[2013/06/25 00:09:04 | 000,001,828 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk
[2013/06/25 00:12:32 | 000,002,049 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Quick Menu\Quick Menu.lnk
[2013/06/25 00:09:25 | 000,002,105 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Speed Dial Utility\Speed Dial Utility.lnk
[2013/05/07 12:14:54 | 000,000,352 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk
[2009/07/14 12:55:00 | 000,000,364 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk
[2009/07/14 12:54:59 | 000,000,258 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk
[2009/07/14 12:57:12 | 000,000,356 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk
[2013/05/07 12:14:54 | 000,000,474 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk
[2013/05/07 12:14:54 | 000,000,470 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk
[2013/05/07 12:14:54 | 000,000,466 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk
[2013/05/07 12:14:54 | 000,000,360 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk
[2009/07/14 12:57:12 | 000,000,376 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk
[2009/07/14 12:57:12 | 000,000,370 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\More Games from Microsoft.lnk
[2009/07/14 12:57:12 | 000,000,378 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Purble Place.lnk
[2009/07/14 12:55:01 | 000,000,368 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk
[2009/07/14 12:57:12 | 000,000,392 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk
[2013/09/25 17:08:12 | 000,002,218 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[2013/05/11 16:10:34 | 000,001,490 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk
[2013/06/24 00:15:06 | 000,001,043 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk
[2013/06/24 00:15:06 | 000,001,043 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk
[2013/06/24 00:15:06 | 000,001,055 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk
[2014/01/18 09:38:20 | 000,001,953 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk
[2014/01/18 09:38:20 | 000,001,971 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk
[2014/01/18 09:38:20 | 000,001,929 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk
[2014/01/18 09:38:20 | 000,001,206 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk
[2014/01/18 09:38:20 | 000,001,114 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk
[2013/06/24 12:19:37 | 000,002,132 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk
[2013/06/24 12:19:37 | 000,001,295 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk
[2013/06/24 12:19:37 | 000,002,078 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk
[2013/06/24 12:19:37 | 000,002,122 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk
[2013/06/24 12:19:37 | 000,002,112 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk
[2013/06/24 12:19:37 | 000,002,104 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk
[2013/06/24 12:19:37 | 000,001,933 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk
[2013/06/24 12:19:37 | 000,001,945 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk
[2013/06/24 12:19:37 | 000,001,933 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk
[2013/06/24 12:19:37 | 000,002,213 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk
[2013/06/24 12:19:37 | 000,001,211 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk
[2013/06/24 12:19:37 | 000,001,284 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk
[2013/06/24 12:19:37 | 000,001,254 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk
[2013/06/24 12:19:37 | 000,002,138 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk
[2013/06/24 12:19:37 | 000,002,047 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk
[2013/05/18 16:29:29 | 000,001,762 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Logitech\Mouse and Keyboard\Mouse and Keyboard Settings.lnk
[2013/05/18 16:29:38 | 000,001,126 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Logitech\Unifying\Logitech Unifying Software.lnk
[2009/07/14 12:57:07 | 000,001,304 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk
[2009/07/14 12:57:07 | 000,001,248 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk
[2009/07/14 12:57:09 | 000,001,212 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk
[2014/01/12 23:07:51 | 000,001,091 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk
[2014/01/12 23:07:51 | 000,001,091 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk
[2014/01/12 23:07:51 | 000,001,115 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk
[2014/01/12 23:07:51 | 000,001,264 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk
[2013/07/17 17:00:43 | 000,001,313 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MATLAB\R2013a Student Version (32-bit)\Activate MATLAB R2013a.lnk
[2013/07/17 17:00:43 | 000,001,383 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MATLAB\R2013a Student Version (32-bit)\MATLAB R2013a Student Version (32-bit).lnk
[2014/02/11 13:59:31 | 000,001,119 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Control Center.lnk
[2014/02/11 13:59:31 | 000,001,058 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Real-Time Monitor.lnk
[2014/02/11 13:59:31 | 000,000,814 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\All scans.lnk
[2014/02/11 13:59:31 | 000,000,824 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Last scan.lnk
[2014/02/11 13:59:31 | 000,000,857 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Summary.lnk
[2014/02/11 13:59:31 | 000,001,187 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\Tools\MCShield Translator.lnk
[2014/02/11 13:59:31 | 000,001,060 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\Uninstall\Uninstall MCShield.lnk
[2013/06/24 12:15:42 | 000,000,846 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey on the Web.lnk
[2013/06/24 12:15:42 | 000,001,038 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey Read Me.lnk
[2013/06/24 12:15:42 | 000,001,065 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey.lnk
[2013/06/24 12:15:42 | 000,001,050 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MediaMonkey\Uninstall MediaMonkey.lnk
[2013/05/18 16:28:21 | 000,002,687 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Connect Keyboard for Bluetooth.lnk
[2013/05/18 16:28:21 | 000,002,715 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Keyboard Healthy Computing Guide.lnk
[2013/05/18 16:28:21 | 000,002,847 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Keyboard Help.lnk
[2013/05/18 16:28:21 | 000,002,695 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Microsoft Keyboard.lnk
[2013/05/18 16:28:21 | 000,002,747 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Quality Settings.lnk
[2013/05/13 13:15:35 | 000,002,643 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk
[2013/09/14 08:18:36 | 000,002,655 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk
[2013/05/13 13:15:35 | 000,002,697 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk
[2013/05/13 13:15:35 | 000,002,687 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk
[2013/05/13 13:15:35 | 000,002,619 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk
[2013/05/13 13:15:35 | 000,002,693 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk
[2013/05/13 13:15:35 | 000,002,645 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk
[2013/05/13 13:15:35 | 000,002,611 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk
[2013/05/13 13:15:35 | 000,002,693 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk
[2013/05/13 13:15:35 | 000,002,647 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk
[2013/05/13 13:15:35 | 000,002,627 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk
[2013/05/13 13:15:35 | 000,002,527 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk
[2013/05/13 13:15:35 | 000,002,625 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk
[2013/05/13 13:15:35 | 000,002,605 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk
[2013/05/13 13:14:19 | 000,001,273 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005\Visual Studio Tools\Visual Studio 2005 Remote Debugger Configuration Wizard.lnk
[2014/01/24 12:18:00 | 000,001,329 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk
[2014/01/24 13:34:39 | 000,002,121 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk
[2014/01/24 13:34:39 | 000,002,133 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk
[2014/01/24 13:34:39 | 000,002,139 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk
[2014/01/24 13:34:39 | 000,002,137 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Help.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Virtual Drive Manager.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO.lnk
[2013/05/13 13:17:24 | 000,001,914 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\PowerISO\Uninstall PowerISO.lnk
[2013/05/18 16:18:46 | 000,002,441 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk
[2013/05/18 16:18:46 | 000,002,471 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk
[2013/05/18 16:18:46 | 000,002,441 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk
[2013/05/18 16:18:46 | 000,001,816 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk
[2013/12/13 18:00:28 | 000,002,563 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk
[2013/12/13 18:00:24 | 000,001,193 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk
[2013/12/13 18:00:22 | 000,001,135 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk
[2013/12/13 18:00:19 | 000,001,252 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk
[2013/05/11 16:15:33 | 000,001,120 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Realtek\Realtek Ethernet Diagnostic Utility\Realtek Ethernet Diagnostic Utility.lnk
[2013/12/10 10:28:12 | 000,001,113 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician\Samsung Magician.lnk
[2013/12/10 10:28:12 | 000,002,003 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician\Uninstall Samsung Magician.lnk
[2013/05/12 12:35:15 | 000,002,111 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Samsung\Data Migration\Data Migration.lnk
[2013/09/27 13:21:36 | 000,002,743 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0\Seagate Dashboard 2.0.lnk
[2013/09/27 13:07:09 | 000,002,477 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk
[2013/05/13 12:16:06 | 000,001,059 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster Help.lnk
[2013/05/13 12:16:06 | 000,001,101 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster.lnk
[2013/06/23 13:15:50 | 000,001,075 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Download Tag&Rename User Manual in pdf.lnk
[2013/06/23 13:15:50 | 000,000,975 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Tag&Rename help.lnk
[2013/06/23 13:15:50 | 000,001,045 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Tag&Rename.lnk
[2013/05/11 17:13:33 | 000,001,136 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\VIRTU MVP\VIRTU MVP Control Panel.lnk
[2013/05/11 17:13:33 | 000,001,093 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\VIRTU MVP\VIRTU MVP Uninstall.lnk
[2013/09/27 14:43:59 | 000,001,272 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Data Lifeguard Diagnostic for Windows.lnk
[2013/09/27 14:43:59 | 000,001,260 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Help Documentation.lnk
[2013/09/27 14:43:59 | 000,001,284 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Uninstall Data Lifeguard Diagnostic for Windows.lnk
[2013/12/10 20:54:07 | 000,001,213 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Unlocker.lnk
[2013/10/25 20:37:09 | 000,001,207 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Utilities.lnk
[2013/12/10 20:54:07 | 000,001,181 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Security.lnk
[2013/11/26 17:57:49 | 000,001,174 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD Quick View.lnk
[2013/11/26 17:57:44 | 000,001,168 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD SmartWare.lnk
[2013/08/04 19:36:11 | 000,002,020 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Windows Phone\Windows Phone app for desktop.lnk
[2013/06/23 13:16:51 | 000,001,008 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk
[2013/06/23 13:16:51 | 000,001,027 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk
[2013/06/23 13:16:51 | 000,001,027 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
[2009/07/14 12:49:38 | 000,000,290 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2009/07/14 12:49:38 | 000,000,272 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2009/07/14 12:54:59 | 000,001,238 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk
[2009/07/14 12:54:27 | 000,001,280 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk
[2009/07/14 12:54:32 | 000,001,304 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk
[2009/07/14 12:49:38 | 000,001,228 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk
[2009/07/14 12:54:01 | 000,001,358 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk
[2009/07/14 12:54:00 | 000,001,258 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk
[2009/07/14 12:54:02 | 000,001,262 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
[2009/07/14 12:54:00 | 000,001,250 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk
[2009/07/14 12:54:59 | 000,001,306 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk
[2013/05/11 16:40:48 | 000,002,045 | ---- | M] () -- C:\Users\Public\Desktop\Acer eDisplay Management.lnk
[2014/01/18 09:17:07 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/01/19 21:13:21 | 000,001,820 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
[2013/08/10 01:10:54 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013/06/25 00:08:36 | 000,002,358 | ---- | M] () -- C:\Users\Public\Desktop\Canon MX390 series On-screen Manual.lnk
[2013/06/25 00:12:32 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2013/05/12 12:35:15 | 000,002,087 | ---- | M] () -- C:\Users\Public\Desktop\Data Migration.lnk
[2013/12/16 16:44:59 | 000,001,311 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013/09/25 17:08:12 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/12 23:07:51 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/24 12:15:42 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\MediaMonkey.lnk
[2013/05/13 12:16:22 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/05/13 13:17:24 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/12/13 18:00:29 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/09/27 13:21:36 | 000,002,725 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Dashboard 2.0.lnk
[2013/09/27 13:07:09 | 000,002,453 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2013/05/13 12:16:06 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2014/01/19 21:13:20 | 000,001,767 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013/10/25 20:37:09 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\WD Drive Utilities.lnk
[2013/06/24 11:23:37 | 000,002,283 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/28 08:10:26 | 000,001,401 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2009/07/14 12:49:38 | 000,000,290 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2009/07/14 12:49:38 | 000,000,272 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/06/30 14:26:56 | 000,002,675 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk
[2013/06/23 12:29:26 | 000,002,294 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[2013/11/26 23:29:53 | 000,001,423 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
[2014/02/11 09:15:12 | 000,001,163 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
[2009/07/14 12:49:38 | 000,001,228 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk
[2010/11/21 11:40:30 | 000,001,547 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk
[2014/01/26 23:26:56 | 000,000,534 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Ahmad Shahruddin CV(2).LNK
[2014/01/26 23:27:00 | 000,000,534 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Ahmad Shahruddin CV(3).LNK
[2014/02/04 21:10:15 | 000,001,263 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\AJBA test notes.LNK
[2014/01/11 12:09:35 | 000,000,875 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
[2013/07/05 08:56:48 | 000,000,293 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\din property.LNK
[2014/01/26 23:27:00 | 000,000,381 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\DIN's Resune.LNK
[2014/02/01 20:42:26 | 000,001,199 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\DNB.LNK
[2014/02/04 21:10:15 | 000,001,086 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Downloads.LNK
[2013/09/23 19:29:34 | 000,001,087 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Faisal_-_Resume updated.LNK
[2014/02/01 22:52:24 | 000,001,228 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Start up.LNK
[2013/06/29 16:38:32 | 000,001,123 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Templates.LNK
[2013/08/11 08:14:16 | 000,001,812 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\07 Pieces.lnk
[2013/11/15 02:34:58 | 000,002,189 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\2.Guns.2013.BDRip.X264-SPARKS.lnk
[2013/11/28 10:52:56 | 000,002,499 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\20131127_135854.lnk
[2013/08/24 18:48:58 | 000,000,828 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\28888650_20130819_0095.lnk
[2013/10/03 09:36:19 | 000,000,393 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\28888650_20130918_0096.lnk
[2013/12/20 11:05:29 | 000,001,037 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\28888650_20131219_0099.lnk
[2013/12/10 06:31:46 | 000,002,274 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\39036403_20130718_0006.lnk
[2013/08/24 18:47:51 | 000,000,690 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\39036403_20130819_0007.lnk
[2013/12/06 08:15:08 | 000,000,785 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\A.B.J2.lnk
[2014/01/26 23:26:56 | 000,000,606 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Ahmad Shahruddin CV(2).lnk
[2014/01/26 23:27:00 | 000,000,606 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Ahmad Shahruddin CV(3).lnk
[2014/01/26 23:26:49 | 000,000,606 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Ahmad Shahruddin CV(4).lnk
[2014/02/04 21:20:37 | 000,003,848 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\AJBA test notes.lnk
[2014/01/29 17:51:02 | 000,000,656 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\American.Hustle.2013.DVDScr.XVID.AC3.HQ.Hive-CM8.lnk
[2013/07/20 18:48:04 | 000,000,381 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Bill.lnk
[2013/10/23 14:22:41 | 000,000,537 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\CD1.lnk
[2014/01/30 18:22:22 | 000,001,164 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Chasing the sun the wanted lyrics.lnk
[2014/01/26 23:27:23 | 000,000,579 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\clip_image002.lnk
[2013/08/07 20:52:46 | 000,001,363 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Control Systems Engineering - Lecture 5 - Block Diagrams - YouTube.lnk
[2013/11/17 14:16:18 | 000,000,319 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Data (D).lnk
[2014/01/26 23:27:23 | 000,000,421 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\DIN's Resune.lnk
[2014/02/01 20:42:26 | 000,003,073 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\DNB.lnk
[2013/12/10 06:31:46 | 000,002,031 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Documents.lnk
[2014/02/04 21:20:37 | 000,002,464 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Downloads.lnk
[2014/01/30 18:24:26 | 000,001,134 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Dynamite-Taio Cruz (lyrics).lnk
[2014/01/30 18:13:09 | 000,001,264 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Eminem - The Monster ft. Rihanna ( Lyrics On-Screen ).lnk
[2013/09/23 19:29:34 | 000,000,633 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Faisal_-_Resume updated.lnk
[2013/10/23 14:22:41 | 000,000,766 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Folder.lnk
[2013/10/10 02:12:10 | 000,000,455 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Gamer.DVDRip.XviD-DoNE (2).lnk
[2013/10/27 21:08:36 | 000,001,151 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\GSS 2013 Booklet Low Res.lnk
[2013/08/24 18:47:46 | 000,002,542 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\IMG_20130708_0001.lnk
[2013/07/08 05:47:05 | 000,002,538 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\IMG_20130708_0003.lnk
[2013/11/28 10:52:45 | 000,002,538 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\IMG_20130708_0004.lnk
[2014/01/26 23:27:16 | 000,000,603 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\IMG_20130708_0004_NEW.lnk
[2013/12/10 09:14:32 | 000,002,259 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\insidious2.brrip.xvid.lnk
[2013/12/19 19:18:04 | 000,000,438 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\ITE (2).lnk
[2014/01/02 08:53:50 | 000,000,534 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\ITE 2.lnk
[2013/12/19 19:18:04 | 000,000,558 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\ITE.lnk
[2014/01/02 08:53:50 | 000,000,673 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\ITE2.lnk
[2013/12/06 08:15:08 | 000,000,560 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Journey 2 The Mysterious Island 2012 BRRip XVID AbSurdiTy.lnk
[2013/12/06 10:39:21 | 000,000,649 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Jual.Minyak.2012.SDTVRip.x264.AC3.JaKi05.lnk
[2014/01/30 09:50:53 | 000,000,321 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Knight (K).lnk
[2013/12/10 04:06:23 | 000,002,234 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Line.of.Duty.2013.LIMITED.DVDRip.X264-GECKOS.lnk
[2013/10/03 09:36:20 | 000,000,315 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Local Disk (Z).lnk
[2014/01/30 18:04:52 | 000,001,154 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Maroon 5 - Love Somebody Lyrics.lnk
[2014/01/30 18:08:08 | 000,001,149 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\MAROON 5 ONE MORE NIGHT LYRICS.lnk
[2014/01/15 19:04:05 | 000,003,095 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Melayu.lnk
[2014/01/30 18:09:19 | 000,001,284 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Moves Like Jagger - Maroon 5 featuring Christina Aguilera.lnk
[2014/01/30 18:24:26 | 000,000,840 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Music.lnk
[2013/11/28 10:52:56 | 000,001,314 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\My Pictures.lnk
[2013/11/17 14:21:20 | 000,000,144 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Network.lnk
[2013/11/12 08:00:05 | 000,000,325 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\New Volume (E).lnk
[2013/12/09 15:12:30 | 000,000,630 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\No Subject.eml.lnk
[2013/10/09 23:53:31 | 000,000,491 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Oblivion.2013.BDRip.XviD.AC3-SANTi.lnk
[2014/01/30 18:01:39 | 000,001,164 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\One Republic - Apologize (Lyrics).lnk
[2014/01/30 18:02:40 | 000,001,179 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\One Republic Lyrics - Stop and Stare.lnk
[2013/12/09 14:38:33 | 000,000,563 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Outlook.lnk
[2013/11/08 15:26:30 | 000,001,048 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Paranoia.2013.BDRip.X264-SPARKS.lnk
[2013/12/17 08:29:48 | 000,001,930 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Phone.lnk
[2013/11/28 10:52:29 | 000,000,587 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Pictures.lnk
[2013/11/16 01:17:12 | 000,000,546 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\resume (2).lnk
[2014/01/11 12:09:35 | 000,000,553 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\resume (3).lnk
[2014/01/26 23:23:18 | 000,000,556 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\resume.lnk
[2013/11/07 02:19:11 | 000,000,516 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Rm E97-99.lnk
[2013/12/06 08:16:46 | 000,000,494 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\RM173.lnk
[2013/12/24 08:53:24 | 000,000,444 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man 720p.lnk
[2013/11/28 16:11:37 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E016.lnk
[2013/11/28 16:13:06 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E017.lnk
[2013/12/01 02:40:07 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E020.lnk
[2013/12/01 03:53:16 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E021.lnk
[2013/12/01 05:16:45 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E022.lnk
[2013/12/01 06:43:47 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E023.lnk
[2013/12/04 09:17:47 | 000,000,519 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E168 [conv] (2).lnk
[2013/12/04 09:09:19 | 000,000,519 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E168 [conv].lnk
[2014/02/08 00:22:43 | 000,000,595 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.183.lnk
[2014/01/31 10:16:13 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.52.lnk
[2014/01/31 10:16:20 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.53.lnk
[2014/02/03 05:06:58 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.56.lnk
[2014/02/03 03:24:10 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.57.lnk
[2014/02/03 15:26:21 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.58.lnk
[2014/02/04 12:21:57 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.59.lnk
[2014/02/08 00:22:18 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.60.lnk
[2014/02/05 09:16:15 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.66.lnk
[2013/11/17 14:13:14 | 000,000,522 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man.2013.DVDRip.AC3.x264-LooKMaNe (2).lnk
[2013/11/17 14:13:14 | 000,000,822 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man.2013.DVDRip.AC3.x264-LooKMaNe.lnk
[2014/02/08 00:22:43 | 000,000,424 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man.lnk
[2014/01/02 13:34:08 | 000,000,302 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Spin.lnk
[2013/09/23 15:35:47 | 000,000,997 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\star.trek.into.darkness.2013.bdrip.x264-arrow.lnk
[2013/09/23 15:35:47 | 000,000,643 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Star.Trek.Into.Darkness.2013.BDRip.x264-ARROW[rarbg].lnk
[2014/02/01 23:06:43 | 000,003,767 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Start up.lnk
[2013/11/12 06:22:46 | 000,000,545 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Tai.Chi.Hero.2012.BRRip.720p.Hero.Kuryu.TH.lnk
[2013/11/12 08:00:05 | 000,000,545 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Tai.Chi.Zero.2012.BRRip.720p.Hero.Kuryu.TH.lnk
[2013/12/06 10:39:21 | 000,000,416 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Telemovie.lnk
[2014/01/30 18:20:17 | 000,001,164 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\The Wanted - Glad You Came Lyrics.lnk
[2013/11/12 04:32:03 | 000,000,488 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\The.Colony.2013.DVDRip.XviD-ViP3R (2).lnk
[2013/11/08 15:26:08 | 000,001,128 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\The.Wolverine.2013.EXTENDED.BDRip.X264-ALLiANCE.lnk
[2014/01/30 18:16:01 | 000,001,124 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Tik Tok-Kesha with Lyrics.lnk
[2014/01/29 17:51:02 | 000,000,407 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\today.lnk
[2014/01/30 09:50:53 | 000,000,484 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Ular [2013] DVDRip 480p.lnk
[2013/12/15 09:44:01 | 000,002,023 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Video.lnk
[2014/01/29 17:46:24 | 000,000,955 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\[engsub] Running Man Ep.182 - Guest_ Im Si Wan, Do Hee, Yeo Jin Goo __ KShowOnline.Com __ Watch Korean Shows Online with English Subtitles.lnk
[2009/07/14 12:54:59 | 000,001,238 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk
[2013/11/28 08:10:26 | 000,001,413 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/11/28 08:10:26 | 000,001,407 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2009/07/14 12:54:27 | 000,001,280 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk
[2009/07/14 12:54:32 | 000,001,304 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk
[2009/07/14 12:49:38 | 000,001,228 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk
[2009/07/14 12:54:01 | 000,001,358 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk
[2009/07/14 12:54:00 | 000,001,258 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk
[2009/07/14 12:54:02 | 000,001,262 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
[2009/07/14 12:54:00 | 000,001,250 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk
[2013/11/28 08:10:26 | 000,001,457 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[2009/07/14 12:54:59 | 000,001,306 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk
[2013/08/30 07:59:43 | 000,001,151 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Juniper Networks\Host Checker\Uninstall Host Checker.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk
[2013/09/12 07:31:17 | 000,000,477 | ---- | M] () -- C:\Users\Share\Links\Desktop.lnk
[2013/09/12 07:31:17 | 000,000,892 | ---- | M] () -- C:\Users\Share\Links\Downloads.lnk
[2013/09/12 07:31:17 | 000,000,363 | ---- | M] () -- C:\Users\Share\Links\RecentPlaces.lnk
[2013/06/23 12:29:26 | 000,002,283 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/27 20:32:30 | 000,001,401 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2009/07/14 12:49:38 | 000,000,290 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/06/23 13:15:50 | 000,001,051 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Tag&Rename.lnk
[2009/07/14 12:49:38 | 000,000,272 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/05/13 12:10:54 | 000,002,294 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[2013/11/26 17:55:53 | 000,001,423 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
[2014/02/05 18:28:41 | 000,001,164 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
[2009/07/14 12:49:38 | 000,001,228 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk
[2010/11/21 11:40:30 | 000,001,547 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk
[2013/08/20 17:01:47 | 000,002,032 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\2 PSpice Simulation.LNK
[2013/10/01 16:59:38 | 000,000,801 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Ahmad Faris Bin Abdul Jalil SMRT Application Form.LNK
[2014/02/11 11:32:23 | 000,000,420 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Assignment 2044.LNK
[2014/02/11 11:28:14 | 000,000,429 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Assignment two feb.LNK
[2013/11/29 12:39:22 | 000,000,319 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\BPLRT Ops Rota1.LNK
[2013/12/07 23:50:04 | 000,000,520 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Copy of MUP Claim Form 2009.LNK
[2013/12/07 23:50:25 | 000,000,511 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Copy of resume (updated).LNK
[2014/01/27 09:36:19 | 000,000,381 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\DIN's Resune.LNK
[2013/07/05 18:22:47 | 000,000,351 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Din.LNK
[2013/12/07 23:50:25 | 000,000,352 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\doc.LNK
[2014/01/30 22:43:48 | 000,001,013 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Documents.LNK
[2014/02/11 00:02:25 | 000,000,895 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Downloads.LNK
[2014/02/11 00:02:25 | 000,001,097 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\EEET_2044_Assignment.LNK
[2014/01/20 15:17:20 | 000,001,112 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Example_2_-_Displacement.LNK
[2013/10/17 18:29:05 | 000,000,460 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Faris.LNK
[2013/12/24 21:50:04 | 000,000,188 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\FARIS1408 (K).LNK
[2013/07/23 17:28:11 | 000,000,536 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\iPTo.LNK
[2013/07/06 18:09:03 | 000,000,184 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\JALIL (K).LNK
[2014/01/30 22:43:48 | 000,001,155 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\lecture23.LNK
[2013/12/07 23:50:15 | 000,000,496 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\MUP Claim Form 2009.LNK
[2013/08/04 22:47:53 | 000,000,911 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\My Documents.LNK
[2014/02/11 11:32:23 | 000,000,286 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\My Passport (L).LNK
[2013/09/02 21:04:58 | 000,001,102 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Quiz.LNK
[2014/02/11 10:55:21 | 000,000,179 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Removable Disk (K).LNK
[2014/01/27 09:36:19 | 000,000,484 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\resume.LNK
[2013/08/20 17:01:47 | 000,001,840 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Sig&Sys Practical 6 Data Sets.LNK
[2014/01/30 22:45:20 | 000,001,401 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Signals and Systems 3041.LNK
[2014/02/11 10:55:21 | 000,000,301 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\SS Report B.LNK
[2013/11/05 13:44:10 | 000,001,212 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Star Three Sixty- Temp Retail Sales- Paragon.LNK
[2013/10/01 16:59:38 | 000,000,567 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Work related.LNK
[2014/02/11 00:14:40 | 000,001,201 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\World Of Our Own [CDS - 2] - Westlife [2002].LNK
[2014/02/11 00:14:40 | 000,000,982 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\[2002] World of Our Own [CDS - 2] - 50.7mb @ 320kbs ##.LNK
[2014/02/10 23:52:37 | 000,000,981 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\07 Crush.lnk
[2014/02/10 23:27:38 | 000,001,366 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\08- Shawn Desman - Night Like This.lnk
[2014/02/11 14:14:54 | 000,000,391 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\1 (2).lnk
[2014/02/07 10:27:29 | 000,002,388 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\1.lnk
[2014/02/10 23:27:38 | 000,000,965 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\2010 - Shawn Desman - Fresh.lnk
[2014/01/18 18:23:30 | 000,000,944 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\20130723 BEng Electrical TT I14 V0203 Kaplan.lnk
[2014/01/18 18:25:48 | 000,000,944 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\20132012 BEng Electrical TT I14 V0203 Kaplan.lnk
[2014/02/11 00:38:49 | 000,000,797 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\A To Z - Bicara Rindu.lnk
[2014/02/11 00:38:40 | 000,000,827 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\A To Z - Dulu Dan Selamanya.lnk
[2014/02/11 00:38:49 | 000,000,576 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\A to Z.lnk
[2014/01/17 16:29:54 | 000,000,647 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\a.single.shot.2013.limited.bdrip.x264-amiable (2).lnk
[2014/01/18 15:48:42 | 000,000,997 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\a.single.shot.2013.limited.bdrip.x264-amiable.lnk
[2014/01/27 09:35:56 | 000,000,606 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Ahmad Shahruddin CV(3).lnk
[2014/02/11 14:05:16 | 000,000,782 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\AllScans.lnk
[2014/01/24 13:30:06 | 000,000,986 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\American.Hustle.2013.DVDScr.XVID.AC3.HQ.Hive-CM8.lnk
[2014/01/27 13:41:03 | 000,000,639 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Analog and Digital Signals and Systems.lnk
[2014/02/11 11:32:23 | 000,000,468 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Assignment 2044.lnk
[2014/02/11 11:32:15 | 000,000,477 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Assignment two feb.lnk
[2014/01/08 21:19:25 | 000,002,474 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Assignment.lnk
[2014/02/05 08:07:04 | 000,000,502 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\aswMBR (2).lnk
[2014/02/05 08:05:54 | 000,000,456 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\aswMBR.lnk
[2014/02/06 19:48:25 | 000,000,893 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bank.lnk
[2014/02/09 18:59:39 | 000,002,410 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\bcs.lnk
[2014/01/30 22:44:09 | 000,001,238 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bode_Plots.lnk
[2014/02/11 00:22:09 | 000,001,048 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bop Bop Baby.lnk
[2014/01/28 13:24:14 | 000,001,628 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\cds-logo.jpg w=135&h=123.lnk
[2014/01/24 13:19:46 | 000,001,037 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\cocain-freebirdsr (2).lnk
[2014/01/24 13:19:31 | 000,001,037 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\cocain-freebirdsr.lnk
[2014/02/09 19:59:21 | 000,000,877 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Compressed.lnk
[2014/02/11 00:02:25 | 000,000,435 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Downloads.lnk
[2014/02/11 10:54:28 | 000,000,337 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\DSC_1454.lnk
[2014/02/11 11:00:09 | 000,000,364 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\DSC_1454for email.lnk
[2014/01/19 21:19:04 | 000,001,041 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\ebay.lnk
[2014/01/30 22:49:10 | 000,000,706 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\EE2010_Revision Summary.lnk
[2014/02/11 00:02:25 | 000,000,691 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\EEET_2044_Assignment.lnk
[2014/01/17 16:30:32 | 000,000,659 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Endrendrum Punnagai (2013) - 1CD - Web Rip - Xvid.lnk
[2014/01/24 13:20:24 | 000,001,080 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Escape.Plan.2013.720p.BluRay.x264-YIFY.lnk
[2014/01/24 13:21:16 | 000,001,218 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\escape.plan.2013.bdrip.x264-sparks.lnk
[2014/01/20 15:14:04 | 000,000,711 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Example_1_-_Displacement.lnk
[2014/01/20 15:26:30 | 000,000,706 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Example_2_-_Displacement.lnk
[2014/02/07 10:32:00 | 000,000,745 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Extras.lnk
[2014/02/09 18:29:09 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e01.dvdrip.x264-demand (2).lnk
[2014/02/09 18:29:56 | 000,000,891 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E01.DVDRip.X264-DEMAND (5).lnk
[2014/02/09 18:28:26 | 000,001,244 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e01.dvdrip.x264-demand.proof.lnk
[2014/02/09 18:38:09 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e13.dvdrip.x264-demand (2).lnk
[2014/02/09 18:38:28 | 000,000,891 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E13.DVDRip.X264-DEMAND (4).lnk
[2014/02/09 18:39:03 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e14.dvdrip.x264-demand (2).lnk
[2014/02/09 18:39:40 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e15.dvdrip.x264-demand (2).lnk
[2014/02/09 18:39:40 | 000,000,769 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E15.DVDRip.X264-DEMAND (3).lnk
[2014/02/09 18:40:10 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e16.dvdrip.x264-demand (2).lnk
[2014/02/09 18:40:10 | 000,000,769 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E16.DVDRip.X264-DEMAND (3).lnk
[2014/02/09 18:40:44 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e17.dvdrip.x264-demand (2).lnk
[2014/02/09 18:40:44 | 000,000,769 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E17.DVDRip.X264-DEMAND (3).lnk
[2014/02/09 18:41:18 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e18.dvdrip.x264-demand (2).lnk
[2014/02/09 18:41:18 | 000,000,769 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E18.DVDRip.X264-DEMAND (3).lnk
[2014/02/09 18:42:03 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e19.dvdrip.x264-demand (2).lnk
[2014/02/09 18:42:03 | 000,000,769 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E19.DVDRip.X264-DEMAND (3).lnk
[2014/02/09 18:41:43 | 000,001,503 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E19.DVDRip.X264-DEMAND.lnk
[2014/02/09 18:41:43 | 000,001,046 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e19.dvdrip.x264-demand.subs (2).lnk
[2014/02/09 18:41:33 | 000,001,236 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e19.dvdrip.x264-demand.subs.lnk
[2014/02/09 18:42:34 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e20.dvdrip.x264-demand (2).lnk
[2014/02/09 18:42:34 | 000,000,769 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E20.DVDRip.X264-DEMAND (3).lnk
[2014/02/09 18:42:27 | 000,000,704 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E20.DVDRip.X264-DEMAND.lnk
[2014/02/09 18:42:22 | 000,001,236 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e20.dvdrip.x264-demand.subs.lnk
[2014/02/09 18:43:02 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e21.dvdrip.x264-demand (2).lnk
[2014/02/09 18:43:02 | 000,000,769 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E21.DVDRip.X264-DEMAND (3).lnk
[2014/02/09 18:42:55 | 000,000,704 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E21.DVDRip.X264-DEMAND.lnk
[2014/02/09 18:42:49 | 000,001,236 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e21.dvdrip.x264-demand.subs.lnk
[2014/02/09 18:43:29 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e22.dvdrip.x264-demand (2).lnk
[2014/02/09 18:43:29 | 000,000,769 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E22.DVDRip.X264-DEMAND (3).lnk
[2014/02/09 18:43:23 | 000,000,704 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E22.DVDRip.X264-DEMAND.lnk
[2014/02/09 18:43:18 | 000,001,236 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e22.dvdrip.x264-demand.subs.lnk
[2014/01/24 12:53:41 | 000,000,950 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\fbrpk-coc.lnk
[2014/01/27 13:45:05 | 000,000,633 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Fundamentals of Mechatronics (gnv64).lnk
[2014/01/18 18:23:24 | 000,000,799 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\fx-96SG_PLUS_EN.lnk
[2014/02/11 00:03:19 | 000,001,077 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\I Drive Myself Crazy.lnk
[2014/01/26 19:39:34 | 000,000,776 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Imam.Bisu.2014.HDTV.480p.x264.AC3-LTTi.lnk
[2014/01/17 16:30:09 | 000,000,596 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Jilla (2014) - HD Scr - 720p.lnk
[2014/02/10 20:13:56 | 000,000,321 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Knight (K).lnk
[2014/01/19 18:00:14 | 000,000,545 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\labvi.lnk
[2014/01/27 13:41:14 | 000,000,708 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\LabVIEW Data Acquisition Basics Manual - National Instruments.lnk
[2014/01/27 13:40:35 | 000,000,639 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Larsen LabVIEW for Engineers 1st txtbk.lnk
[2014/01/30 22:43:48 | 000,000,769 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\lecture23.lnk
[2014/02/10 23:52:37 | 000,000,752 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Mandy Moore - Self Titled (2001).lnk
[2014/02/11 14:05:16 | 000,000,597 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\MCShield.lnk
[2014/02/11 11:33:20 | 000,000,507 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\media_2.lnk
[2014/02/11 14:14:49 | 000,000,507 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\media_3.lnk
[2014/02/11 14:14:54 | 000,000,507 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\media_4.lnk
[2014/02/11 00:38:49 | 000,000,529 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Music.lnk
[2014/02/11 11:32:23 | 000,000,326 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\My Passport (L).lnk
[2014/01/31 17:06:21 | 000,000,896 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\pcopy.lnk
[2014/02/05 14:17:04 | 000,000,896 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\photo.lnk
[2014/01/30 22:45:20 | 000,001,288 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Practical 6_Ahmad F.lnk
[2014/02/08 22:23:35 | 000,000,492 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Practical feb seventeen.lnk
[2014/02/08 22:44:56 | 000,000,388 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\practical research.lnk
[2014/01/21 20:49:51 | 000,000,639 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\practical(1).vi.lnk
[2014/01/16 00:57:03 | 000,000,624 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\practical.vi.lnk
[2014/02/11 11:00:09 | 000,000,219 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Removable Disk (K).lnk
[2014/01/27 09:44:17 | 000,000,556 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\resume.lnk
[2014/02/11 13:48:56 | 000,000,601 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Rigor.Mortis.2013.BRRip.XviD.AC3-RARBG (2).lnk
[2014/02/11 13:48:56 | 000,000,906 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Rigor.Mortis.2013.BRRip.XviD.AC3-RARBG.lnk
[2014/01/20 16:49:31 | 000,000,624 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.143.lnk
[2014/01/21 22:11:43 | 000,000,782 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.181.lnk
[2014/02/04 22:07:42 | 000,000,625 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.182.lnk
[2014/01/16 13:40:16 | 000,000,592 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.45.lnk
[2014/01/24 01:23:29 | 000,000,592 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.48.lnk
[2014/02/09 20:02:10 | 000,001,150 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\S01E24.lnk
[2014/02/09 00:01:15 | 000,000,880 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\santi-runnerrunner.brrip.xvid.lnk
[2014/02/10 23:08:28 | 000,000,743 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Shayne Ward - Obsession [MP3].lnk
[2014/01/30 23:21:18 | 000,000,975 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Signals and Systems.lnk
[2014/01/22 17:15:40 | 000,000,569 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\smrt-copy (2).lnk
[2014/02/11 10:55:21 | 000,000,349 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\SS Report B.lnk
[2014/02/09 18:43:18 | 000,000,848 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Subs.lnk
[2014/02/11 00:07:05 | 000,001,074 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Tearin' Up My Heart.lnk
[2014/02/09 20:12:36 | 000,001,168 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The Cosby Outtakes Show.lnk
[2014/02/09 20:12:44 | 000,001,177 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The Cosby Show A Look Back.lnk
[2014/02/09 19:59:21 | 000,001,470 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The Cosby Show Complete Pack (Tv Series, Specials, 2 Stand ups) DVDRIP (WAZZ).part01.lnk
[2014/02/09 19:00:10 | 000,001,151 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The Cosby Show Complete Pack (Tv Series, Specials, 2 Stand ups) DVDRIP (WAZZ).part02.lnk
[2014/02/09 20:02:10 | 000,000,809 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The Cosby Show Season 1 DVDRIP (WAZZ).lnk
[2014/02/09 20:12:52 | 000,000,788 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The Cosby Show Specials (WAZZ).lnk
[2014/02/09 20:12:52 | 000,001,222 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The Last Laugh Memories Of The Cosby Show.lnk
[2014/01/24 13:24:10 | 000,001,590 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The.Hunger.Games.Catching.Fire.2013.IMAX.EDiTION.BRRip.XviD-ViP3R (2).lnk
[2014/01/24 13:14:31 | 000,001,483 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The.Hunger.Games.Catching.Fire.2013.IMAX.EDiTION.BRRip.XviD-ViP3R.www.RapidMovieZ.com.lnk
[2014/01/27 14:16:18 | 000,001,050 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The.Wolf.of.Wall.Street.2013.DVDScr.XVID.AC3.HQ.Hive-CM8.lnk
[2014/01/18 18:24:03 | 000,000,875 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Timetable.lnk
[2014/01/17 16:29:19 | 000,000,599 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Tom Yum Goong 2 [2013] DVDRip (2).lnk
[2014/01/18 15:55:23 | 000,000,669 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Tom Yum Goong 2 [2013] DVDRip.lnk
[2014/01/30 22:43:19 | 000,000,681 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Tutorial_5_Solution.lnk
[2014/02/11 00:38:49 | 000,000,373 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Ulysses.lnk
[2014/01/18 16:21:13 | 000,000,940 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Uni-SA-icon-for-web (2).lnk
[2014/01/18 16:19:48 | 000,000,940 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Uni-SA-icon-for-web.lnk
[2014/02/10 20:13:56 | 000,000,550 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Ustaz Mu Tunggu Aku Datang (2013) DVDRip 480p.lnk
[2014/02/11 13:14:06 | 000,000,848 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Video.lnk
[2014/02/11 13:14:06 | 000,001,086 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\videoplayback_2.lnk
[2014/02/11 00:14:26 | 000,001,039 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Walk Away.lnk
[2014/02/11 00:10:32 | 000,001,089 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\When You're Looking Like That.lnk
[2014/02/11 00:18:31 | 000,001,063 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Why Do I Love You.lnk
[2014/02/11 00:19:23 | 000,001,153 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\World Of Our Own - Westlife (Booklet 02) [2001].lnk
[2014/02/11 00:19:30 | 000,001,135 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\World Of Our Own - Westlife (Disc) [2001].lnk
[2014/02/11 00:14:57 | 000,001,512 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\World Of Our Own [CDS - 2] - Westlife (Disc) [2002].lnk
[2014/02/11 00:14:40 | 000,001,491 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\World Of Our Own [CDS - 2] - Westlife [2002].lnk
[2014/02/11 00:38:43 | 000,000,628 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\World of Our Own.lnk
[2014/01/31 17:27:43 | 000,001,258 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\www.TamilRockers.net - Veeram (2014) LOTUS HD-Rip - X264 - AC3 5.1 - 2.6GB - Tamil.lnk
[2014/02/11 00:07:05 | 000,000,788 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\[1998] Nsync & 1CDS - Nsync - 159mb @ 320kbs.lnk
[2014/02/11 00:10:32 | 000,000,779 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\[2000] Coast To Coast - Westlife @ 320kbs.lnk
[2014/02/11 00:22:09 | 000,000,785 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\[2001] World Of Our Own - Westlife @ 320kbs.lnk
[2014/02/11 00:14:57 | 000,001,022 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\[2002] World of Our Own [CDS - 2] - 50.7mb @ 320kbs ##.lnk
[2014/01/28 13:51:47 | 000,000,585 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\[KSHOWNOW]RM138.720P.lnk
[2014/01/25 21:46:02 | 000,000,919 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\[KSHOWNOW]Running.Man.EP132.720P.lnk
[2014/02/02 00:49:49 | 000,000,630 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\[KSHOWNOW]Running.Man.EP145.720p_QC.lnk
[2009/07/14 12:54:59 | 000,001,238 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk
[2013/11/27 20:32:30 | 000,001,413 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/11/27 20:32:30 | 000,001,407 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/12/16 16:31:29 | 000,001,164 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2009/07/14 12:54:27 | 000,001,280 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk
[2009/07/14 12:54:32 | 000,001,304 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk
[2009/07/14 12:49:38 | 000,001,228 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk
[2009/07/14 12:54:01 | 000,001,358 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk
[2009/07/14 12:54:00 | 000,001,258 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk
[2009/07/14 12:54:02 | 000,001,262 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
[2009/07/14 12:54:00 | 000,001,250 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk
[2013/11/27 20:32:30 | 000,001,457 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[2009/07/14 12:54:59 | 000,001,306 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk
[2013/05/13 12:19:11 | 000,002,951 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk
[2013/06/24 00:15:06 | 000,001,061 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk
[2013/06/24 00:15:06 | 000,001,049 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk
[2013/06/24 00:15:06 | 000,001,049 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk
[2013/06/24 00:15:06 | 000,001,061 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk
[2013/06/24 00:15:06 | 000,001,049 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk
[2013/06/24 00:15:06 | 000,001,073 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk
[2013/05/13 12:35:19 | 000,001,157 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Juniper Networks\Host Checker\Uninstall Host Checker.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk
[2013/05/18 16:25:42 | 000,001,205 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playlist Creator 3.6.2\Playlist Creator 3.6.2 Help.lnk
[2013/05/18 16:25:41 | 000,001,176 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playlist Creator 3.6.2\Playlist Creator 3.6.2.lnk
[2013/05/18 16:25:42 | 000,001,205 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playlist Creator 3.6.2\Release Notes.lnk
[2013/05/18 16:25:42 | 000,001,220 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playlist Creator 3.6.2\www.oddgravity.de.lnk
[2013/12/10 10:28:12 | 000,001,153 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2013/06/23 13:16:51 | 000,001,026 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk
[2013/06/23 13:16:51 | 000,001,045 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk
[2013/06/23 13:16:51 | 000,001,045 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
[2013/12/26 10:14:02 | 000,002,516 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Real\RealPlayer\History\Big [bleep] Spider 2013 720p BRRip x264 A....lnk
[2013/12/31 17:15:56 | 000,002,404 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Real\RealPlayer\History\RealPlay - Watch Full length movies and TV Series.lnk
[2013/12/13 18:24:17 | 000,002,740 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Real\RealPlayer\History\[engsub] Running Man Ep.15 - Guest- T....lnk
[2013/05/13 12:19:11 | 000,002,985 | ---- | M] () -- C:\Users\Ulysses\Desktop\HiJackThis.lnk
[2013/06/23 12:41:51 | 000,000,855 | ---- | M] () -- C:\Users\Ulysses\Desktop\µTorrent.lnk
[2013/09/12 16:17:01 | 000,000,483 | ---- | M] () -- C:\Users\Ulysses\Links\Desktop.lnk
[2013/09/12 16:17:01 | 000,000,902 | ---- | M] () -- C:\Users\Ulysses\Links\Downloads.lnk
[2009/06/11 04:41:58 | 000,001,989 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-powershell_31bf3856ad364e35_6.1.7601.17514_none_5b56b853bd5adf50\Windows PowerShell (x86).lnk
[2009/06/11 04:41:58 | 000,002,741 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-powershell_31bf3856ad364e35_6.1.7601.17514_none_5b56b853bd5adf50\Windows PowerShell Modules.lnk
[2009/06/11 04:41:58 | 000,001,899 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-powershell_31bf3856ad364e35_6.1.7601.17514_none_5b56b853bd5adf50\Windows PowerShell.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Edited by xxmaxixx, 11 February 2014 - 12:16 AM.

  • 0

#8
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey :wave:
Just for letting you know that I'm already working on a solution and will post back as soon as possible
  • 0

#9
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey xxmaxixx,

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :processes
    killallprocesses

    :OTL
    [2014/01/30 17:42:49 | 000,000,000 | RHSD | M] -- C:\Skypee
    [2014/01/24 13:34:04 | 000,000,000 | ---D | M] -- C:\Temp
    [2014/01/03 18:39:35 | 000,000,544 | ---- | M] () -- C:\$Recycle.Bin\S-1-5-21-3946774030-1862938079-1394353489-1004\$IH9YN7C.lnk
    [2014/01/03 18:39:32 | 000,001,343 | ---- | M] () -- C:\$Recycle.Bin\S-1-5-21-3946774030-1862938079-1394353489-1004\$RH9YN7C.lnk
    [2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\AdwCleaner\AdwCleaner.lnk
    [2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\BigFishCache\BigFishCache.lnk
    [2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\Google\Google.lnk
    [2014/01/28 06:24:55 | 000,000,854 | ---- | M] () -- C:\Google\Skypee.lnk
    [2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\Intel\Intel.lnk
    [2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\ITE\ITE.lnk
    [2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\My Music\My Music.lnk
    [2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\NVIDIA\NVIDIA.lnk
    [2014/01/28 06:16:57 | 000,000,810 | ---- | M] () -- C:\Skypee\Google.lnk
    [2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\Skypee\Skypee.lnk
    [2014/01/30 17:43:26 | 000,000,854 | ---- | M] () -- C:\Temp\Temp.lnk

    :Services

    :Reg

    :Files
    C:\Google
    C:\BigFishCache
    dir C:\Temp /c
    C:\Skypee

    :Commands
    [purity]
    [EMPTYFLASH]
    [EMPTYJAVA]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered.
  • OTL may ask to reboot the machine. Please do so if asked.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
  • Open OTL again.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    C:\*.
    C:\Google\*.* /s
    C:\*.lnk /s

  • Click the Quick Scan button. Post the log it produces in your next reply.



Next:

Are the shortcuts still present? Also, how is your computer running? Are there any other problems?

Thank you
  • 0

#10
xxmaxixx

xxmaxixx

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
========== PROCESSES ==========
All processes killed
========== OTL ==========
C:\Skypee folder moved successfully.
C:\Temp\Download folder moved successfully.
C:\Temp folder moved successfully.
C:\$Recycle.Bin\S-1-5-21-3946774030-1862938079-1394353489-1004\$IH9YN7C.lnk moved successfully.
C:\$Recycle.Bin\S-1-5-21-3946774030-1862938079-1394353489-1004\$RH9YN7C.lnk moved successfully.
C:\AdwCleaner\AdwCleaner.lnk moved successfully.
C:\BigFishCache\BigFishCache.lnk moved successfully.
C:\Google\Google.lnk moved successfully.
C:\Google\Skypee.lnk moved successfully.
C:\Intel\Intel.lnk moved successfully.
C:\ITE\ITE.lnk moved successfully.
C:\My Music\My Music.lnk moved successfully.
C:\NVIDIA\NVIDIA.lnk moved successfully.
File C:\Skypee\Google.lnk not found.
File C:\Skypee\Skypee.lnk not found.
File C:\Temp\Temp.lnk not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Google folder moved successfully.
C:\BigFishCache\Upgrade\stub folder moved successfully.
C:\BigFishCache\Upgrade folder moved successfully.
C:\BigFishCache\GameManager\log folder moved successfully.
C:\BigFishCache\GameManager folder moved successfully.
C:\BigFishCache folder moved successfully.
< dir C:\Temp /c >
Volume in drive C has no label.
Volume Serial Number is 42D5-143F
Directory of C:\
C:\Users\Ulysses\Downloads\Programs\cmd.bat deleted successfully.
C:\Users\Ulysses\Downloads\Programs\cmd.txt deleted successfully.
File\Folder C:\Skypee not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Share
->Flash cache emptied: 9344 bytes

User: Ulysses
->Flash cache emptied: 11422 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Share
->Java cache emptied: 0 bytes

User: Ulysses
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02192014_192641

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL logfile created on: 2/19/2014 7:29:18 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ulysses\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 13.19 Gb Available Physical Memory | 82.67% Memory free
31.90 Gb Paging File | 28.73 Gb Available in Paging File | 90.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.37 Gb Total Space | 81.57 Gb Free Space | 34.22% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 4.66 Gb Free Space | 0.50% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 72.71 Gb Free Space | 7.81% Space Free | Partition Type: NTFS
Drive Z: | 465.76 Gb Total Space | 109.34 Gb Free Space | 23.48% Space Free | Partition Type: NTFS

Computer Name: ULYSSES-PC | User Name: Ulysses | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/15 08:22:37 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/02/05 07:57:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ulysses\Downloads\Programs\OTL.exe
PRC - [2014/02/02 08:15:32 | 000,650,816 | ---- | M] (MyCity) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe
PRC - [2014/01/21 10:56:25 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/01/21 10:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/12/20 16:45:32 | 000,807,696 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013/12/20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2013/12/20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2013/12/20 16:43:44 | 000,367,376 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2013/12/20 16:43:34 | 000,261,392 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2013/12/20 16:43:30 | 000,377,616 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/13 18:00:19 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/11/28 19:12:40 | 004,580,256 | ---- | M] (Samsung Electronics.) -- C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
PRC - [2013/11/16 19:27:16 | 000,900,440 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ulysses\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/08/14 07:59:52 | 005,537,136 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2013/07/10 14:23:10 | 001,694,080 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
PRC - [2013/06/20 17:56:56 | 003,604,048 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2013/05/30 11:40:32 | 000,122,984 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2013/05/30 11:36:38 | 000,016,000 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
PRC - [2012/12/12 21:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2012/10/10 13:32:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/10/10 13:31:28 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/10/10 13:31:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/10/10 13:31:27 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2012/09/27 16:08:08 | 000,989,352 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012/09/27 16:04:44 | 001,087,648 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012/09/27 16:02:40 | 001,279,120 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2012/08/20 13:43:20 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2012/08/08 18:17:52 | 003,101,056 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
PRC - [2012/08/07 13:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/08/01 16:39:04 | 001,112,064 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/07/23 16:34:28 | 001,190,400 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
PRC - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/01 17:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/06/01 17:42:18 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2012/05/25 12:12:57 | 001,475,744 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
PRC - [2012/05/21 00:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/05/03 12:17:36 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2012/04/13 12:19:00 | 000,138,032 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2012/04/13 12:18:58 | 001,645,360 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Acer Display\eDisplay Management\dthtml.exe
PRC - [2012/04/13 11:32:10 | 000,113,456 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/02/02 15:20:32 | 000,889,984 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
PRC - [2012/02/01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2010/11/21 11:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
PRC - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
PRC - [2010/04/12 16:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE


========== Modules (No Company Name) ==========

MOD - [2014/02/15 08:22:36 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/02/13 17:10:49 | 001,837,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\31e2163a39db7732f63a4c8bdb818f7a\Microsoft.VisualBasic.ni.dll
MOD - [2014/02/13 17:10:24 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.Xaml.ni.dll
MOD - [2014/02/13 17:10:19 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\9ec8060dd7bfb448f298dcd12d547062\System.Runtime.Remoting.ni.dll
MOD - [2014/02/13 17:10:18 | 002,659,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\be0a1bb51a0d8fb41140c8111ed56d19\System.Runtime.Serialization.ni.dll
MOD - [2014/02/13 17:10:18 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\cd626ecab8e1657628451408aba720cd\System.Runtime.DurableInstancing.ni.dll
MOD - [2014/02/13 17:10:18 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\88aec4231adca9f5a4226c83911c4dad\SMDiagnostics.ni.dll
MOD - [2014/02/13 17:09:09 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\789574f9ced0fc11cec5ef55dda5073b\IAStorUtil.ni.dll
MOD - [2014/02/13 17:09:03 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\915e4f5b54284e391cfeb608d4aa21fd\JSON.ni.dll
MOD - [2014/02/13 17:08:58 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\e173f105ae8da52706f58b9ce09c3a4d\HD-Agent.ni.exe
MOD - [2014/02/13 16:58:02 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll
MOD - [2014/02/13 16:57:59 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014/02/13 16:57:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/13 16:57:43 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/13 16:57:34 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/13 16:57:33 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/13 16:57:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/13 16:57:30 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/02/13 16:30:14 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\880358291baf3043e07b2a7c2f401c85\PresentationFramework.ni.dll
MOD - [2014/02/13 16:30:07 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\db591e35967527b7b864124303dea13a\PresentationCore.ni.dll
MOD - [2014/02/13 16:30:05 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2781e84862746a34f026d0ee179eed2b\System.Windows.Forms.ni.dll
MOD - [2014/02/13 16:30:03 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\354a5906fd46f4374f86916debf3ebcb\System.Core.ni.dll
MOD - [2014/02/13 16:30:01 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014/02/13 16:30:01 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dc74ab189aa9b156581a7228866d3330\WindowsBase.ni.dll
MOD - [2014/02/13 16:30:01 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4bfb0decf7cfe076020f64ee6dd007cc\PresentationFramework.Aero.ni.dll
MOD - [2014/02/13 16:30:00 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014/02/13 16:29:59 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014/02/13 16:29:59 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\991c4e11f571a4074b9c4a5841222338\System.Configuration.ni.dll
MOD - [2014/02/13 16:29:56 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2013/11/28 19:00:00 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SMINI.dll
MOD - [2013/11/28 18:59:54 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SATA.dll
MOD - [2013/11/28 18:59:50 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAT.dll
MOD - [2013/11/28 18:59:24 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAS.dll
MOD - [2013/11/28 18:59:20 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\PAL.dll
MOD - [2013/11/28 12:14:32 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll
MOD - [2012/08/08 16:45:52 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
MOD - [2012/07/31 15:21:32 | 000,152,064 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
MOD - [2012/07/25 09:56:42 | 001,124,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2012/07/05 12:05:48 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2012/06/19 12:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/05/28 21:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012/05/25 10:33:10 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/05/17 18:57:12 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2012/04/13 12:18:54 | 000,121,648 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2012/04/13 11:56:12 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2012/03/21 12:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/02/10 11:29:44 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/08/23 10:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
MOD - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/21 10:55:35 | 016,939,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/05/27 13:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/09 02:30:42 | 000,359,664 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/02/15 08:22:36 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/02/05 19:08:30 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/21 10:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/12/20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013/12/20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/05/30 11:36:38 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/10/10 13:32:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/10/10 13:31:34 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/10/10 13:31:29 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012/10/10 13:31:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/10/10 13:31:27 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/01 17:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/06/01 17:42:18 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2012/05/25 12:12:57 | 001,475,744 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/04/13 12:19:00 | 000,138,032 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2012/04/13 11:32:10 | 000,113,456 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/28 02:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/28 21:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/05/25 23:00:14 | 000,168,288 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2013/01/03 16:17:48 | 000,043,400 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2013/01/03 16:17:38 | 000,077,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/01/03 16:17:38 | 000,061,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/10/10 14:05:29 | 000,140,936 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avfwot.sys -- (avfwot)
DRV:64bit: - [2012/10/10 14:05:29 | 000,114,168 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avfwim.sys -- (avfwim)
DRV:64bit: - [2012/09/27 13:59:38 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/09/27 13:59:38 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/09/27 13:59:38 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/08/23 22:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 22:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 22:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/20 10:38:12 | 000,416,072 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2012/08/20 10:38:12 | 000,138,568 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 07:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/12 22:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/05/31 11:06:14 | 000,032,400 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012/05/21 00:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/05/21 00:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/05/21 00:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/05/17 18:57:06 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2012/04/13 11:31:32 | 000,020,784 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2012/03/25 17:55:22 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/16 15:12:58 | 000,032,360 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/12 16:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/12/20 16:44:10 | 000,114,448 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F A7 C3 E3 55 28 CF 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {1473C9E8-686A-404A-96C9-670502D1B994}
IE - HKCU\..\SearchScopes\{1473C9E8-686A-404A-96C9-670502D1B994}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/05/18 16:29:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/12/13 18:00:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/12/13 18:00:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/02/15 08:22:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Ulysses\AppData\Roaming\IDM\idmmzcc5 [2013/06/24 00:15:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/02/15 08:22:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Ulysses\AppData\Roaming\IDM\idmmzcc5 [2013/06/24 00:15:10 | 000,000,000 | ---D | M]

[2013/05/13 12:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ulysses\AppData\Roaming\Mozilla\Extensions
[2014/02/15 08:22:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/15 08:22:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Logitech SetPoint = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0\
CHR - Extension: RealDownloader = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: IDM Integration = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.16.3_0\
CHR - Extension: Google Wallet = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/11 05:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [DT ACR] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe (Portrait Displays, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [googleupdate] "C:\Google\googleupdate.vbs" File not found
O4 - HKCU..\Run: [googleupdate.exe] "C:\Google\googleupdate.vbs" File not found
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log File not found
O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKCU..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O4 - HKCU..\Run: [uTorrent] C:\Users\Ulysses\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://myoffice.smr...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70728077-7349-4EF2-BD1A-0402E611A4FB}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (c:\windows\syswow64\appinit_dll.dll) - c:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/04/06 13:34:25 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /k:C *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/17 19:15:43 | 000,000,000 | ---D | C] -- C:\Users\Ulysses\Desktop\Old Firefox Data
[2014/02/15 08:22:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/02/15 00:29:22 | 000,000,000 | ---D | C] -- C:\Users\Ulysses\AppData\Local\Adobe
[2014/02/13 16:29:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/02/11 14:07:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/02/11 13:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
[2014/02/11 13:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\MCShield
[2014/02/11 13:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MCShield

========== Files - Modified Within 30 Days ==========

[2014/02/19 19:27:46 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/02/19 19:27:37 | 000,000,606 | ---- | M] () -- C:\Windows\tasks\MATLAB R2013a Startup Accelerator.job
[2014/02/19 19:27:34 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/19 19:27:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/19 19:27:25 | 4257,320,958 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/19 19:22:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/19 19:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/19 16:17:19 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/19 16:17:19 | 000,660,296 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/19 16:17:19 | 000,121,224 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/19 16:15:44 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/19 16:15:44 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/19 16:09:15 | 000,000,810 | ---- | M] () -- C:\ProgramData\ProgramData.lnk
[2014/02/14 20:58:44 | 000,064,863 | ---- | M] () -- C:\Users\Ulysses\Desktop\Homefront.2013.HDRip.XviD-ViP3R.srt
[2014/02/13 21:38:08 | 001,372,968 | ---- | M] () -- C:\Users\Ulysses\Documents\IMG_20140213_0001.jpg
[2014/02/13 16:31:38 | 000,773,030 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== Files Created - No Company Name ==========

[2014/02/18 18:08:58 | 000,000,810 | ---- | C] () -- C:\ProgramData\ProgramData.lnk
[2014/02/16 21:44:31 | 000,064,863 | ---- | C] () -- C:\Users\Ulysses\Desktop\Homefront.2013.HDRip.XviD-ViP3R.srt
[2014/02/13 21:38:08 | 001,372,968 | ---- | C] () -- C:\Users\Ulysses\Documents\IMG_20140213_0001.jpg
[2014/01/24 13:33:40 | 000,357,152 | ---- | C] () -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014/01/24 13:33:40 | 000,314,656 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014/01/12 20:11:37 | 000,000,579 | ---- | C] () -- C:\Users\Ulysses\World of Our Own.pls
[2013/10/15 12:02:57 | 000,001,971 | ---- | C] () -- C:\Users\Ulysses\Wali - 3 in 1 (2012).pls
[2013/10/12 13:44:44 | 000,001,467 | ---- | C] () -- C:\Users\Ulysses\Ada Band - Masa Demi Masa (2013).pls
[2013/10/12 13:44:24 | 000,001,072 | ---- | C] () -- C:\Users\Ulysses\Zivilia - Trilogy (2013).pls
[2013/09/27 14:46:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2013/09/27 14:33:40 | 000,000,017 | ---- | C] () -- C:\Users\Ulysses\AppData\Local\resmon.resmoncfg
[2013/09/12 21:17:52 | 000,000,417 | ---- | C] () -- C:\Users\Ulysses\A to Z.pls
[2013/08/04 19:33:40 | 000,773,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/24 12:19:37 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/05/11 16:40:33 | 000,007,432 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys
[2013/05/11 16:17:34 | 000,015,232 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/05/11 16:17:33 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/05/11 15:56:08 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/05/11 15:56:04 | 000,045,558 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/04/20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 10:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 09:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 11:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/21 17:58:13 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Canon
[2013/05/11 16:41:39 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\DisplayTune
[2014/02/19 18:28:16 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\DMCache
[2014/02/05 08:05:08 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\IDM
[2013/05/13 12:35:10 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Juniper Networks
[2013/05/18 16:29:40 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Leadertech
[2014/02/18 21:37:59 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\MediaMonkey
[2013/08/06 17:07:04 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\PDF Labs
[2013/09/27 13:21:22 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Seagate
[2013/06/23 13:00:43 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Sports Interactive
[2013/07/17 17:09:15 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Subversion
[2014/02/19 19:31:50 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< C:\*. >
[2014/01/18 16:13:43 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2014/02/19 19:26:42 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2014/02/13 16:57:06 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009/07/14 13:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2014/02/19 19:26:42 | 000,000,000 | ---D | M] -- C:\Intel
[2014/02/19 19:26:42 | 000,000,000 | ---D | M] -- C:\ITE
[2013/05/13 13:13:50 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2014/02/19 19:26:42 | 000,000,000 | ---D | M] -- C:\My Music
[2014/02/19 19:26:42 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009/07/14 11:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2014/01/18 15:33:26 | 000,000,000 | R--D | M] -- C:\Program Files
[2014/02/15 09:43:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2014/02/18 18:08:58 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013/05/06 21:22:59 | 000,000,000 | -HSD | M] -- C:\Recovery
[2014/02/18 22:12:11 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013/12/16 16:45:45 | 000,000,000 | R--D | M] -- C:\Users
[2014/01/24 14:15:41 | 000,000,000 | ---D | M] -- C:\Windows
[2014/02/18 18:08:58 | 000,000,000 | ---D | M] -- C:\_OTL
[2009/07/14 13:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 13:08:49 | 000,032,624 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/05/13 12:06:20 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/05/13 12:07:45 | 000,000,896 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/05/13 12:07:45 | 000,000,900 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/07/17 17:00:39 | 000,000,606 | ---- | C] () -- C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job

< C:\Google\*.* /s >

< C:\*.lnk /s >
[2014/02/19 16:09:15 | 000,000,810 | ---- | M] () -- C:\_OTL\_OTL.lnk
[2014/01/27 21:47:33 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02112014_140723\C_ProgramData\ProgramData.lnk
[2014/01/03 18:39:35 | 000,000,544 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_$Recycle.Bin\S-1-5-21-3946774030-1862938079-1394353489-1004\$IH9YN7C.lnk
[2014/01/03 18:39:32 | 000,001,343 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_$Recycle.Bin\S-1-5-21-3946774030-1862938079-1394353489-1004\$RH9YN7C.lnk
[2014/02/18 21:04:24 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_\Skypee\Google.lnk
[2014/02/19 16:09:15 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_\Skypee\Skypee.lnk
[2014/02/19 16:09:15 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_\Temp\Temp.lnk
[2014/02/19 16:09:14 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_AdwCleaner\AdwCleaner.lnk
[2014/02/19 16:09:14 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_BigFishCache\BigFishCache.lnk
[2014/02/19 16:09:14 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_Google\Google.lnk
[2014/01/27 21:48:00 | 000,000,754 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_Google\Skypee.lnk
[2014/02/19 16:09:14 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_Intel\Intel.lnk
[2014/02/19 16:09:14 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_ITE\ITE.lnk
[2014/02/19 16:09:14 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_My Music\My Music.lnk
[2014/02/19 16:09:14 | 000,000,810 | ---- | M] () -- C:\_OTL\MovedFiles\02192014_192641\C_NVIDIA\NVIDIA.lnk
[2013/12/13 18:00:19 | 000,001,090 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\.r1pclean.exe.lnk
[2013/12/13 18:00:19 | 000,001,118 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\accesspoints\desktop.lnk
[2013/12/13 18:00:19 | 000,001,118 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\accesspoints\entertainment.lnk
[2013/12/13 18:00:19 | 000,001,118 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\accesspoints\quicklaunch.lnk
[2013/12/13 18:00:19 | 000,001,118 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\accesspoints\startmenu.lnk
[2013/12/13 18:00:19 | 000,001,118 | ---- | M] () -- C:\Program Files (x86)\Real\RealPlayer\Setup\accesspoints\startmenuprograms.lnk
[2013/05/18 16:29:29 | 000,001,740 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Bluetooth Connection Assistant.lnk
[2013/05/18 16:29:29 | 000,001,762 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Mouse and Keyboard Settings.lnk
[2013/05/07 12:14:54 | 000,001,238 | ---- | M] () -- C:\Program Files\Microsoft Games\Chess\ChessMCE.lnk
[2009/07/14 12:55:00 | 000,001,268 | ---- | M] () -- C:\Program Files\Microsoft Games\FreeCell\FreeCellMCE.lnk
[2009/07/14 12:57:12 | 000,001,248 | ---- | M] () -- C:\Program Files\Microsoft Games\Hearts\HeartsMCE.lnk
[2013/05/07 12:14:54 | 000,001,258 | ---- | M] () -- C:\Program Files\Microsoft Games\Mahjong\MahjongMCE.lnk
[2009/07/14 12:57:12 | 000,001,302 | ---- | M] () -- C:\Program Files\Microsoft Games\Purble Place\PurblePlaceMCE.lnk
[2009/07/14 12:55:01 | 000,001,278 | ---- | M] () -- C:\Program Files\Microsoft Games\Solitaire\SolitaireMCE.lnk
[2009/07/14 12:57:12 | 000,001,338 | ---- | M] () -- C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaireMCE.lnk
[2014/02/19 16:09:15 | 000,000,810 | ---- | M] () -- C:\ProgramData\ProgramData.lnk
[2014/01/19 21:17:48 | 000,002,112 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\1Mobile Market.lnk
[2014/01/19 21:13:31 | 000,001,952 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Appstore.lnk
[2014/01/19 21:13:23 | 000,002,000 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Bluestacks Spotlight.lnk
[2014/01/19 21:15:58 | 000,002,052 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Candy Crush Saga.lnk
[2014/01/19 21:13:31 | 000,001,842 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Facebook.lnk
[2014/01/19 21:16:59 | 000,001,860 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Gamepop-Home.lnk
[2014/01/19 21:13:25 | 000,001,842 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Help.lnk
[2014/01/19 21:16:59 | 000,001,850 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\home.lnk
[2014/01/19 21:16:51 | 000,001,960 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\International.lnk
[2014/02/19 18:59:44 | 000,001,964 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\s2p.lnk
[2014/02/09 19:53:05 | 000,002,068 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\TV Anywhere.lnk
[2014/01/19 21:13:31 | 000,001,984 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\Twitter.lnk
[2014/02/15 13:12:26 | 000,002,008 | ---- | M] () -- C:\ProgramData\BlueStacks\UserData\Library\My Apps\WhatsApp.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\ProgramData\MCShield\Quarantine\14.02.11. 13.59 Recycled.754890\Recycled.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\ProgramData\MCShield\Quarantine\14.02.11. 14.10 Recycled.683376\Recycled.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\ProgramData\MCShield\Quarantine\14.02.11. 14.10 Recycled.847637\Recycled.lnk
[2009/07/14 13:01:14 | 000,001,282 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[2009/07/14 12:49:40 | 000,001,266 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
[2014/01/18 09:17:07 | 000,002,441 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/07/17 17:00:43 | 000,001,371 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2013a Student Version (32-bit).lnk
[2013/05/07 12:14:55 | 000,001,345 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/05/13 12:16:22 | 000,001,163 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2009/07/14 12:57:08 | 000,001,330 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2009/07/14 12:57:09 | 000,001,352 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2013/05/07 12:14:56 | 000,001,326 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2009/07/14 12:54:59 | 000,001,210 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2010/11/21 11:40:30 | 000,001,547 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2009/07/14 12:57:08 | 000,001,246 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2009/07/14 12:55:00 | 000,001,230 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk
[2009/07/14 12:54:23 | 000,001,266 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk
[2013/05/07 12:14:54 | 000,001,364 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk
[2013/05/07 12:14:54 | 000,001,238 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk
[2009/07/14 12:54:32 | 000,001,242 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk
[2013/05/12 12:23:20 | 000,001,620 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk
[2013/05/07 12:14:55 | 000,001,272 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk
[2009/07/14 12:57:08 | 000,001,330 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk
[2013/05/07 12:14:55 | 000,001,351 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk
[2009/07/14 12:54:58 | 000,001,254 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk
[2009/07/14 12:57:09 | 000,001,579 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk
[2009/07/14 12:54:58 | 000,001,322 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk
[2009/07/14 12:57:07 | 000,001,388 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk
[2009/07/14 12:55:00 | 000,001,248 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk
[2009/07/14 12:54:25 | 000,001,290 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk
[2009/07/14 12:54:58 | 000,001,252 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk
[2009/07/14 12:53:50 | 000,001,242 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk
[2009/07/14 12:53:33 | 000,001,250 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk
[2009/07/14 12:54:57 | 000,001,246 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk
[2009/07/14 12:54:29 | 000,001,268 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk
[2009/07/14 12:57:09 | 000,001,320 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk
[2009/07/14 12:57:09 | 000,001,316 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk
[2013/05/07 12:14:56 | 000,001,436 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk
[2013/05/07 12:14:55 | 000,001,386 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk
[2013/05/07 12:14:54 | 000,001,316 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk
[2009/07/14 13:32:31 | 000,001,989 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk
[2009/07/14 12:57:13 | 000,001,468 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk
[2009/07/14 12:57:13 | 000,001,468 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk
[2009/07/14 13:32:31 | 000,001,899 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk
[2013/05/11 16:49:23 | 000,002,063 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Acer eDisplay Management.lnk
[2013/05/11 16:49:23 | 000,002,196 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Diagnostics.lnk
[2013/05/11 16:49:23 | 000,002,539 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Uninstall Acer eDisplay Management.lnk
[2009/07/14 12:57:13 | 000,001,242 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk
[2009/07/14 12:54:21 | 000,001,294 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk
[2009/07/14 12:53:52 | 000,001,270 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk
[2009/07/14 12:54:29 | 000,001,298 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk
[2009/07/14 12:54:22 | 000,001,274 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk
[2009/07/14 12:53:33 | 000,001,268 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk
[2013/05/13 13:15:35 | 000,001,539 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 2.0 Configuration.lnk
[2009/07/14 12:53:50 | 000,001,232 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk
[2009/07/14 12:54:05 | 000,001,288 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 12:53:33 | 000,001,246 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk
[2009/07/14 12:54:29 | 000,001,262 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk
[2009/07/14 12:53:58 | 000,001,274 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk
[2009/07/14 13:32:31 | 000,002,741 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk
[2013/05/11 16:24:22 | 000,002,062 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite II\AI Suite II 2.01.01.lnk
[2013/05/11 16:24:22 | 000,001,661 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite II\AI Suite II uninstall.lnk
[2013/08/10 01:10:54 | 000,002,071 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Internet Security 2012 Help.lnk
[2013/08/10 01:10:54 | 000,002,087 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira on the Internet.lnk
[2013/08/10 01:10:54 | 000,001,204 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Display readme.lnk
[2013/08/10 01:10:54 | 000,002,094 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Start Avira Internet Security 2012.lnk
[2014/01/19 21:13:04 | 000,001,837 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk
[2013/06/25 00:08:38 | 000,002,358 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX390 series Manual\Canon MX390 series On-screen Manual.lnk
[2013/06/25 00:14:28 | 000,002,115 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk
[2013/06/25 00:10:29 | 000,002,101 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Image Garden\My Image Garden.lnk
[2013/06/25 00:09:04 | 000,001,828 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk
[2013/06/25 00:12:32 | 000,002,049 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Quick Menu\Quick Menu.lnk
[2013/06/25 00:09:25 | 000,002,105 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Speed Dial Utility\Speed Dial Utility.lnk
[2013/05/07 12:14:54 | 000,000,352 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk
[2009/07/14 12:55:00 | 000,000,364 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk
[2009/07/14 12:54:59 | 000,000,258 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk
[2009/07/14 12:57:12 | 000,000,356 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk
[2013/05/07 12:14:54 | 000,000,474 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk
[2013/05/07 12:14:54 | 000,000,470 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk
[2013/05/07 12:14:54 | 000,000,466 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk
[2013/05/07 12:14:54 | 000,000,360 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk
[2009/07/14 12:57:12 | 000,000,376 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk
[2009/07/14 12:57:12 | 000,000,370 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from Microsoft.lnk
[2009/07/14 12:57:12 | 000,000,378 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Purble Place.lnk
[2009/07/14 12:55:01 | 000,000,368 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk
[2009/07/14 12:57:12 | 000,000,392 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk
[2013/09/25 17:08:12 | 000,002,218 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[2013/05/11 16:10:34 | 000,001,490 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk
[2013/06/24 00:15:06 | 000,001,043 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk
[2013/06/24 00:15:06 | 000,001,043 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk
[2013/06/24 00:15:06 | 000,001,055 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk
[2014/01/18 09:38:20 | 000,001,953 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk
[2014/01/18 09:38:20 | 000,001,971 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk
[2014/01/18 09:38:20 | 000,001,929 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk
[2014/01/18 09:38:20 | 000,001,206 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk
[2014/01/18 09:38:20 | 000,001,114 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk
[2013/06/24 12:19:37 | 000,002,132 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk
[2013/06/24 12:19:37 | 000,001,295 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk
[2013/06/24 12:19:37 | 000,002,078 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk
[2013/06/24 12:19:37 | 000,002,122 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk
[2013/06/24 12:19:37 | 000,002,112 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk
[2013/06/24 12:19:37 | 000,002,104 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk
[2013/06/24 12:19:37 | 000,001,933 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk
[2013/06/24 12:19:37 | 000,001,945 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk
[2013/06/24 12:19:37 | 000,001,933 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk
[2013/06/24 12:19:37 | 000,002,213 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk
[2013/06/24 12:19:37 | 000,001,211 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk
[2013/06/24 12:19:37 | 000,001,284 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk
[2013/06/24 12:19:37 | 000,001,254 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk
[2013/06/24 12:19:37 | 000,002,138 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk
[2013/06/24 12:19:37 | 000,002,047 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk
[2013/05/18 16:29:29 | 000,001,762 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Mouse and Keyboard\Mouse and Keyboard Settings.lnk
[2013/05/18 16:29:38 | 000,001,126 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Unifying\Logitech Unifying Software.lnk
[2009/07/14 12:57:07 | 000,001,304 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk
[2009/07/14 12:57:07 | 000,001,248 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk
[2009/07/14 12:57:09 | 000,001,212 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk
[2014/01/12 23:07:51 | 000,001,091 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk
[2014/01/12 23:07:51 | 000,001,091 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk
[2014/01/12 23:07:51 | 000,001,115 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk
[2014/01/12 23:07:51 | 000,001,264 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk
[2013/07/17 17:00:43 | 000,001,313 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB\R2013a Student Version (32-bit)\Activate MATLAB R2013a.lnk
[2013/07/17 17:00:43 | 000,001,383 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB\R2013a Student Version (32-bit)\MATLAB R2013a Student Version (32-bit).lnk
[2014/02/11 13:59:31 | 000,001,119 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Control Center.lnk
[2014/02/11 13:59:31 | 000,001,058 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Real-Time Monitor.lnk
[2014/02/11 13:59:31 | 000,000,814 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\All scans.lnk
[2014/02/11 13:59:31 | 000,000,824 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Last scan.lnk
[2014/02/11 13:59:31 | 000,000,857 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Summary.lnk
[2014/02/11 13:59:31 | 000,001,187 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Tools\MCShield Translator.lnk
[2014/02/11 13:59:31 | 000,001,060 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Uninstall\Uninstall MCShield.lnk
[2013/06/24 12:15:42 | 000,000,846 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey on the Web.lnk
[2013/06/24 12:15:42 | 000,001,038 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey Read Me.lnk
[2013/06/24 12:15:42 | 000,001,065 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey.lnk
[2013/06/24 12:15:42 | 000,001,050 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\Uninstall MediaMonkey.lnk
[2013/05/18 16:28:21 | 000,002,687 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Connect Keyboard for Bluetooth.lnk
[2013/05/18 16:28:21 | 000,002,715 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Keyboard Healthy Computing Guide.lnk
[2013/05/18 16:28:21 | 000,002,847 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Keyboard Help.lnk
[2013/05/18 16:28:21 | 000,002,695 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Microsoft Keyboard.lnk
[2013/05/18 16:28:21 | 000,002,747 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Quality Settings.lnk
[2013/05/13 13:15:35 | 000,002,643 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk
[2013/09/14 08:18:36 | 000,002,655 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk
[2013/05/13 13:15:35 | 000,002,697 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk
[2013/05/13 13:15:35 | 000,002,687 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk
[2013/05/13 13:15:35 | 000,002,619 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk
[2013/05/13 13:15:35 | 000,002,693 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk
[2013/05/13 13:15:35 | 000,002,645 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk
[2013/05/13 13:15:35 | 000,002,611 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk
[2013/05/13 13:15:35 | 000,002,693 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk
[2013/05/13 13:15:35 | 000,002,647 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk
[2013/05/13 13:15:35 | 000,002,627 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk
[2013/05/13 13:15:35 | 000,002,527 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk
[2013/05/13 13:15:35 | 000,002,625 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk
[2013/05/13 13:15:35 | 000,002,605 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk
[2013/05/13 13:14:19 | 000,001,273 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005\Visual Studio Tools\Visual Studio 2005 Remote Debugger Configuration Wizard.lnk
[2014/01/24 12:18:00 | 000,001,329 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk
[2014/01/24 13:34:39 | 000,002,121 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk
[2014/01/24 13:34:39 | 000,002,133 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk
[2014/01/24 13:34:39 | 000,002,139 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk
[2014/01/24 13:34:39 | 000,002,137 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Help.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Virtual Drive Manager.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO.lnk
[2013/05/13 13:17:24 | 000,001,914 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\Uninstall PowerISO.lnk
[2013/05/18 16:18:46 | 000,002,441 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk
[2013/05/18 16:18:46 | 000,002,471 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk
[2013/05/18 16:18:46 | 000,002,441 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk
[2013/05/18 16:18:46 | 000,001,816 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk
[2013/12/13 18:00:28 | 000,002,563 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk
[2013/12/13 18:00:24 | 000,001,193 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk
[2013/12/13 18:00:22 | 000,001,135 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk
[2013/12/13 18:00:19 | 000,001,252 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk
[2013/05/11 16:15:33 | 000,001,120 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek\Realtek Ethernet Diagnostic Utility\Realtek Ethernet Diagnostic Utility.lnk
[2013/12/10 10:28:12 | 000,001,113 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician\Samsung Magician.lnk
[2013/12/10 10:28:12 | 000,002,003 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician\Uninstall Samsung Magician.lnk
[2013/05/12 12:35:15 | 000,002,111 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Data Migration\Data Migration.lnk
[2013/09/27 13:21:36 | 000,002,743 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0\Seagate Dashboard 2.0.lnk
[2013/09/27 13:07:09 | 000,002,477 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk
[2013/05/13 12:16:06 | 000,001,059 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster Help.lnk
[2013/05/13 12:16:06 | 000,001,101 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster.lnk
[2013/06/23 13:15:50 | 000,001,075 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Download Tag&Rename User Manual in pdf.lnk
[2013/06/23 13:15:50 | 000,000,975 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Tag&Rename help.lnk
[2013/06/23 13:15:50 | 000,001,045 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Tag&Rename.lnk
[2013/05/11 17:13:33 | 000,001,136 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIRTU MVP\VIRTU MVP Control Panel.lnk
[2013/05/11 17:13:33 | 000,001,093 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIRTU MVP\VIRTU MVP Uninstall.lnk
[2013/09/27 14:43:59 | 000,001,272 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Data Lifeguard Diagnostic for Windows.lnk
[2013/09/27 14:43:59 | 000,001,260 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Help Documentation.lnk
[2013/09/27 14:43:59 | 000,001,284 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Uninstall Data Lifeguard Diagnostic for Windows.lnk
[2013/12/10 20:54:07 | 000,001,213 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Unlocker.lnk
[2013/10/25 20:37:09 | 000,001,207 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Utilities.lnk
[2013/12/10 20:54:07 | 000,001,181 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Security.lnk
[2013/11/26 17:57:49 | 000,001,174 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD Quick View.lnk
[2013/11/26 17:57:44 | 000,001,168 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD SmartWare.lnk
[2013/08/04 19:36:11 | 000,002,020 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone\Windows Phone app for desktop.lnk
[2013/06/23 13:16:51 | 000,001,008 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk
[2013/06/23 13:16:51 | 000,001,027 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk
[2013/06/23 13:16:51 | 000,001,027 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
[2014/02/19 16:09:15 | 000,000,810 | ---- | M] () -- C:\Users\All Users\ProgramData.lnk
[2014/01/19 21:17:48 | 000,002,112 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\1Mobile Market.lnk
[2014/01/19 21:13:31 | 000,001,952 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Appstore.lnk
[2014/01/19 21:13:23 | 000,002,000 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Bluestacks Spotlight.lnk
[2014/01/19 21:15:58 | 000,002,052 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Candy Crush Saga.lnk
[2014/01/19 21:13:31 | 000,001,842 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Facebook.lnk
[2014/01/19 21:16:59 | 000,001,860 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Gamepop-Home.lnk
[2014/01/19 21:13:25 | 000,001,842 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Help.lnk
[2014/01/19 21:16:59 | 000,001,850 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\home.lnk
[2014/01/19 21:16:51 | 000,001,960 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\International.lnk
[2014/02/19 18:59:44 | 000,001,964 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\s2p.lnk
[2014/02/09 19:53:05 | 000,002,068 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\TV Anywhere.lnk
[2014/01/19 21:13:31 | 000,001,984 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\Twitter.lnk
[2014/02/15 13:12:26 | 000,002,008 | ---- | M] () -- C:\Users\All Users\BlueStacks\UserData\Library\My Apps\WhatsApp.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\Users\All Users\MCShield\Quarantine\14.02.11. 13.59 Recycled.754890\Recycled.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\Users\All Users\MCShield\Quarantine\14.02.11. 14.10 Recycled.683376\Recycled.lnk
[2014/01/27 21:47:38 | 000,000,766 | ---- | M] () -- C:\Users\All Users\MCShield\Quarantine\14.02.11. 14.10 Recycled.847637\Recycled.lnk
[2009/07/14 13:01:14 | 000,001,282 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Default Programs.lnk
[2009/07/14 12:49:40 | 000,001,266 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Windows Update.lnk
[2014/01/18 09:17:07 | 000,002,441 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/07/17 17:00:43 | 000,001,371 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MATLAB R2013a Student Version (32-bit).lnk
[2013/05/07 12:14:55 | 000,001,345 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/05/13 12:16:22 | 000,001,163 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2009/07/14 12:57:08 | 000,001,330 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2009/07/14 12:57:09 | 000,001,352 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2013/05/07 12:14:56 | 000,001,326 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2009/07/14 12:54:59 | 000,001,210 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2010/11/21 11:40:30 | 000,001,547 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2009/07/14 12:57:08 | 000,001,246 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2009/07/14 12:55:00 | 000,001,230 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk
[2009/07/14 12:54:23 | 000,001,266 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk
[2013/05/07 12:14:54 | 000,001,364 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk
[2013/05/07 12:14:54 | 000,001,238 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk
[2009/07/14 12:54:32 | 000,001,242 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk
[2013/05/12 12:23:20 | 000,001,620 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk
[2013/05/07 12:14:55 | 000,001,272 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk
[2009/07/14 12:57:08 | 000,001,330 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk
[2013/05/07 12:14:55 | 000,001,351 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk
[2009/07/14 12:54:58 | 000,001,254 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk
[2009/07/14 12:57:09 | 000,001,579 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk
[2009/07/14 12:54:58 | 000,001,322 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk
[2009/07/14 12:57:07 | 000,001,388 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk
[2009/07/14 12:55:00 | 000,001,248 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk
[2009/07/14 12:54:25 | 000,001,290 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk
[2009/07/14 12:54:58 | 000,001,252 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk
[2009/07/14 12:53:50 | 000,001,242 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk
[2009/07/14 12:53:33 | 000,001,250 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk
[2009/07/14 12:54:57 | 000,001,246 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk
[2009/07/14 12:54:29 | 000,001,268 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk
[2009/07/14 12:57:09 | 000,001,320 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk
[2009/07/14 12:57:09 | 000,001,316 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk
[2013/05/07 12:14:56 | 000,001,436 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk
[2013/05/07 12:14:55 | 000,001,386 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk
[2013/05/07 12:14:54 | 000,001,316 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk
[2009/07/14 13:32:31 | 000,001,989 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk
[2009/07/14 12:57:13 | 000,001,468 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk
[2009/07/14 12:57:13 | 000,001,468 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk
[2009/07/14 13:32:31 | 000,001,899 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk
[2013/05/11 16:49:23 | 000,002,063 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Acer eDisplay Management.lnk
[2013/05/11 16:49:23 | 000,002,196 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Diagnostics.lnk
[2013/05/11 16:49:23 | 000,002,539 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Acer eDisplay Management\Uninstall Acer eDisplay Management.lnk
[2009/07/14 12:57:13 | 000,001,242 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk
[2009/07/14 12:54:21 | 000,001,294 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk
[2009/07/14 12:53:52 | 000,001,270 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk
[2009/07/14 12:54:29 | 000,001,298 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk
[2009/07/14 12:54:22 | 000,001,274 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk
[2009/07/14 12:53:33 | 000,001,268 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk
[2013/05/13 13:15:35 | 000,001,539 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 2.0 Configuration.lnk
[2009/07/14 12:53:50 | 000,001,232 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk
[2009/07/14 12:54:05 | 000,001,288 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 12:53:33 | 000,001,246 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk
[2009/07/14 12:54:29 | 000,001,262 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk
[2009/07/14 12:53:58 | 000,001,274 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk
[2009/07/14 13:32:31 | 000,002,741 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk
[2013/05/11 16:24:22 | 000,002,062 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite II\AI Suite II 2.01.01.lnk
[2013/05/11 16:24:22 | 000,001,661 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite II\AI Suite II uninstall.lnk
[2013/08/10 01:10:54 | 000,002,071 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Internet Security 2012 Help.lnk
[2013/08/10 01:10:54 | 000,002,087 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira on the Internet.lnk
[2013/08/10 01:10:54 | 000,001,204 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Display readme.lnk
[2013/08/10 01:10:54 | 000,002,094 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Start Avira Internet Security 2012.lnk
[2014/01/19 21:13:04 | 000,001,837 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk
[2013/06/25 00:08:38 | 000,002,358 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon MX390 series Manual\Canon MX390 series On-screen Manual.lnk
[2013/06/25 00:14:28 | 000,002,115 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk
[2013/06/25 00:10:29 | 000,002,101 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Image Garden\My Image Garden.lnk
[2013/06/25 00:09:04 | 000,001,828 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk
[2013/06/25 00:12:32 | 000,002,049 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Quick Menu\Quick Menu.lnk
[2013/06/25 00:09:25 | 000,002,105 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Speed Dial Utility\Speed Dial Utility.lnk
[2013/05/07 12:14:54 | 000,000,352 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk
[2009/07/14 12:55:00 | 000,000,364 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk
[2009/07/14 12:54:59 | 000,000,258 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk
[2009/07/14 12:57:12 | 000,000,356 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk
[2013/05/07 12:14:54 | 000,000,474 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk
[2013/05/07 12:14:54 | 000,000,470 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk
[2013/05/07 12:14:54 | 000,000,466 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk
[2013/05/07 12:14:54 | 000,000,360 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk
[2009/07/14 12:57:12 | 000,000,376 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk
[2009/07/14 12:57:12 | 000,000,370 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\More Games from Microsoft.lnk
[2009/07/14 12:57:12 | 000,000,378 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Purble Place.lnk
[2009/07/14 12:55:01 | 000,000,368 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk
[2009/07/14 12:57:12 | 000,000,392 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk
[2013/09/25 17:08:12 | 000,002,218 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[2013/05/11 16:10:34 | 000,001,490 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk
[2013/06/24 00:15:06 | 000,001,043 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk
[2013/06/24 00:15:06 | 000,001,043 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk
[2013/06/24 00:15:06 | 000,001,031 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk
[2013/06/24 00:15:06 | 000,001,055 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk
[2014/01/18 09:38:20 | 000,001,953 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk
[2014/01/18 09:38:20 | 000,001,971 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk
[2014/01/18 09:38:20 | 000,001,929 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk
[2014/01/18 09:38:20 | 000,001,206 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk
[2014/01/18 09:38:20 | 000,001,114 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk
[2013/06/24 12:19:37 | 000,002,132 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk
[2013/06/24 12:19:37 | 000,001,295 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk
[2013/06/24 12:19:37 | 000,002,078 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk
[2013/06/24 12:19:37 | 000,002,122 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk
[2013/06/24 12:19:37 | 000,002,112 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk
[2013/06/24 12:19:37 | 000,002,104 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk
[2013/06/24 12:19:37 | 000,001,933 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk
[2013/06/24 12:19:37 | 000,001,945 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk
[2013/06/24 12:19:37 | 000,001,933 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk
[2013/06/24 12:19:37 | 000,002,213 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk
[2013/06/24 12:19:37 | 000,001,211 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk
[2013/06/24 12:19:37 | 000,001,284 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk
[2013/06/24 12:19:37 | 000,001,254 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk
[2013/06/24 12:19:37 | 000,002,138 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk
[2013/06/24 12:19:37 | 000,002,047 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk
[2013/05/18 16:29:29 | 000,001,762 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Logitech\Mouse and Keyboard\Mouse and Keyboard Settings.lnk
[2013/05/18 16:29:38 | 000,001,126 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Logitech\Unifying\Logitech Unifying Software.lnk
[2009/07/14 12:57:07 | 000,001,304 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk
[2009/07/14 12:57:07 | 000,001,248 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk
[2009/07/14 12:57:09 | 000,001,212 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk
[2014/01/12 23:07:51 | 000,001,091 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk
[2014/01/12 23:07:51 | 000,001,091 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk
[2014/01/12 23:07:51 | 000,001,115 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk
[2014/01/12 23:07:51 | 000,001,264 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk
[2013/07/17 17:00:43 | 000,001,313 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MATLAB\R2013a Student Version (32-bit)\Activate MATLAB R2013a.lnk
[2013/07/17 17:00:43 | 000,001,383 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MATLAB\R2013a Student Version (32-bit)\MATLAB R2013a Student Version (32-bit).lnk
[2014/02/11 13:59:31 | 000,001,119 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Control Center.lnk
[2014/02/11 13:59:31 | 000,001,058 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Real-Time Monitor.lnk
[2014/02/11 13:59:31 | 000,000,814 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\All scans.lnk
[2014/02/11 13:59:31 | 000,000,824 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Last scan.lnk
[2014/02/11 13:59:31 | 000,000,857 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Summary.lnk
[2014/02/11 13:59:31 | 000,001,187 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\Tools\MCShield Translator.lnk
[2014/02/11 13:59:31 | 000,001,060 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MCShield\Uninstall\Uninstall MCShield.lnk
[2013/06/24 12:15:42 | 000,000,846 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey on the Web.lnk
[2013/06/24 12:15:42 | 000,001,038 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey Read Me.lnk
[2013/06/24 12:15:42 | 000,001,065 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey.lnk
[2013/06/24 12:15:42 | 000,001,050 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\MediaMonkey\Uninstall MediaMonkey.lnk
[2013/05/18 16:28:21 | 000,002,687 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Connect Keyboard for Bluetooth.lnk
[2013/05/18 16:28:21 | 000,002,715 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Keyboard Healthy Computing Guide.lnk
[2013/05/18 16:28:21 | 000,002,847 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Keyboard Help.lnk
[2013/05/18 16:28:21 | 000,002,695 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Microsoft Keyboard.lnk
[2013/05/18 16:28:21 | 000,002,747 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard\Quality Settings.lnk
[2013/05/13 13:15:35 | 000,002,643 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk
[2013/09/14 08:18:36 | 000,002,655 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk
[2013/05/13 13:15:35 | 000,002,697 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk
[2013/05/13 13:15:35 | 000,002,687 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk
[2013/05/13 13:15:35 | 000,002,619 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk
[2013/05/13 13:15:35 | 000,002,693 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk
[2013/05/13 13:15:35 | 000,002,645 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk
[2013/05/13 13:15:35 | 000,002,611 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk
[2013/05/13 13:15:35 | 000,002,693 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk
[2013/05/13 13:15:35 | 000,002,647 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk
[2013/05/13 13:15:35 | 000,002,627 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk
[2013/05/13 13:15:35 | 000,002,527 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk
[2013/05/13 13:15:35 | 000,002,625 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk
[2013/05/13 13:15:35 | 000,002,605 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk
[2013/05/13 13:14:19 | 000,001,273 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005\Visual Studio Tools\Visual Studio 2005 Remote Debugger Configuration Wizard.lnk
[2014/01/24 12:18:00 | 000,001,329 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk
[2014/01/24 13:34:39 | 000,002,121 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk
[2014/01/24 13:34:39 | 000,002,133 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk
[2014/01/24 13:34:39 | 000,002,139 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk
[2014/01/24 13:34:39 | 000,002,137 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Help.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Virtual Drive Manager.lnk
[2013/05/13 13:17:24 | 000,001,907 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO.lnk
[2013/05/13 13:17:24 | 000,001,914 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\PowerISO\Uninstall PowerISO.lnk
[2013/05/18 16:18:46 | 000,002,441 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk
[2013/05/18 16:18:46 | 000,002,471 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk
[2013/05/18 16:18:46 | 000,002,441 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk
[2013/05/18 16:18:46 | 000,001,816 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk
[2013/12/13 18:00:28 | 000,002,563 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk
[2013/12/13 18:00:24 | 000,001,193 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk
[2013/12/13 18:00:22 | 000,001,135 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk
[2013/12/13 18:00:19 | 000,001,252 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk
[2013/05/11 16:15:33 | 000,001,120 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Realtek\Realtek Ethernet Diagnostic Utility\Realtek Ethernet Diagnostic Utility.lnk
[2013/12/10 10:28:12 | 000,001,113 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician\Samsung Magician.lnk
[2013/12/10 10:28:12 | 000,002,003 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician\Uninstall Samsung Magician.lnk
[2013/05/12 12:35:15 | 000,002,111 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Samsung\Data Migration\Data Migration.lnk
[2013/09/27 13:21:36 | 000,002,743 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0\Seagate Dashboard 2.0.lnk
[2013/09/27 13:07:09 | 000,002,477 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk
[2013/05/13 12:16:06 | 000,001,059 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster Help.lnk
[2013/05/13 12:16:06 | 000,001,101 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster.lnk
[2013/06/23 13:15:50 | 000,001,075 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Download Tag&Rename User Manual in pdf.lnk
[2013/06/23 13:15:50 | 000,000,975 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Tag&Rename help.lnk
[2013/06/23 13:15:50 | 000,001,045 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tag&Rename\Tag&Rename.lnk
[2013/05/11 17:13:33 | 000,001,136 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\VIRTU MVP\VIRTU MVP Control Panel.lnk
[2013/05/11 17:13:33 | 000,001,093 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\VIRTU MVP\VIRTU MVP Uninstall.lnk
[2013/09/27 14:43:59 | 000,001,272 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Data Lifeguard Diagnostic for Windows.lnk
[2013/09/27 14:43:59 | 000,001,260 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Help Documentation.lnk
[2013/09/27 14:43:59 | 000,001,284 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Uninstall Data Lifeguard Diagnostic for Windows.lnk
[2013/12/10 20:54:07 | 000,001,213 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Unlocker.lnk
[2013/10/25 20:37:09 | 000,001,207 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Utilities.lnk
[2013/12/10 20:54:07 | 000,001,181 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Security.lnk
[2013/11/26 17:57:49 | 000,001,174 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD Quick View.lnk
[2013/11/26 17:57:44 | 000,001,168 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD SmartWare.lnk
[2013/08/04 19:36:11 | 000,002,020 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Windows Phone\Windows Phone app for desktop.lnk
[2013/06/23 13:16:51 | 000,001,008 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk
[2013/06/23 13:16:51 | 000,001,027 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk
[2013/06/23 13:16:51 | 000,001,027 | ---- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
[2009/07/14 12:49:38 | 000,000,290 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2009/07/14 12:49:38 | 000,000,272 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2009/07/14 12:54:59 | 000,001,238 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk
[2009/07/14 12:54:27 | 000,001,280 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk
[2009/07/14 12:54:32 | 000,001,304 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk
[2009/07/14 12:49:38 | 000,001,228 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk
[2009/07/14 12:54:01 | 000,001,358 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk
[2009/07/14 12:54:00 | 000,001,258 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk
[2009/07/14 12:54:02 | 000,001,262 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
[2009/07/14 12:54:00 | 000,001,250 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk
[2009/07/14 12:54:59 | 000,001,306 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk
[2013/05/11 16:40:48 | 000,002,045 | ---- | M] () -- C:\Users\Public\Desktop\Acer eDisplay Management.lnk
[2014/01/18 09:17:07 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/01/19 21:13:21 | 000,001,820 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
[2013/08/10 01:10:54 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013/06/25 00:08:36 | 000,002,358 | ---- | M] () -- C:\Users\Public\Desktop\Canon MX390 series On-screen Manual.lnk
[2013/06/25 00:12:32 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2013/05/12 12:35:15 | 000,002,087 | ---- | M] () -- C:\Users\Public\Desktop\Data Migration.lnk
[2013/12/16 16:44:59 | 000,001,311 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013/09/25 17:08:12 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/12 23:07:51 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/24 12:15:42 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\MediaMonkey.lnk
[2013/05/13 12:16:22 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/05/13 13:17:24 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/12/13 18:00:29 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/09/27 13:21:36 | 000,002,725 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Dashboard 2.0.lnk
[2013/09/27 13:07:09 | 000,002,453 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2013/05/13 12:16:06 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2014/01/19 21:13:20 | 000,001,767 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013/10/25 20:37:09 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\WD Drive Utilities.lnk
[2013/06/24 11:23:37 | 000,002,283 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/28 08:10:26 | 000,001,401 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2009/07/14 12:49:38 | 000,000,290 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2009/07/14 12:49:38 | 000,000,272 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/06/30 14:26:56 | 000,002,675 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk
[2013/06/23 12:29:26 | 000,002,294 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[2013/11/26 23:29:53 | 000,001,423 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
[2014/02/19 10:47:34 | 000,001,163 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
[2009/07/14 12:49:38 | 000,001,228 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk
[2010/11/21 11:40:30 | 000,001,547 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk
[2014/01/26 23:26:56 | 000,000,534 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Ahmad Shahruddin CV(2).LNK
[2014/01/26 23:27:00 | 000,000,534 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Ahmad Shahruddin CV(3).LNK
[2014/02/04 21:10:15 | 000,001,263 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\AJBA test notes.LNK
[2014/01/11 12:09:35 | 000,000,875 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
[2013/07/05 08:56:48 | 000,000,293 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\din property.LNK
[2014/01/26 23:27:00 | 000,000,381 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\DIN's Resune.LNK
[2014/02/01 20:42:26 | 000,001,199 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\DNB.LNK
[2014/02/04 21:10:15 | 000,001,086 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Downloads.LNK
[2013/09/23 19:29:34 | 000,001,087 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Faisal_-_Resume updated.LNK
[2014/02/01 22:52:24 | 000,001,228 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Start up.LNK
[2013/06/29 16:38:32 | 000,001,123 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Office\Recent\Templates.LNK
[2013/08/11 08:14:16 | 000,001,812 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\07 Pieces.lnk
[2013/11/15 02:34:58 | 000,002,189 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\2.Guns.2013.BDRip.X264-SPARKS.lnk
[2013/11/28 10:52:56 | 000,002,499 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\20131127_135854.lnk
[2013/08/24 18:48:58 | 000,000,828 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\28888650_20130819_0095.lnk
[2013/10/03 09:36:19 | 000,000,393 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\28888650_20130918_0096.lnk
[2013/12/20 11:05:29 | 000,001,037 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\28888650_20131219_0099.lnk
[2013/12/10 06:31:46 | 000,002,274 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\39036403_20130718_0006.lnk
[2013/08/24 18:47:51 | 000,000,690 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\39036403_20130819_0007.lnk
[2013/12/06 08:15:08 | 000,000,785 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\A.B.J2.lnk
[2014/01/26 23:26:56 | 000,000,606 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Ahmad Shahruddin CV(2).lnk
[2014/01/26 23:27:00 | 000,000,606 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Ahmad Shahruddin CV(3).lnk
[2014/01/26 23:26:49 | 000,000,606 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Ahmad Shahruddin CV(4).lnk
[2014/02/04 21:20:37 | 000,003,848 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\AJBA test notes.lnk
[2014/01/29 17:51:02 | 000,000,656 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\American.Hustle.2013.DVDScr.XVID.AC3.HQ.Hive-CM8.lnk
[2013/07/20 18:48:04 | 000,000,381 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Bill.lnk
[2013/10/23 14:22:41 | 000,000,537 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\CD1.lnk
[2014/01/30 18:22:22 | 000,001,164 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Chasing the sun the wanted lyrics.lnk
[2014/01/26 23:27:23 | 000,000,579 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\clip_image002.lnk
[2013/08/07 20:52:46 | 000,001,363 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Control Systems Engineering - Lecture 5 - Block Diagrams - YouTube.lnk
[2013/11/17 14:16:18 | 000,000,319 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Data (D).lnk
[2014/01/26 23:27:23 | 000,000,421 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\DIN's Resune.lnk
[2014/02/01 20:42:26 | 000,003,073 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\DNB.lnk
[2013/12/10 06:31:46 | 000,002,031 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Documents.lnk
[2014/02/04 21:20:37 | 000,002,464 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Downloads.lnk
[2014/01/30 18:24:26 | 000,001,134 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Dynamite-Taio Cruz (lyrics).lnk
[2014/01/30 18:13:09 | 000,001,264 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Eminem - The Monster ft. Rihanna ( Lyrics On-Screen ).lnk
[2013/09/23 19:29:34 | 000,000,633 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Faisal_-_Resume updated.lnk
[2013/10/23 14:22:41 | 000,000,766 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Folder.lnk
[2013/10/10 02:12:10 | 000,000,455 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Gamer.DVDRip.XviD-DoNE (2).lnk
[2013/10/27 21:08:36 | 000,001,151 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\GSS 2013 Booklet Low Res.lnk
[2013/08/24 18:47:46 | 000,002,542 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\IMG_20130708_0001.lnk
[2013/07/08 05:47:05 | 000,002,538 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\IMG_20130708_0003.lnk
[2013/11/28 10:52:45 | 000,002,538 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\IMG_20130708_0004.lnk
[2014/01/26 23:27:16 | 000,000,603 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\IMG_20130708_0004_NEW.lnk
[2013/12/10 09:14:32 | 000,002,259 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\insidious2.brrip.xvid.lnk
[2013/12/19 19:18:04 | 000,000,438 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\ITE (2).lnk
[2014/01/02 08:53:50 | 000,000,534 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\ITE 2.lnk
[2013/12/19 19:18:04 | 000,000,558 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\ITE.lnk
[2014/01/02 08:53:50 | 000,000,673 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\ITE2.lnk
[2013/12/06 08:15:08 | 000,000,560 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Journey 2 The Mysterious Island 2012 BRRip XVID AbSurdiTy.lnk
[2013/12/06 10:39:21 | 000,000,649 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Jual.Minyak.2012.SDTVRip.x264.AC3.JaKi05.lnk
[2014/02/17 23:18:06 | 000,000,321 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Knight (K).lnk
[2013/12/10 04:06:23 | 000,002,234 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Line.of.Duty.2013.LIMITED.DVDRip.X264-GECKOS.lnk
[2013/10/03 09:36:20 | 000,000,315 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Local Disk (Z).lnk
[2014/01/30 18:04:52 | 000,001,154 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Maroon 5 - Love Somebody Lyrics.lnk
[2014/01/30 18:08:08 | 000,001,149 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\MAROON 5 ONE MORE NIGHT LYRICS.lnk
[2014/01/15 19:04:05 | 000,003,095 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Melayu.lnk
[2014/01/30 18:09:19 | 000,001,284 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Moves Like Jagger - Maroon 5 featuring Christina Aguilera.lnk
[2014/02/13 18:49:06 | 000,000,840 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Music.lnk
[2013/11/28 10:52:56 | 000,001,314 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\My Pictures.lnk
[2013/11/17 14:21:20 | 000,000,144 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Network.lnk
[2013/11/12 08:00:05 | 000,000,325 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\New Volume (E).lnk
[2014/02/13 18:49:06 | 000,001,104 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Nico - Rindu HQ Audio.lnk
[2013/12/09 15:12:30 | 000,000,630 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\No Subject.eml.lnk
[2013/10/09 23:53:31 | 000,000,491 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Oblivion.2013.BDRip.XviD.AC3-SANTi.lnk
[2014/01/30 18:02:40 | 000,001,179 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\One Republic Lyrics - Stop and Stare.lnk
[2013/12/09 14:38:33 | 000,000,563 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Outlook.lnk
[2013/11/08 15:26:30 | 000,001,048 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Paranoia.2013.BDRip.X264-SPARKS.lnk
[2014/02/17 23:16:56 | 000,000,499 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Penanggal [2013] DVDRip 480p.lnk
[2013/12/17 08:29:48 | 000,001,930 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Phone.lnk
[2013/11/28 10:52:29 | 000,000,587 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Pictures.lnk
[2013/11/16 01:17:12 | 000,000,546 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\resume (2).lnk
[2014/01/11 12:09:35 | 000,000,553 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\resume (3).lnk
[2014/01/26 23:23:18 | 000,000,556 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\resume.lnk
[2013/11/07 02:19:11 | 000,000,516 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Rm E97-99.lnk
[2013/12/06 08:16:46 | 000,000,494 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\RM173.lnk
[2013/12/24 08:53:24 | 000,000,444 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man 720p.lnk
[2013/11/28 16:11:37 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E016.lnk
[2013/11/28 16:13:06 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E017.lnk
[2013/12/01 02:40:07 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E020.lnk
[2013/12/01 03:53:16 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E021.lnk
[2013/12/01 05:16:45 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E022.lnk
[2013/12/01 06:43:47 | 000,000,594 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E023.lnk
[2013/12/04 09:17:47 | 000,000,519 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E168 [conv] (2).lnk
[2013/12/04 09:09:19 | 000,000,519 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man E168 [conv].lnk
[2014/02/08 00:22:43 | 000,000,595 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.183.lnk
[2014/02/17 23:17:44 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.37.lnk
[2014/02/03 05:06:58 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.56.lnk
[2014/02/03 15:26:21 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.58.lnk
[2014/02/04 12:21:57 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.59.lnk
[2014/02/08 00:22:18 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.60.lnk
[2014/02/14 19:54:54 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.61.lnk
[2014/02/18 08:37:49 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.62.lnk
[2014/02/18 08:37:57 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.63.lnk
[2014/02/05 09:16:15 | 000,000,592 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.66.lnk
[2013/11/17 14:13:14 | 000,000,522 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man.2013.DVDRip.AC3.x264-LooKMaNe (2).lnk
[2013/11/17 14:13:14 | 000,000,822 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man.2013.DVDRip.AC3.x264-LooKMaNe.lnk
[2014/02/18 08:37:57 | 000,000,424 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Running Man.lnk
[2014/02/17 23:18:06 | 000,000,496 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Rush.2013.BDRip.x264-SPARKS.lnk
[2014/01/02 13:34:08 | 000,000,302 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Spin.lnk
[2013/09/23 15:35:47 | 000,000,643 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Star.Trek.Into.Darkness.2013.BDRip.x264-ARROW[rarbg].lnk
[2014/02/01 23:06:43 | 000,003,767 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Start up.lnk
[2013/11/12 06:22:46 | 000,000,545 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Tai.Chi.Hero.2012.BRRip.720p.Hero.Kuryu.TH.lnk
[2013/11/12 08:00:05 | 000,000,545 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Tai.Chi.Zero.2012.BRRip.720p.Hero.Kuryu.TH.lnk
[2013/12/06 10:39:21 | 000,000,416 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Telemovie.lnk
[2014/01/30 18:20:17 | 000,001,164 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\The Wanted - Glad You Came Lyrics.lnk
[2013/11/12 04:32:03 | 000,000,488 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\The.Colony.2013.DVDRip.XviD-ViP3R (2).lnk
[2014/01/30 18:16:01 | 000,001,124 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Tik Tok-Kesha with Lyrics.lnk
[2014/01/29 17:51:02 | 000,000,407 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\today.lnk
[2014/01/30 09:50:53 | 000,000,484 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Ular [2013] DVDRip 480p.lnk
[2013/12/15 09:44:01 | 000,002,023 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Recent\Video.lnk
[2009/07/14 12:54:59 | 000,001,238 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk
[2013/11/28 08:10:26 | 000,001,413 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/11/28 08:10:26 | 000,001,407 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2009/07/14 12:54:27 | 000,001,280 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk
[2009/07/14 12:54:32 | 000,001,304 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk
[2009/07/14 12:49:38 | 000,001,228 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk
[2009/07/14 12:54:01 | 000,001,358 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk
[2009/07/14 12:54:00 | 000,001,258 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk
[2009/07/14 12:54:02 | 000,001,262 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
[2009/07/14 12:54:00 | 000,001,250 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk
[2013/11/28 08:10:26 | 000,001,457 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[2009/07/14 12:54:59 | 000,001,306 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk
[2013/08/30 07:59:43 | 000,001,151 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Juniper Networks\Host Checker\Uninstall Host Checker.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Share\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk
[2013/09/12 07:31:17 | 000,000,477 | ---- | M] () -- C:\Users\Share\Links\Desktop.lnk
[2013/09/12 07:31:17 | 000,000,892 | ---- | M] () -- C:\Users\Share\Links\Downloads.lnk
[2013/09/12 07:31:17 | 000,000,363 | ---- | M] () -- C:\Users\Share\Links\RecentPlaces.lnk
[2013/06/23 12:29:26 | 000,002,283 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/27 20:32:30 | 000,001,401 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2009/07/14 12:49:38 | 000,000,290 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/06/23 13:15:50 | 000,001,051 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Tag&Rename.lnk
[2009/07/14 12:49:38 | 000,000,272 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/05/13 12:10:54 | 000,002,294 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[2013/11/26 17:55:53 | 000,001,423 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
[2014/02/17 19:15:46 | 000,001,164 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
[2009/07/14 12:49:38 | 000,001,228 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk
[2010/11/21 11:40:30 | 000,001,547 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk
[2013/08/20 17:01:47 | 000,002,032 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\2 PSpice Simulation.LNK
[2013/10/01 16:59:38 | 000,000,801 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Ahmad Faris Bin Abdul Jalil SMRT Application Form.LNK
[2014/02/18 19:18:44 | 000,001,077 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Assignment 17.02.LNK
[2014/02/11 11:32:23 | 000,000,420 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Assignment 2044.LNK
[2014/02/11 11:28:14 | 000,000,429 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Assignment two feb.LNK
[2013/11/29 12:39:22 | 000,000,319 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\BPLRT Ops Rota1.LNK
[2013/12/07 23:50:04 | 000,000,520 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Copy of MUP Claim Form 2009.LNK
[2013/12/07 23:50:25 | 000,000,511 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Copy of resume (updated).LNK
[2014/01/27 09:36:19 | 000,000,381 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\DIN's Resune.LNK
[2013/07/05 18:22:47 | 000,000,351 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Din.LNK
[2013/12/07 23:50:25 | 000,000,352 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\doc.LNK
[2014/01/30 22:43:48 | 000,001,013 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Documents.LNK
[2014/02/18 19:18:44 | 000,000,895 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Downloads.LNK
[2014/02/12 21:09:46 | 000,001,097 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\EEET_2044_Assignment.LNK
[2014/01/20 15:17:20 | 000,001,112 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Example_2_-_Displacement.LNK
[2013/10/17 18:29:05 | 000,000,460 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Faris.LNK
[2013/12/24 21:50:04 | 000,000,188 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\FARIS1408 (K).LNK
[2013/07/23 17:28:11 | 000,000,536 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\iPTo.LNK
[2013/07/06 18:09:03 | 000,000,184 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\JALIL (K).LNK
[2014/01/30 22:43:48 | 000,001,155 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\lecture23.LNK
[2013/12/07 23:50:15 | 000,000,496 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\MUP Claim Form 2009.LNK
[2013/08/04 22:47:53 | 000,000,911 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\My Documents.LNK
[2014/02/11 11:32:23 | 000,000,286 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\My Passport (L).LNK
[2013/09/02 21:04:58 | 000,001,102 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Quiz.LNK
[2014/02/11 10:55:21 | 000,000,179 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Removable Disk (K).LNK
[2014/01/27 09:36:19 | 000,000,484 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\resume.LNK
[2013/08/20 17:01:47 | 000,001,840 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Sig&Sys Practical 6 Data Sets.LNK
[2014/01/30 22:45:20 | 000,001,401 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Signals and Systems 3041.LNK
[2013/11/05 13:44:10 | 000,001,212 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Star Three Sixty- Temp Retail Sales- Paragon.LNK
[2013/10/01 16:59:38 | 000,000,567 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\Work related.LNK
[2014/02/11 00:14:40 | 000,001,201 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\World Of Our Own [CDS - 2] - Westlife [2002].LNK
[2014/02/11 00:14:40 | 000,000,982 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Office\Recent\[2002] World of Our Own [CDS - 2] - 50.7mb @ 320kbs ##.LNK
[2014/02/18 18:40:28 | 000,000,848 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\01-Daughtry-Baptized.lnk
[2014/02/18 18:44:23 | 000,000,884 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\02-Daughtry-Waiting For Superman.lnk
[2014/02/19 19:32:30 | 000,000,778 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\02192014_192641.lnk
[2014/02/18 18:48:40 | 000,000,857 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\03-Daughtry-Battleships.lnk
[2014/02/18 18:52:26 | 000,000,851 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\04-Daughtry-Ill Fight.lnk
[2014/02/18 18:55:26 | 000,000,854 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\05-Daughtry-Wild Heart.lnk
[2014/02/18 19:00:34 | 000,000,896 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\06-Daughtry- Long Live Rock and Roll.lnk
[2014/02/18 18:17:02 | 000,000,818 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\09. Mirrors.lnk
[2014/02/18 17:46:00 | 000,002,388 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\1.lnk
[2014/02/13 20:53:01 | 000,000,458 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\379rhtd.part1.lnk
[2014/02/18 18:21:12 | 000,000,583 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\500.Days.Of.Summer.BDRip.XviD-ARiGOLD.lnk
[2014/02/18 18:46:11 | 000,000,821 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\@Read ME!!!.lnk
[2014/02/11 00:38:49 | 000,000,797 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\A To Z - Bicara Rindu.lnk
[2014/02/11 00:38:40 | 000,000,827 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\A To Z - Dulu Dan Selamanya.lnk
[2014/02/11 00:38:49 | 000,000,576 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\A to Z.lnk
[2014/02/11 14:05:16 | 000,000,782 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\AllScans.lnk
[2014/01/27 13:41:03 | 000,000,639 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Analog and Digital Signals and Systems.lnk
[2014/02/18 18:21:12 | 000,000,810 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\arigold-dos-xvid.lnk
[2014/02/18 19:20:27 | 000,000,671 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Assignment 17.02.lnk
[2014/02/11 11:32:23 | 000,000,468 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Assignment 2044.lnk
[2014/02/11 11:32:15 | 000,000,477 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Assignment two feb.lnk
[2014/02/12 22:15:59 | 000,002,474 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Assignment.lnk
[2014/02/05 08:07:04 | 000,000,502 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\aswMBR (2).lnk
[2014/02/13 09:14:17 | 000,000,552 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\aswMBR.lnk
[2014/02/17 18:18:46 | 000,000,519 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bambi (1942).lnk
[2014/02/17 18:18:46 | 000,000,763 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bambi.1942.720p.BRrip.x264.GAZ.YIFY (2).lnk
[2014/02/17 18:18:34 | 000,000,763 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bambi.1942.720p.BRrip.x264.GAZ.YIFY.lnk
[2014/02/18 21:38:20 | 000,000,574 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bambi.2.2006.BluRay.720p.H264 (2).lnk
[2014/02/18 21:38:20 | 000,000,843 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bambi.2.2006.BluRay.720p.H264.en.lnk
[2014/02/18 21:37:55 | 000,000,834 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bambi.2.2006.BluRay.720p.H264.lnk
[2014/02/09 18:59:39 | 000,002,410 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\bcs.lnk
[2014/02/18 18:18:38 | 000,000,701 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Benfica vs Newcastle United - 1stHalf.lnk
[2014/02/18 18:18:38 | 000,000,455 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Benfica vs Newcastle.lnk
[2014/01/30 22:44:09 | 000,001,238 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bode_Plots.lnk
[2014/02/11 00:22:09 | 000,001,048 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bop Bop Baby.lnk
[2014/02/18 21:48:47 | 000,000,671 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Bun Dilamun Cinta.lnk
[2014/02/12 22:17:37 | 000,002,628 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\cds-logo.jpg w=135&h=123.lnk
[2014/02/18 18:06:21 | 000,000,558 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Compressed.lnk
[2014/02/18 17:27:24 | 000,000,746 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\concussion.2013.dvdrip.x264-wide.lnk
[2014/02/12 22:24:10 | 000,000,902 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Cursor_3_Secondary.lnk
[2014/02/18 18:17:56 | 000,000,709 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Daughtry - Daughtry (US Deluxe Edition) 2008.lnk
[2014/02/18 18:17:52 | 000,000,996 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Daughtry - Daughtry - CD.lnk
[2014/02/18 18:46:16 | 000,000,878 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Daughtry – Baptized 2013 front.lnk
[2014/02/18 19:00:34 | 000,000,597 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Daughtry- Baptized- [2013]- NewMp3Club.lnk
[2014/02/18 18:17:56 | 000,000,943 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\daughty.lnk
[2014/02/18 21:48:47 | 000,000,435 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Downloads.lnk
[2014/02/18 18:23:32 | 000,000,565 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Drive.2011.BRRip.XviD.AC3-SANTi.lnk
[2014/02/11 10:54:28 | 000,000,337 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\DSC_1454.lnk
[2014/02/11 11:00:09 | 000,000,364 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\DSC_1454for email.lnk
[2014/01/30 22:49:10 | 000,000,706 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\EE2010_Revision Summary.lnk
[2014/02/12 21:09:46 | 000,000,691 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\EEET_2044_Assignment.lnk
[2014/02/18 21:45:30 | 000,000,626 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Episod 1.lnk
[2014/02/07 10:32:00 | 000,000,745 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Extras.lnk
[2014/02/09 18:29:09 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e01.dvdrip.x264-demand (2).lnk
[2014/02/09 18:29:56 | 000,000,891 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E01.DVDRip.X264-DEMAND (5).lnk
[2014/02/09 18:28:26 | 000,001,244 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e01.dvdrip.x264-demand.proof.lnk
[2014/02/09 18:38:09 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e13.dvdrip.x264-demand (2).lnk
[2014/02/09 18:38:28 | 000,000,891 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E13.DVDRip.X264-DEMAND (4).lnk
[2014/02/09 18:39:03 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e14.dvdrip.x264-demand (2).lnk
[2014/02/09 18:39:40 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e15.dvdrip.x264-demand (2).lnk
[2014/02/09 18:40:10 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e16.dvdrip.x264-demand (2).lnk
[2014/02/09 18:40:44 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e17.dvdrip.x264-demand (2).lnk
[2014/02/09 18:41:18 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e18.dvdrip.x264-demand (2).lnk
[2014/02/09 18:42:03 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e19.dvdrip.x264-demand (2).lnk
[2014/02/09 18:42:34 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e20.dvdrip.x264-demand (2).lnk
[2014/02/09 18:43:02 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e21.dvdrip.x264-demand (2).lnk
[2014/02/09 18:43:29 | 000,001,132 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\family.guy.s11e22.dvdrip.x264-demand (2).lnk
[2014/02/09 18:43:23 | 000,000,704 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Family.Guy.S11E22.DVDRip.X264-DEMAND.lnk
[2014/02/18 18:06:57 | 000,001,271 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Freezer.2013.720p.BRRiP.XViD.AC3-LEGi0N.lnk
[2014/02/18 18:06:57 | 000,000,825 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Freezer.2013.720p.BRRiP.XViD.AC3LEGi0N.lnk
[2014/01/27 13:45:05 | 000,000,633 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Fundamentals of Mechatronics (gnv64).lnk
[2014/02/18 18:05:57 | 000,000,594 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Homefront (2) DVDRip XviD-MAXSPEED.lnk
[2014/02/15 23:26:16 | 000,000,588 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Homefront 2013 DVDRIP XVID AC3 ACAB (2).lnk
[2014/02/16 21:45:04 | 000,000,605 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Homefront.2013.HDRip.XviD-ViP3R.lnk
[2014/02/17 17:40:56 | 000,000,711 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\icmios.bluray.720p_imdset.lnk
[2014/02/17 17:27:13 | 000,002,568 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\IMG_20140213_0001.lnk
[2014/02/15 23:27:48 | 000,000,983 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Jgn.MKV (2).lnk
[2014/02/15 23:27:25 | 000,001,085 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Jgn.MKV.lnk
[2014/02/15 23:27:48 | 000,001,207 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\JPB.MKV.lnk
[2014/02/18 18:17:02 | 000,000,572 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Justin Timberlake- The 20 20 Experience- [2013]- NewMp3Club.lnk
[2014/01/27 13:41:14 | 000,000,708 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\LabVIEW Data Acquisition Basics Manual - National Instruments.lnk
[2014/01/30 22:43:48 | 000,000,769 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\lecture23.lnk
[2014/02/18 18:06:21 | 000,000,961 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\mahayant_9_yod.2013-DVDRip.x264.AAC-SeeingMole.lnk
[2014/02/16 21:42:02 | 000,000,623 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Make_Me_Shudder.2013-DVDRip.x264.AAC-SeeingMole (2).lnk
[2014/02/16 21:42:02 | 000,000,965 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Make_Me_Shudder.2013-DVDRip.x264.AAC-SeeingMole.lnk
[2014/02/18 18:16:27 | 000,000,501 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Matilda.1996.1080p.BRRip.x264-YIFY (2).lnk
[2014/02/18 18:16:27 | 000,000,766 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Matilda.1996.1080p.BRRip.x264-YIFY.lnk
[2014/02/11 11:33:20 | 000,000,507 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\media_2.lnk
[2014/02/11 14:14:49 | 000,000,507 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\media_3.lnk
[2014/02/11 14:14:54 | 000,000,507 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\media_4.lnk
[2014/02/18 18:06:09 | 000,000,801 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\mhynt9yd.part4.lnk
[2014/02/16 21:37:54 | 000,000,554 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\mkmshddr.part1.lnk
[2014/02/12 20:00:22 | 000,000,656 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\mkmshddr.part3.lnk
[2014/02/18 18:11:14 | 000,000,730 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\More Collection.lnk
[2014/02/19 19:32:30 | 000,000,568 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\MovedFiles.lnk
[2014/02/18 18:19:36 | 000,000,397 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Movz.lnk
[2014/02/15 16:20:26 | 000,001,226 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Mr Go 2013 BRRip 720p x264 AAC - PRiSTiNE (2).lnk
[2014/02/15 16:18:18 | 000,001,226 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Mr Go 2013 BRRip 720p x264 AAC - PRiSTiNE.lnk
[2014/02/12 23:45:03 | 000,001,066 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\My Name Is Khan 2010 Hindi BRRip 720p x264 AAC 5.1...Hon3y.lnk
[2014/02/19 17:42:05 | 000,000,601 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\New.Girl.S01.Season.1.DVDRip.XviD-CLUE.lnk
[2014/02/19 17:42:05 | 000,000,888 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\New.Girl.S01E01.DVDRip.XviD-CLUE.lnk
[2014/02/18 18:20:13 | 000,000,693 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Part 01 - Cabarannya.lnk
[2014/02/18 18:20:34 | 000,000,732 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Part 02 - Nabi Isa di dalam Quran.lnk
[2014/02/18 18:14:54 | 000,000,522 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Person.of.Interest.S02.DVDRip.X264-DEMAND.lnk
[2014/02/18 18:14:54 | 000,000,831 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Person.of.Interest.S02E01.DVDRip.X264-DEMAND.lnk
[2014/01/30 22:45:20 | 000,001,288 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Practical 6_Ahmad F.lnk
[2014/02/08 22:23:35 | 000,000,492 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Practical feb seventeen.lnk
[2014/02/08 22:44:56 | 000,000,388 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\practical research.lnk
[2014/02/04 22:07:42 | 000,000,625 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Running Man Ep.182.lnk
[2014/02/18 18:23:32 | 000,000,798 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\santi-drive.brrip.xvid.lnk
[2014/02/18 18:05:57 | 000,000,816 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\screencaps.lnk
[2014/02/18 18:11:14 | 000,000,512 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Shawn Desman- Alive- [2013]- NewMp3Club.lnk
[2014/01/30 23:21:18 | 000,000,975 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Signals and Systems.lnk
[2014/02/17 19:41:22 | 000,000,595 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Skinwalker.Ranch.2013.BDRip.XviD-MWT.lnk
[2014/02/15 00:29:22 | 000,000,745 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\smart.lnk
[2014/02/19 18:47:33 | 000,002,410 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\sml.lnk
[2014/02/11 10:55:21 | 000,000,349 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\SS Report B.lnk
[2014/02/09 19:59:21 | 000,001,470 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The Cosby Show Complete Pack (Tv Series, Specials, 2 Stand ups) DVDRIP (WAZZ).part01.lnk
[2014/02/09 19:00:10 | 000,001,151 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The Cosby Show Complete Pack (Tv Series, Specials, 2 Stand ups) DVDRIP (WAZZ).part02.lnk
[2014/02/18 18:20:34 | 000,000,504 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\the.arrivals.lnk
[2014/02/19 17:44:31 | 000,000,607 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The.Crone.2013.720p.BRRip.h264.AAC-RARBG (2).lnk
[2014/02/19 17:44:31 | 000,000,922 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The.Crone.2013.720p.BRRip.h264.AAC-RARBG.lnk
[2014/02/16 21:47:59 | 000,000,960 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The.Hunger.Games.Catching.Fire.2013.IMAX.EDiTION.BRRip.XviD-ViP3R (2).lnk
[2014/02/18 18:19:36 | 000,000,635 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The.Time.Travelers.Wife.2009.DVDRip.XviD-iMBT.lnk
[2014/02/18 21:39:54 | 000,000,605 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The.White.Storm.2013.BRRip.h264.AAC-RARBG (2).lnk
[2014/02/18 21:39:54 | 000,000,917 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The.White.Storm.2013.BRRip.h264.AAC-RARBG.lnk
[2014/02/16 21:41:23 | 000,000,626 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The_Second_Sight.2013-DVDRip.x264.AAC-SeeingMole (2).lnk
[2014/02/16 21:41:23 | 000,000,973 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\The_Second_Sight.2013-DVDRip.x264.AAC-SeeingMole.lnk
[2014/02/16 21:38:38 | 000,000,560 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\thscndsght.part1.lnk
[2014/02/16 21:45:04 | 000,000,407 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\today.lnk
[2014/02/15 23:35:38 | 000,000,681 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Tutorial_5_Solution.lnk
[2014/02/18 18:19:25 | 000,000,539 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\twiz-fd5-xvid.lnk
[2014/02/10 20:13:56 | 000,000,550 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Ustaz Mu Tunggu Aku Datang (2013) DVDRip 480p.lnk
[2014/02/16 00:38:16 | 000,000,529 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Video.lnk
[2014/02/11 13:14:06 | 000,001,086 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\videoplayback_2.lnk
[2014/02/11 00:19:23 | 000,001,153 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\World Of Our Own - Westlife (Booklet 02) [2001].lnk
[2014/02/11 00:19:30 | 000,001,135 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\World Of Our Own - Westlife (Disc) [2001].lnk
[2014/02/11 00:14:57 | 000,001,512 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\World Of Our Own [CDS - 2] - Westlife (Disc) [2002].lnk
[2014/02/11 00:14:40 | 000,001,491 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\World Of Our Own [CDS - 2] - Westlife [2002].lnk
[2014/02/11 00:38:43 | 000,000,628 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\World of Our Own.lnk
[2014/02/15 23:42:48 | 000,001,181 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Wujud 1 (2013) DVDRip Pencurimovie.lnk
[2014/02/16 21:51:45 | 000,000,574 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Wujud 1-11(2013) DVDRip 480p PFT.lnk
[2014/02/16 21:51:45 | 000,000,850 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Wujud 10 (2013) DVDRip Pencurimovie.lnk
[2014/02/16 00:38:16 | 000,000,867 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Wujud 11 (2013) DVDRip Pencurimovie.lnk
[2014/02/16 00:05:14 | 000,001,075 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Wujud 9 (2013) DVDRip Pencurimovie.lnk
[2014/02/15 16:07:41 | 000,001,161 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Wujud3(2013)DVDRipPencurimovie.lnk
[2014/02/15 16:14:58 | 000,001,161 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Wujud4(2013)DVDRipPencurimovie.lnk
[2014/02/15 16:27:40 | 000,001,161 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\Wujud5(2013)DVDRipPencurimovie.lnk
[2014/02/11 20:19:30 | 000,001,280 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Recent\www.TamilRockers.net - Engal Anna (2004) Ayn DVDRip x264 1CDRip 700MB Tamil.lnk
[2009/07/14 12:54:59 | 000,001,238 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk
[2013/11/27 20:32:30 | 000,001,413 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/11/27 20:32:30 | 000,001,407 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/12/16 16:31:29 | 000,001,164 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2009/07/14 12:54:27 | 000,001,280 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk
[2009/07/14 12:54:32 | 000,001,304 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk
[2009/07/14 12:49:38 | 000,001,228 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk
[2009/07/14 12:54:01 | 000,001,358 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk
[2009/07/14 12:54:00 | 000,001,258 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk
[2009/07/14 12:54:02 | 000,001,262 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
[2009/07/14 12:54:00 | 000,001,250 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk
[2013/11/27 20:32:30 | 000,001,457 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[2009/07/14 12:54:59 | 000,001,306 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk
[2013/05/13 12:19:11 | 000,002,951 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk
[2013/06/24 00:15:06 | 000,001,061 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk
[2013/06/24 00:15:06 | 000,001,049 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk
[2013/06/24 00:15:06 | 000,001,049 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk
[2013/06/24 00:15:06 | 000,001,061 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk
[2013/06/24 00:15:06 | 000,001,049 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk
[2013/06/24 00:15:06 | 000,001,073 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk
[2013/05/13 12:35:19 | 000,001,157 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Juniper Networks\Host Checker\Uninstall Host Checker.lnk
[2009/07/14 12:49:38 | 000,000,262 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk
[2013/05/18 16:25:42 | 000,001,205 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playlist Creator 3.6.2\Playlist Creator 3.6.2 Help.lnk
[2013/05/18 16:25:41 | 000,001,176 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playlist Creator 3.6.2\Playlist Creator 3.6.2.lnk
[2013/05/18 16:25:42 | 000,001,205 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playlist Creator 3.6.2\Release Notes.lnk
[2013/05/18 16:25:42 | 000,001,220 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playlist Creator 3.6.2\www.oddgravity.de.lnk
[2013/12/10 10:28:12 | 000,001,153 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2013/06/23 13:16:51 | 000,001,026 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk
[2013/06/23 13:16:51 | 000,001,045 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk
[2013/06/23 13:16:51 | 000,001,045 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
[2013/12/26 10:14:02 | 000,002,516 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Real\RealPlayer\History\Big [bleep] Spider 2013 720p BRRip x264 A....lnk
[2013/12/31 17:15:56 | 000,002,404 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Real\RealPlayer\History\RealPlay - Watch Full length movies and TV Series.lnk
[2013/12/13 18:24:17 | 000,002,740 | ---- | M] () -- C:\Users\Ulysses\AppData\Roaming\Real\RealPlayer\History\[engsub] Running Man Ep.15 - Guest- T....lnk
[2013/05/13 12:19:11 | 000,002,985 | ---- | M] () -- C:\Users\Ulysses\Desktop\HiJackThis.lnk
[2013/06/23 12:41:51 | 000,000,855 | ---- | M] () -- C:\Users\Ulysses\Desktop\µTorrent.lnk
[2013/09/12 16:17:01 | 000,000,483 | ---- | M] () -- C:\Users\Ulysses\Links\Desktop.lnk
[2013/09/12 16:17:01 | 000,000,902 | ---- | M] () -- C:\Users\Ulysses\Links\Downloads.lnk
[2009/06/11 04:41:58 | 000,001,989 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-powershell_31bf3856ad364e35_6.1.7601.17514_none_5b56b853bd5adf50\Windows PowerShell (x86).lnk
[2009/06/11 04:41:58 | 000,002,741 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-powershell_31bf3856ad364e35_6.1.7601.17514_none_5b56b853bd5adf50\Windows PowerShell Modules.lnk
[2009/06/11 04:41:58 | 000,001,899 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-powershell_31bf3856ad364e35_6.1.7601.17514_none_5b56b853bd5adf50\Windows PowerShell.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Are the shortcuts still present? No.
PC running fine other than 1kb within folder. Even in _OTL there's one.

Edited by xxmaxixx, 19 February 2014 - 05:37 AM.

  • 0

Advertisements


#11
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey,

  • Please download Farbar Recovery Scan Tool and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.
    Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforu...isc-create.html


    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:

    Startup Repair
    System Restore
    Windows Complete PC Restore
    Windows Memory Diagnostic Tool
    Command Prompt


    Select Command Prompt
  • Once in the Command Prompt:
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst64 and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

  • 0

#12
xxmaxixx

xxmaxixx

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2014 01
Ran by SYSTEM on MININT-2DJE5VC on 22-02-2014 19:30:01
Running from E:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [VIRTU MVP] - C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe [3008288 2012-03-25] ()
HKLM\...\Run: [itype] - c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-20] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PivotSoftware] - C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM-x32\...\Run: [DT ACR] - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121648 2012-04-12] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-24] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DBAgent] - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1517640 2013-05-29] (Seagate Technology LLC)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-13] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-01] (Oracle Corporation)
HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-09] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-12-13] (RealNetworks, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [807696 2013-12-20] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\Share\...\Run: [IDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3604048 2013-06-20] (Tonec Inc.)
HKU\Share\...\Run: [Windows Update] - "C:\Google\AutoIt3.exe C:\Google/googleupdate.a3x"
HKU\Ulysses\...\Run: [uTorrent] - C:\Users\Ulysses\AppData\Roaming\uTorrent\uTorrent.exe [900440 2013-11-16] (BitTorrent Inc.)
HKU\Ulysses\...\Run: [IDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3604048 2013-06-20] (Tonec Inc.)
HKU\Ulysses\...\Run: [Uploader] - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [122984 2013-05-29] (Seagate Technology LLC)
HKU\Ulysses\...\Run: [LiveSupport] - "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\Ulysses\...\Run: [MCShield Monitor] - C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-02-01] (MyCity)
HKU\Ulysses\...\Run: [googleupdate.exe] - "C:\Google\googleupdate.vbs"
HKU\Ulysses\...\Run: [googleupdate] - "C:\Google\googleupdate.vbs"
AppInit_DLLs: C:\Windows\system32\appinit_dll.dll => C:\Windows\system32\appinit_dll.dll [171808 2012-03-25] (Lucidlogix Inc.)
AppInit_DLLs-x32: c:\windows\syswow64\appinit_dll.dll => c:\windows\syswow64\appinit_dll.dll [147744 2012-03-25] (Lucidlogix Inc.)
Startup: C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Services (Whitelisted) =================

S2 AntiVirFirewallService; C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [619472 2012-10-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [375760 2012-10-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-10-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-10-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-10-09] (Avira Operations GmbH & Co. KG)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
S2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-16] (ASUSTeK Computer Inc.)
S2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [1475744 2012-05-24] (ASUSTeK Computer Inc.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
S2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138032 2012-04-12] (Portrait Displays, Inc.)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-24] (Intel Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-13] ()
S2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2013-05-29] (Seagate Technology LLC)
S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-11-01] (Western Digital Technologies, Inc.)
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-01] (Western Digital Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-18] (ASUSTek Computer Inc.)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-02] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
S3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [114168 2012-10-09] (Avira GmbH)
S1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [140936 2012-10-09] (Avira GmbH)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-09-26] (Avira GmbH)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-09-26] (Avira GmbH)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-09-26] (Avira GmbH)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20784 2012-04-12] (Portrait Displays, Inc.)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-21 20:49 - 2014-02-22 19:30 - 00000000 ____D () C:\FRST
2014-02-21 04:51 - 2014-02-21 06:42 - 1593499226 _____ () C:\Users\Ulysses\Downloads\Balistik.2014.DVDRip.480p.x264.AC3-LTTi.pencurimovie.cc.mkv
2014-02-20 15:55 - 2014-01-28 16:00 - 00125110 _____ () C:\Users\Ulysses\Downloads\Firestorm (2013) BluRay 720p PFT.srt
2014-02-20 04:58 - 2014-01-28 16:00 - 00125110 ____N () C:\Users\Ulysses\Desktop\Firestorm.2013.720p.HDRip.x264.Ganool.srt
2014-02-20 04:49 - 2014-02-20 04:57 - 732606291 _____ () C:\Users\Ulysses\Downloads\Firestorm (2013) BluRay 720p PFT.mkv
2014-02-19 04:20 - 2013-12-30 20:37 - 00078185 ____N () C:\Users\Ulysses\Desktop\Lone.Survivor.2013.DVDScr.650MB.Ganool.srt
2014-02-18 05:46 - 2014-02-18 05:48 - 165121690 _____ () C:\Users\Ulysses\Downloads\Bun Dilamun Cinta.avi
2014-02-18 05:44 - 2014-02-18 05:45 - 116668542 _____ () C:\Users\Ulysses\Downloads\Episod 1.avi
2014-02-18 02:08 - 2014-02-19 00:09 - 00000810 _____ () C:\ProgramData\ProgramData.lnk
2014-02-17 03:15 - 2014-02-17 03:15 - 00000000 ____D () C:\Users\Ulysses\Desktop\Old Firefox Data
2014-02-16 05:44 - 2014-02-14 04:58 - 00064863 ____N () C:\Users\Ulysses\Desktop\Homefront.2013.HDRip.XviD-ViP3R.srt
2014-02-15 08:05 - 2014-02-15 08:17 - 908381580 _____ () C:\Users\Ulysses\Downloads\Wujud 10 (2013) DVDRip Pencurimovie.mkv
2014-02-15 07:52 - 2014-02-15 08:05 - 526431880 _____ () C:\Users\Ulysses\Downloads\Wujud 9 (2013) DVDRip Pencurimovie.mkv
2014-02-14 16:22 - 2014-02-14 16:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 08:29 - 2014-02-14 08:29 - 00000000 ____D () C:\Users\Ulysses\AppData\Local\Adobe
2014-02-12 17:17 - 2013-12-09 18:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-02-12 17:17 - 2013-12-09 18:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 17:17 - 2013-12-05 18:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-02-12 17:17 - 2013-12-05 18:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2014-02-12 17:17 - 2013-12-05 18:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 17:17 - 2013-12-05 18:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 17:15 - 2014-02-03 07:28 - 01188864 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-02-12 17:15 - 2014-02-03 07:27 - 12296192 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-02-12 17:15 - 2014-02-03 07:27 - 09078784 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-02-12 17:15 - 2014-02-03 07:27 - 02458112 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-02-12 17:15 - 2014-02-03 07:27 - 01495040 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-02-12 17:15 - 2014-02-03 07:27 - 00735232 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-02-12 17:15 - 2014-02-03 07:27 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-02-12 17:15 - 2014-02-03 07:27 - 00134144 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-02-12 17:15 - 2014-02-03 07:27 - 00097792 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-02-12 17:15 - 2014-02-03 07:27 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-02-12 17:15 - 2014-02-03 07:05 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 17:15 - 2014-02-03 07:05 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 17:15 - 2014-02-03 07:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-12 17:15 - 2014-02-03 07:04 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 17:15 - 2014-02-03 07:04 - 06040064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 17:15 - 2014-02-03 07:04 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 17:15 - 2014-02-03 07:04 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 17:15 - 2014-02-03 07:04 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 17:15 - 2014-02-03 07:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-12 17:15 - 2014-02-03 07:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 17:15 - 2014-02-03 05:38 - 01638912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-02-12 17:15 - 2014-02-03 05:14 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 17:15 - 2013-12-24 15:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 17:15 - 2013-12-24 14:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-02-12 17:15 - 2013-11-26 00:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 17:15 - 2013-11-22 14:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-02-12 04:06 - 2014-02-20 05:16 - 00000814 _____ () C:\Users\Ulysses\Documents\sml.txt
2014-02-10 22:07 - 2014-02-18 02:08 - 00000000 ____D () C:\_OTL
2014-02-10 21:59 - 2014-02-22 03:27 - 00000000 ____D () C:\ProgramData\MCShield
2014-02-10 21:59 - 2014-02-10 21:59 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-02-07 16:09 - 2014-02-07 16:09 - 00000000 ____D () C:\Users\Share\AppData\Local\Microsoft Games
2014-02-04 16:05 - 2014-02-04 16:05 - 00002087 _____ () C:\Users\Ulysses\Desktop\aswMBR.txt
2014-01-26 03:19 - 2014-01-26 03:39 - 881948924 _____ () C:\Users\Ulysses\Downloads\Imam.Bisu.2014.HDTV.480p.x264.AC3-LTTi.mkv
2014-01-23 21:33 - 2013-12-19 12:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2014-01-23 21:33 - 2013-12-19 12:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433221.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433221.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00357152 _____ () C:\Windows\System32\NvIFROpenGL.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2014-01-23 21:33 - 2013-12-19 12:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-01-23 21:33 - 2013-11-28 05:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2014-01-23 21:33 - 2013-11-28 05:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2014-01-23 21:33 - 2013-11-22 00:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2014-01-23 21:18 - 2014-01-23 21:26 - 589503881 _____ () C:\Users\Ulysses\Downloads\The.Philosophers.2013.BDRip.x264-RUSTED.mkv
2014-01-23 20:53 - 2014-01-23 21:19 - 00000000 ____D () C:\Users\Ulysses\Downloads\Free.Birds.2013.REPACK.DVDRip.x264-COCAIN
2014-01-23 20:17 - 2013-12-27 10:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2014-01-23 20:17 - 2013-12-27 10:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

==================== One Month Modified Files and Folders =======

2014-02-22 19:30 - 2014-02-21 20:49 - 00000000 ____D () C:\FRST
2014-02-22 03:28 - 2013-06-23 08:15 - 00000000 ____D () C:\Users\Ulysses\AppData\Roaming\DMCache
2014-02-22 03:28 - 2013-06-22 20:40 - 00000000 ____D () C:\Users\Ulysses\AppData\Roaming\uTorrent
2014-02-22 03:27 - 2014-02-10 21:59 - 00000000 ____D () C:\ProgramData\MCShield
2014-02-22 03:27 - 2013-12-13 01:58 - 00003370 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3946774030-1862938079-1394353489-1000
2014-02-22 03:27 - 2013-12-13 01:58 - 00003240 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3946774030-1862938079-1394353489-1000
2014-02-22 03:27 - 2013-07-17 01:00 - 00000606 _____ () C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job
2014-02-22 03:27 - 2013-05-12 20:07 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-22 03:27 - 2009-07-13 20:51 - 00162995 _____ () C:\Windows\setupact.log
2014-02-22 03:26 - 2013-09-26 22:46 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-02-22 03:26 - 2013-05-11 00:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-22 03:26 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-22 03:24 - 2013-05-06 20:21 - 01301088 _____ () C:\Windows\WindowsUpdate.log
2014-02-22 03:24 - 2009-07-13 20:45 - 00022064 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-22 03:24 - 2009-07-13 20:45 - 00022064 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-22 03:22 - 2013-05-12 20:07 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-22 03:21 - 2009-07-13 21:13 - 00779306 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-02-22 02:08 - 2013-05-12 20:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-22 01:12 - 2013-06-23 20:15 - 00000000 ____D () C:\Users\Ulysses\AppData\Roaming\MediaMonkey
2014-02-21 23:47 - 2013-05-12 20:00 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C41DBFC7-D05B-4268-8255-EB1A9B953ADB}
2014-02-21 17:40 - 2013-06-23 19:21 - 00000000 ____D () C:\Users\Share\AppData\Roaming\DMCache
2014-02-21 15:56 - 2013-06-23 19:20 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6A3F2F63-E9FA-4DE2-B663-F778303A5771}
2014-02-21 15:54 - 2013-08-15 00:48 - 00003344 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3946774030-1862938079-1394353489-1004
2014-02-21 15:54 - 2013-08-15 00:48 - 00003210 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3946774030-1862938079-1394353489-1004
2014-02-21 06:42 - 2014-02-21 04:51 - 1593499226 _____ () C:\Users\Ulysses\Downloads\Balistik.2014.DVDRip.480p.x264.AC3-LTTi.pencurimovie.cc.mkv
2014-02-21 05:08 - 2013-05-12 20:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 05:08 - 2013-05-12 20:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 05:08 - 2013-05-12 20:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 04:47 - 2013-05-18 00:21 - 00003348 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3946774030-1862938079-1394353489-1000
2014-02-21 04:47 - 2013-05-18 00:21 - 00003218 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3946774030-1862938079-1394353489-1000
2014-02-20 05:16 - 2014-02-12 04:06 - 00000814 _____ () C:\Users\Ulysses\Documents\sml.txt
2014-02-20 04:58 - 2013-06-23 08:15 - 00000000 ____D () C:\Users\Ulysses\Downloads\Compressed
2014-02-20 04:57 - 2014-02-20 04:49 - 732606291 _____ () C:\Users\Ulysses\Downloads\Firestorm (2013) BluRay 720p PFT.mkv
2014-02-19 07:13 - 2013-05-12 20:16 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-02-19 03:26 - 2013-12-19 03:13 - 00000000 ____D () C:\ITE
2014-02-19 03:26 - 2013-12-03 23:41 - 00000000 ____D () C:\AdwCleaner
2014-02-19 03:26 - 2013-05-11 01:04 - 00000000 ____D () C:\NVIDIA
2014-02-19 03:26 - 2013-05-10 23:59 - 00000000 ____D () C:\Intel
2014-02-19 00:09 - 2014-02-18 02:08 - 00000810 _____ () C:\ProgramData\ProgramData.lnk
2014-02-18 05:48 - 2014-02-18 05:46 - 165121690 _____ () C:\Users\Ulysses\Downloads\Bun Dilamun Cinta.avi
2014-02-18 05:45 - 2014-02-18 05:44 - 116668542 _____ () C:\Users\Ulysses\Downloads\Episod 1.avi
2014-02-18 02:25 - 2013-06-23 08:15 - 00000000 ____D () C:\Users\Ulysses\Downloads\Video
2014-02-18 02:08 - 2014-02-10 22:07 - 00000000 ____D () C:\_OTL
2014-02-18 02:01 - 2013-07-12 23:27 - 00002174 _____ () C:\Users\Ulysses\Documents\1.txt
2014-02-17 06:39 - 2009-07-13 21:08 - 00032624 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-17 03:15 - 2014-02-17 03:15 - 00000000 ____D () C:\Users\Ulysses\Desktop\Old Firefox Data
2014-02-15 08:17 - 2014-02-15 08:05 - 908381580 _____ () C:\Users\Ulysses\Downloads\Wujud 10 (2013) DVDRip Pencurimovie.mkv
2014-02-15 08:05 - 2014-02-15 07:52 - 526431880 _____ () C:\Users\Ulysses\Downloads\Wujud 9 (2013) DVDRip Pencurimovie.mkv
2014-02-15 03:41 - 2013-05-12 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 03:27 - 2013-07-23 14:47 - 00000000 ____D () C:\Windows\System32\MRT
2014-02-15 03:27 - 2013-05-11 08:59 - 88567024 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-02-14 16:22 - 2014-02-14 16:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 16:02 - 2010-11-20 19:47 - 00246006 _____ () C:\Windows\PFRO.log
2014-02-14 08:29 - 2014-02-14 08:29 - 00000000 ____D () C:\Users\Ulysses\AppData\Local\Adobe
2014-02-14 04:58 - 2014-02-16 05:44 - 00064863 ____N () C:\Users\Ulysses\Desktop\Homefront.2013.HDRip.XviD-ViP3R.srt
2014-02-13 02:50 - 2013-06-23 20:25 - 00000000 ____D () C:\Users\Share\AppData\Roaming\MediaMonkey
2014-02-13 00:31 - 2013-08-04 03:33 - 00773030 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 06:24 - 2014-01-19 05:13 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-10 22:07 - 2013-06-23 08:15 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-02-10 21:59 - 2014-02-10 21:59 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-02-07 16:09 - 2014-02-07 16:09 - 00000000 ____D () C:\Users\Share\AppData\Local\Microsoft Games
2014-02-04 16:05 - 2014-02-04 16:05 - 00002087 _____ () C:\Users\Ulysses\Desktop\aswMBR.txt
2014-02-04 16:05 - 2013-06-23 08:15 - 00000000 ____D () C:\Users\Ulysses\AppData\Roaming\IDM
2014-02-04 06:07 - 2013-06-23 19:21 - 00000000 ____D () C:\Users\Share\Downloads\Video
2014-02-03 07:28 - 2014-02-12 17:15 - 01188864 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-02-03 07:27 - 2014-02-12 17:15 - 12296192 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-02-03 07:27 - 2014-02-12 17:15 - 09078784 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-02-03 07:27 - 2014-02-12 17:15 - 02458112 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-02-03 07:27 - 2014-02-12 17:15 - 01495040 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-02-03 07:27 - 2014-02-12 17:15 - 00735232 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-02-03 07:27 - 2014-02-12 17:15 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-02-03 07:27 - 2014-02-12 17:15 - 00134144 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-02-03 07:27 - 2014-02-12 17:15 - 00097792 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-02-03 07:27 - 2014-02-12 17:15 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-02-03 07:05 - 2014-02-12 17:15 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-03 07:05 - 2014-02-12 17:15 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-03 07:05 - 2014-02-12 17:15 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-03 07:04 - 2014-02-12 17:15 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-03 07:04 - 2014-02-12 17:15 - 06040064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-03 07:04 - 2014-02-12 17:15 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-03 07:04 - 2014-02-12 17:15 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-03 07:04 - 2014-02-12 17:15 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-03 07:04 - 2014-02-12 17:15 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-03 07:04 - 2014-02-12 17:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-03 05:38 - 2014-02-12 17:15 - 01638912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-02-03 05:14 - 2014-02-12 17:15 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-30 08:35 - 2013-05-12 21:14 - 00000000 ____D () C:\Users\Ulysses\AppData\Local\Microsoft Help
2014-01-28 16:00 - 2014-02-20 15:55 - 00125110 _____ () C:\Users\Ulysses\Downloads\Firestorm (2013) BluRay 720p PFT.srt
2014-01-28 16:00 - 2014-02-20 04:58 - 00125110 ____N () C:\Users\Ulysses\Desktop\Firestorm.2013.720p.HDRip.x264.Ganool.srt
2014-01-26 03:39 - 2014-01-26 03:19 - 881948924 _____ () C:\Users\Ulysses\Downloads\Imam.Bisu.2014.HDTV.480p.x264.AC3-LTTi.mkv
2014-01-23 21:34 - 2013-05-11 00:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-23 21:26 - 2014-01-23 21:18 - 589503881 _____ () C:\Users\Ulysses\Downloads\The.Philosophers.2013.BDRip.x264-RUSTED.mkv
2014-01-23 21:19 - 2014-01-23 20:53 - 00000000 ____D () C:\Users\Ulysses\Downloads\Free.Birds.2013.REPACK.DVDRip.x264-COCAIN

Some content of TEMP:
====================
C:\Users\Share\AppData\Local\Temp\dsHostCheckerSetup.exe
C:\Users\Ulysses\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Ulysses\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Ulysses\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Ulysses\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Ulysses\AppData\Local\Temp\nvStInst.exe
C:\Users\Ulysses\AppData\Local\Temp\_is9F2B.exe
C:\Users\Ulysses\AppData\Local\Temp\_isA302.exe
C:\Users\Ulysses\AppData\Local\Temp\_isDD91.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2014-02-15 03:27:12
Restore point made on: 2014-02-18 06:12:11

==================== Memory info ===========================

Percentage of memory in use: 7%
Total physical RAM: 16336.13 MB
Available physical RAM: 15144.41 MB
Total Pagefile: 16334.33 MB
Available Pagefile: 15141.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:78.28 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:4.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:201.18 GB) NTFS
Drive f: () (Fixed) (Total:465.76 GB) (Free:107.58 GB) NTFS
Drive i: (THUMBDRIVE) (Removable) (Total:1.88 GB) (Free:0.08 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 2ADDFB7F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: DFA189C4)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FAC4FAC4)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 5D781418)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 2 GB) (Disk ID: 6B736964)
No partition Table on disk 4.


LastRegBack: 2014-02-20 04:20

==================== End Of Log ============================
  • 0

#13
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey,

  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.)
  • Right-click in the open notepad and select Paste).
  • Save it on the flashdrive as fixlist.txt

HKU\Share\...\Run: [Windows Update] - "C:\Google\AutoIt3.exe C:\Google/googleupdate.a3x"
C:\Google
HKU\Ulysses\...\Run: [googleupdate.exe] - "C:\Google\googleupdate.vbs"
HKU\Ulysses\...\Run: [googleupdate] - "C:\Google\googleupdate.vbs"
2014-02-18 02:08 - 2014-02-19 00:09 - 00000810 _____ () C:\ProgramData\ProgramData.lnk
2014-02-19 00:09 - 2014-02-18 02:08 - 00000810 _____ () C:\ProgramData\ProgramData.lnk
C:\ProgramData\ProgramData.lnk
C:\Users\All Users\ProgramData.lnk
C:\_OTL\_OTL.lnk


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system On Vista or Windows 7

Now please enter System Recovery Options.

Run FRST as before and press the Fix button just once and wait. The tool will make a log on the flashdrive (Fixlog.txt) please post it in your next reply.



Next:

Reboot in normal mode
Open OTL and press the quick scan button. Post the log it produces here
  • 0

#14
xxmaxixx

xxmaxixx

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-02-2014 01
Ran by SYSTEM at 2014-02-25 08:31:03 Run:1
Running from I:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
HKU\Share\...\Run: [Windows Update] - "C:\Google\AutoIt3.exe C:\Google/googleupdate.a3x"
C:\Google
HKU\Ulysses\...\Run: [googleupdate.exe] - "C:\Google\googleupdate.vbs"
HKU\Ulysses\...\Run: [googleupdate] - "C:\Google\googleupdate.vbs"
2014-02-18 02:08 - 2014-02-19 00:09 - 00000810 _____ () C:\ProgramData\ProgramData.lnk
2014-02-19 00:09 - 2014-02-18 02:08 - 00000810 _____ () C:\ProgramData\ProgramData.lnk
C:\ProgramData\ProgramData.lnk
C:\Users\All Users\ProgramData.lnk
C:\_OTL\_OTL.lnk
*****************

HKU\Share\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Update => Value deleted successfully.
"C:\Google" => File/Directory not found.
HKU\Ulysses\Software\Microsoft\Windows\CurrentVersion\Run\\googleupdate.exe => Value deleted successfully.
HKU\Ulysses\Software\Microsoft\Windows\CurrentVersion\Run\\googleupdate => Value deleted successfully.
C:\ProgramData\ProgramData.lnk => Moved successfully.
"C:\ProgramData\ProgramData.lnk" => File/Directory not found.
"C:\ProgramData\ProgramData.lnk" => File/Directory not found.
"C:\Users\All Users\ProgramData.lnk" => File/Directory not found.
C:\_OTL\_OTL.lnk => Moved successfully.

==== End of Fixlog ====

OTL logfile created on: 2/25/2014 8:34:23 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ulysses\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 13.18 Gb Available Physical Memory | 82.59% Memory free
31.90 Gb Paging File | 28.69 Gb Available in Paging File | 89.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.37 Gb Total Space | 73.97 Gb Free Space | 31.03% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 4.66 Gb Free Space | 0.50% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 201.18 Gb Free Space | 21.60% Space Free | Partition Type: NTFS
Drive K: | 1.88 Gb Total Space | 0.08 Gb Free Space | 4.40% Space Free | Partition Type: FAT
Drive Z: | 465.76 Gb Total Space | 106.23 Gb Free Space | 22.81% Space Free | Partition Type: NTFS

Computer Name: ULYSSES-PC | User Name: Ulysses | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/15 08:22:37 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/02/09 00:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/02/05 07:57:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ulysses\Downloads\Programs\OTL.exe
PRC - [2014/02/02 08:15:32 | 000,650,816 | ---- | M] (MyCity) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe
PRC - [2014/01/21 10:56:25 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/01/21 10:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/12/20 16:45:32 | 000,807,696 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013/12/20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2013/12/20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2013/12/20 16:43:44 | 000,367,376 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2013/12/20 16:43:34 | 000,261,392 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2013/12/20 16:43:30 | 000,377,616 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/13 18:00:19 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/11/28 19:12:40 | 004,580,256 | ---- | M] (Samsung Electronics.) -- C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
PRC - [2013/11/16 19:27:16 | 000,900,440 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ulysses\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/08/14 07:59:52 | 005,537,136 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2013/07/10 14:23:10 | 001,694,080 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
PRC - [2013/06/20 17:56:56 | 003,604,048 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2013/05/30 11:40:32 | 000,122,984 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2013/05/30 11:36:38 | 000,016,000 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
PRC - [2012/12/12 21:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2012/10/10 13:32:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/10/10 13:31:28 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/10/10 13:31:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/10/10 13:31:27 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2012/09/27 16:08:08 | 000,989,352 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012/09/27 16:04:44 | 001,087,648 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012/09/27 16:02:40 | 001,279,120 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2012/08/20 13:43:20 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2012/08/08 18:17:52 | 003,101,056 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
PRC - [2012/08/07 13:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/08/01 16:39:04 | 001,112,064 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/07/23 16:34:28 | 001,190,400 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
PRC - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/01 17:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/06/01 17:42:18 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2012/05/25 12:12:57 | 001,475,744 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
PRC - [2012/05/21 00:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/05/03 12:17:36 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2012/04/13 12:19:00 | 000,138,032 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2012/04/13 12:18:58 | 001,645,360 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Acer Display\eDisplay Management\dthtml.exe
PRC - [2012/04/13 11:32:10 | 000,113,456 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/02/02 15:20:32 | 000,889,984 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
PRC - [2012/02/01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2010/11/21 11:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
PRC - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
PRC - [2010/04/12 16:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE


========== Modules (No Company Name) ==========

MOD - [2014/02/15 08:22:36 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/02/13 17:10:49 | 001,837,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\31e2163a39db7732f63a4c8bdb818f7a\Microsoft.VisualBasic.ni.dll
MOD - [2014/02/13 17:10:24 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.Xaml.ni.dll
MOD - [2014/02/13 17:10:19 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\9ec8060dd7bfb448f298dcd12d547062\System.Runtime.Remoting.ni.dll
MOD - [2014/02/13 17:10:18 | 002,659,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\be0a1bb51a0d8fb41140c8111ed56d19\System.Runtime.Serialization.ni.dll
MOD - [2014/02/13 17:10:18 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\cd626ecab8e1657628451408aba720cd\System.Runtime.DurableInstancing.ni.dll
MOD - [2014/02/13 17:10:18 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\88aec4231adca9f5a4226c83911c4dad\SMDiagnostics.ni.dll
MOD - [2014/02/13 17:09:09 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\789574f9ced0fc11cec5ef55dda5073b\IAStorUtil.ni.dll
MOD - [2014/02/13 17:09:03 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\915e4f5b54284e391cfeb608d4aa21fd\JSON.ni.dll
MOD - [2014/02/13 17:08:58 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\e173f105ae8da52706f58b9ce09c3a4d\HD-Agent.ni.exe
MOD - [2014/02/13 16:58:02 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll
MOD - [2014/02/13 16:57:59 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014/02/13 16:57:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/13 16:57:43 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/13 16:57:34 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/13 16:57:33 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/13 16:57:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/13 16:57:30 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/02/13 16:30:14 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\880358291baf3043e07b2a7c2f401c85\PresentationFramework.ni.dll
MOD - [2014/02/13 16:30:07 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\db591e35967527b7b864124303dea13a\PresentationCore.ni.dll
MOD - [2014/02/13 16:30:05 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2781e84862746a34f026d0ee179eed2b\System.Windows.Forms.ni.dll
MOD - [2014/02/13 16:30:03 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\354a5906fd46f4374f86916debf3ebcb\System.Core.ni.dll
MOD - [2014/02/13 16:30:01 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014/02/13 16:30:01 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dc74ab189aa9b156581a7228866d3330\WindowsBase.ni.dll
MOD - [2014/02/13 16:30:01 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4bfb0decf7cfe076020f64ee6dd007cc\PresentationFramework.Aero.ni.dll
MOD - [2014/02/13 16:30:00 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014/02/13 16:29:59 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014/02/13 16:29:59 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\991c4e11f571a4074b9c4a5841222338\System.Configuration.ni.dll
MOD - [2014/02/13 16:29:56 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2013/11/28 19:00:00 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SMINI.dll
MOD - [2013/11/28 18:59:54 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SATA.dll
MOD - [2013/11/28 18:59:50 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAT.dll
MOD - [2013/11/28 18:59:24 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAS.dll
MOD - [2013/11/28 18:59:20 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\PAL.dll
MOD - [2013/11/28 12:14:32 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll
MOD - [2012/08/08 16:45:52 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
MOD - [2012/07/31 15:21:32 | 000,152,064 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
MOD - [2012/07/25 09:56:42 | 001,124,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2012/07/05 12:05:48 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2012/06/19 12:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/05/28 21:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012/05/25 10:33:10 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/05/17 18:57:12 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2012/04/13 12:18:54 | 000,121,648 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2012/04/13 11:56:12 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2012/03/21 12:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/02/10 11:29:44 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/08/23 10:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
MOD - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/21 10:55:35 | 016,939,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/05/27 13:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/09 02:30:42 | 000,359,664 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/02/21 21:08:48 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/15 08:22:36 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/02/09 00:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/01/21 10:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/12/20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013/12/20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/05/30 11:36:38 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/10/10 13:32:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/10/10 13:31:34 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/10/10 13:31:29 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012/10/10 13:31:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/10/10 13:31:27 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/01 17:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/06/01 17:42:18 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2012/05/25 12:12:57 | 001,475,744 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/04/13 12:19:00 | 000,138,032 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2012/04/13 11:32:10 | 000,113,456 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/28 02:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/28 21:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/05/25 23:00:14 | 000,168,288 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2013/01/03 16:17:48 | 000,043,400 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2013/01/03 16:17:38 | 000,077,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/01/03 16:17:38 | 000,061,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/10/10 14:05:29 | 000,140,936 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avfwot.sys -- (avfwot)
DRV:64bit: - [2012/10/10 14:05:29 | 000,114,168 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avfwim.sys -- (avfwim)
DRV:64bit: - [2012/09/27 13:59:38 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/09/27 13:59:38 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/09/27 13:59:38 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/08/23 22:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 22:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 22:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/20 10:38:12 | 000,416,072 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2012/08/20 10:38:12 | 000,138,568 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 07:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/12 22:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/05/31 11:06:14 | 000,032,400 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012/05/21 00:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/05/21 00:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/05/21 00:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/05/17 18:57:06 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2012/04/13 11:31:32 | 000,020,784 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2012/03/25 17:55:22 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/16 15:12:58 | 000,032,360 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/12 16:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/12/20 16:44:10 | 000,114,448 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 6F 4A 9A 97 2E CF 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {1473C9E8-686A-404A-96C9-670502D1B994}
IE - HKCU\..\SearchScopes\{1473C9E8-686A-404A-96C9-670502D1B994}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/05/18 16:29:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/12/13 18:00:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/12/13 18:00:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/02/15 08:22:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Ulysses\AppData\Roaming\IDM\idmmzcc5 [2013/06/24 00:15:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/02/15 08:22:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Ulysses\AppData\Roaming\IDM\idmmzcc5 [2013/06/24 00:15:10 | 000,000,000 | ---D | M]

[2013/05/13 12:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ulysses\AppData\Roaming\Mozilla\Extensions
[2014/02/15 08:22:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/15 08:22:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Logitech SetPoint = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0\
CHR - Extension: RealDownloader = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: IDM Integration = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.16.3_0\
CHR - Extension: Google Wallet = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Ulysses\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/11 05:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [DT ACR] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe (Portrait Displays, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log File not found
O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKCU..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O4 - HKCU..\Run: [uTorrent] C:\Users\Ulysses\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Ulysses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://myoffice.smr...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70728077-7349-4EF2-BD1A-0402E611A4FB}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (c:\windows\syswow64\appinit_dll.dll) - c:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/04/06 13:34:25 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /k:C *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/22 20:27:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/02/22 12:49:58 | 000,000,000 | ---D | C] -- C:\FRST
[2014/02/17 19:15:43 | 000,000,000 | ---D | C] -- C:\Users\Ulysses\Desktop\Old Firefox Data
[2014/02/15 08:22:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/02/15 00:29:22 | 000,000,000 | ---D | C] -- C:\Users\Ulysses\AppData\Local\Adobe
[2014/02/11 14:07:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/02/11 13:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
[2014/02/11 13:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\MCShield
[2014/02/11 13:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MCShield

========== Files - Modified Within 30 Days ==========

[2014/02/25 08:32:58 | 000,000,606 | ---- | M] () -- C:\Windows\tasks\MATLAB R2013a Startup Accelerator.job
[2014/02/25 08:32:51 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/25 08:32:40 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/02/25 08:32:38 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/25 08:32:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/25 08:32:36 | 4257,320,958 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/25 08:28:30 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/25 08:28:30 | 000,660,296 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/25 08:28:30 | 000,121,224 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/25 08:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/25 07:26:14 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/25 07:26:14 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/14 20:58:44 | 000,064,863 | ---- | M] () -- C:\Users\Ulysses\Desktop\Homefront.2013.HDRip.XviD-ViP3R.srt
[2014/02/13 21:38:08 | 001,372,968 | ---- | M] () -- C:\Users\Ulysses\Documents\IMG_20140213_0001.jpg
[2014/02/13 16:31:38 | 000,773,030 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/09 02:34:51 | 000,024,544 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014/02/06 01:52:50 | 003,573,739 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/02/02 18:31:42 | 000,136,771 | ---- | M] () -- C:\Users\Ulysses\Desktop\Khal Nayak 1993 Hindi 720p DvDrip x264 AC3...Hon3y.srt
[2014/01/29 08:00:18 | 000,125,110 | ---- | M] () -- C:\Users\Ulysses\Desktop\Firestorm.2013.720p.HDRip.x264.Ganool.srt

========== Files Created - No Company Name ==========

[2014/02/22 21:33:59 | 000,136,771 | ---- | C] () -- C:\Users\Ulysses\Desktop\Khal Nayak 1993 Hindi 720p DvDrip x264 AC3...Hon3y.srt
[2014/02/20 20:58:53 | 000,125,110 | ---- | C] () -- C:\Users\Ulysses\Desktop\Firestorm.2013.720p.HDRip.x264.Ganool.srt
[2014/02/19 20:20:39 | 000,078,185 | ---- | C] () -- C:\Users\Ulysses\Desktop\Lone.Survivor.2013.DVDScr.650MB.Ganool.srt
[2014/02/16 21:44:31 | 000,064,863 | ---- | C] () -- C:\Users\Ulysses\Desktop\Homefront.2013.HDRip.XviD-ViP3R.srt
[2014/02/13 21:38:08 | 001,372,968 | ---- | C] () -- C:\Users\Ulysses\Documents\IMG_20140213_0001.jpg
[2014/01/12 20:11:37 | 000,000,579 | ---- | C] () -- C:\Users\Ulysses\World of Our Own.pls
[2013/10/15 12:02:57 | 000,001,971 | ---- | C] () -- C:\Users\Ulysses\Wali - 3 in 1 (2012).pls
[2013/10/12 13:44:44 | 000,001,467 | ---- | C] () -- C:\Users\Ulysses\Ada Band - Masa Demi Masa (2013).pls
[2013/10/12 13:44:24 | 000,001,072 | ---- | C] () -- C:\Users\Ulysses\Zivilia - Trilogy (2013).pls
[2013/09/27 14:46:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2013/09/27 14:33:40 | 000,000,017 | ---- | C] () -- C:\Users\Ulysses\AppData\Local\resmon.resmoncfg
[2013/09/12 21:17:52 | 000,000,417 | ---- | C] () -- C:\Users\Ulysses\A to Z.pls
[2013/08/04 19:33:40 | 000,773,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/24 12:19:37 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/05/11 16:40:33 | 000,007,432 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys
[2013/05/11 16:17:34 | 000,015,232 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/05/11 16:17:33 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/05/11 15:56:08 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/05/11 15:56:04 | 000,045,558 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/04/20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 10:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 09:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 11:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/21 17:58:13 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Canon
[2013/05/11 16:41:39 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\DisplayTune
[2014/02/25 08:29:12 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\DMCache
[2014/02/05 08:05:08 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\IDM
[2013/05/13 12:35:10 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Juniper Networks
[2013/05/18 16:29:40 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Leadertech
[2014/02/24 21:56:47 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\MediaMonkey
[2013/08/06 17:07:04 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\PDF Labs
[2013/09/27 13:21:22 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Seagate
[2013/06/23 13:00:43 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Sports Interactive
[2013/07/17 17:09:15 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\Subversion
[2014/02/25 08:36:56 | 000,000,000 | ---D | M] -- C:\Users\Ulysses\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Edited by xxmaxixx, 24 February 2014 - 06:38 PM.

  • 0

#15
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey,
It seems to me that the infection is gone. Are the malicious shortcuts still present? How is your computer running? Any other problems?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP